Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kamal v2 #566

Merged
merged 12 commits into from
Oct 1, 2024
Merged

Kamal v2 #566

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
2ee1eeb
Kamal 1.9
EmilioCristalli Sep 30, 2024
9a33415
Kamal 2
EmilioCristalli Sep 30, 2024
9f7e47b
Remove unsupported healthcheck config
EmilioCristalli Sep 30, 2024
439b865
Remove unsupported traefik config
EmilioCristalli Sep 30, 2024
82f7fbb
builder: unknown key: multiarch
EmilioCristalli Sep 30, 2024
c1e1031
Config proxy
EmilioCristalli Sep 30, 2024
8c432df
Ignore kamal secrets
EmilioCristalli Sep 30, 2024
8557dda
Add secrets to Github Action
EmilioCristalli Sep 30, 2024
c621223
Configure app port
EmilioCristalli Sep 30, 2024
0733340
Generate secrets for destination
EmilioCristalli Sep 30, 2024
9109a27
Disable ssl
EmilioCristalli Sep 30, 2024
52ac718
Fix GHA secrets
EmilioCristalli Oct 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@
/.env*
!/.env*.erb

/.kamal/secrets*

# Ignore all default key files.
/config/master.key
/config/credentials/*.key
Expand Down
14 changes: 14 additions & 0 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@ on:
required: true
AWS_SECRET_ACCESS_KEY:
required: true
RAILS_MASTER_KEY:
required: true
DATABASE_URL:
required: true
SECRET_KEY_BASE:
required: true

jobs:
deploy:
Expand Down Expand Up @@ -55,5 +61,13 @@ jobs:
- name: Expose GitHub Runtime for cache
uses: crazy-max/ghaction-github-runtime@v3

- name: Generate kamal secrets
run: |
cat <<EOT >> .kamal/secrets.${{ inputs.destination }}
RAILS_MASTER_KEY=${{secrets.RAILS_MASTER_KEY}}
DATABASE_URL=${{secrets.DATABASE_URL}}
SECRET_KEY_BASE=${{secrets.SECRET_KEY_BASE}}
EOT

- name: Run deploy command
run: bundle exec kamal deploy -d ${{ inputs.destination }}
3 changes: 3 additions & 0 deletions .github/workflows/production_deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,6 @@ jobs:
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
RAILS_MASTER_KEY: ${{ secrets.PRODUCTION_RAILS_MASTER_KEY }}
DATABASE_URL: ${{ secrets.PRODUCTION_DATABASE_URL }}
SECRET_KEY_BASE: ${{ secrets.PRODUCTION_SECRET_KEY_BASE }}
3 changes: 3 additions & 0 deletions .github/workflows/staging_deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,6 @@ jobs:
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
RAILS_MASTER_KEY: ${{ secrets.PRODUCTION_RAILS_MASTER_KEY }}
DATABASE_URL: ${{ secrets.PRODUCTION_DATABASE_URL }}
SECRET_KEY_BASE: ${{ secrets.PRODUCTION_SECRET_KEY_BASE }}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Acá no debería ser STAGING_ el prefijo de las variables de entorno?

2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@
/.env*
!/.env*.erb

/.kamal/secrets*

# Ignore all logfiles and tempfiles.
/log/*
/tmp/*
Expand Down
2 changes: 1 addition & 1 deletion Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ gem 'stimulus-rails', '~> 1.3'
gem 'turbo-rails', '~> 2.0'

group :development, :deploy do
gem 'kamal', '~> 1.8'
gem 'kamal'
end

group :development, :test do
Expand Down
10 changes: 5 additions & 5 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ GEM
responders
warden (~> 1.2.3)
diff-lcs (1.5.1)
dotenv (2.8.1)
dotenv (3.1.4)
drb (2.2.1)
ed25519 (1.3.0)
erubi (1.13.0)
Expand Down Expand Up @@ -138,16 +138,16 @@ GEM
json (2.7.2)
jwt (2.9.0)
base64
kamal (1.8.3)
kamal (2.0.0)
activesupport (>= 7.0)
base64 (~> 0.2)
bcrypt_pbkdf (~> 1.0)
concurrent-ruby (~> 1.2)
dotenv (~> 2.8)
dotenv (~> 3.1)
ed25519 (~> 1.2)
net-ssh (~> 7.0)
sshkit (>= 1.23.0, < 2.0)
thor (~> 1.2)
thor (~> 1.3)
zeitwerk (~> 2.5)
language_server-protocol (3.17.0.3)
launchy (3.0.0)
Expand Down Expand Up @@ -391,7 +391,7 @@ DEPENDENCIES
devise (~> 4.9)
factory_bot_rails (~> 6.4)
importmap-rails (~> 2.0)
kamal (~> 1.8)
kamal
letter_opener (~> 1.10)
omniauth (~> 2.1)
omniauth-google-oauth2 (~> 1.2)
Expand Down
10 changes: 4 additions & 6 deletions config/deploy.production.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,11 @@
proxy:
host: micarrera.uy,fing.micarrera.uy,www.micarrera.uy
app_port: 3000

servers:
web:
hosts:
- 3.233.189.168
labels:
traefik.http.routers.micarrera-web-production.rule: Host(`micarrera.uy`) || Host(`fing.micarrera.uy`) || Host(`www.micarrera.uy`)
traefik.http.routers.micarrera_secure-web-production.entrypoints: websecure
traefik.http.routers.micarrera_secure-web-production.rule: Host(`micarrera.uy`) || Host(`fing.micarrera.uy`) || Host(`www.micarrera.uy`)
traefik.http.routers.micarrera_secure-web-production.tls: true
traefik.http.routers.micarrera_secure-web-production.tls.certresolver: letsencrypt
options:
memory: 500MiB

Expand Down
10 changes: 4 additions & 6 deletions config/deploy.staging.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,11 @@
proxy:
host: staging.micarrera.uy
app_port: 3000

servers:
web:
hosts:
- 3.233.189.168
labels:
traefik.http.routers.micarrera-web-staging.rule: Host(`staging.micarrera.uy`)
traefik.http.routers.micarrera_secure-web-staging.entrypoints: websecure
traefik.http.routers.micarrera_secure-web-staging.rule: Host(`staging.micarrera.uy`)
traefik.http.routers.micarrera_secure-web-staging.tls: true
traefik.http.routers.micarrera_secure-web-staging.tls.certresolver: letsencrypt
options:
memory: 250MiB

Expand Down
24 changes: 1 addition & 23 deletions config/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,29 +15,7 @@ env:
ssh:
user: ubuntu

healthcheck:
interval: 30s
max_attempts: 14

builder:
multiarch: false
arch: amd64
cache:
type: gha

traefik:
options:
publish:
- "443:443"
volume:
- "/home/ubuntu/letsencrypt/acme.json:/letsencrypt/acme.json"
args:
accesslog: true
entryPoints.web.address: ":80"
entryPoints.websecure.address: ":443"
entryPoints.web.http.redirections.entryPoint.to: websecure
entryPoints.web.http.redirections.entryPoint.scheme: https
entryPoints.web.http.redirections.entrypoint.permanent: true
certificatesResolvers.letsencrypt.acme.email: "letsencrypt@cedarcode.com"
certificatesResolvers.letsencrypt.acme.storage: "/letsencrypt/acme.json"
certificatesResolvers.letsencrypt.acme.httpchallenge: true
certificatesResolvers.letsencrypt.acme.httpchallenge.entrypoint: web