From 59a7f646ac9891c92cab9b6576014e491c97ac02 Mon Sep 17 00:00:00 2001 From: Marcus Bohessef Date: Mon, 22 Dec 2025 20:21:50 -0300 Subject: [PATCH] ajuste no drone --- .drone.yml | 164 ++++++++++++++++--------- k8s/hml/backoffice-deployment-hml.yaml | 35 ++++++ k8s/hml/backoffice-ingress-hml.yaml | 27 ++++ k8s/hml/backoffice-service-hml.yaml | 13 ++ k8s/prd/backoffice-deployment.yaml | 35 ++++++ k8s/prd/backoffice-ingress-dev.yaml | 27 ++++ k8s/prd/backoffice-service.yaml | 13 ++ 7 files changed, 254 insertions(+), 60 deletions(-) create mode 100644 k8s/hml/backoffice-deployment-hml.yaml create mode 100644 k8s/hml/backoffice-ingress-hml.yaml create mode 100644 k8s/hml/backoffice-service-hml.yaml create mode 100644 k8s/prd/backoffice-deployment.yaml create mode 100644 k8s/prd/backoffice-ingress-dev.yaml create mode 100644 k8s/prd/backoffice-service.yaml diff --git a/.drone.yml b/.drone.yml index 36e58a2..ffb3c5e 100644 --- a/.drone.yml +++ b/.drone.yml @@ -17,34 +17,24 @@ steps: settings: registry: in.gohorsejobs.com repo: in.gohorsejobs.com/gohorsejobsdev/gohorsejobs-backend - tags: - - latest - - ${DRONE_COMMIT_SHA:0:8} + tags: [ latest, "${DRONE_COMMIT_SHA:0:8}" ] context: backend dockerfile: backend/Dockerfile insecure: true - insecure_skip_verify: true - username: - from_secret: HARBOR_USERNAME - password: - from_secret: HARBOR_PASSWORD + username: { from_secret: HARBOR_USERNAME } + password: { from_secret: HARBOR_PASSWORD } - name: build-and-push-backoffice image: plugins/docker:latest settings: registry: in.gohorsejobs.com - # Enviando para o novo projeto no Harbor repo: in.gohorsejobs.com/gohorsejobs-backoffice-dev/backoffice - tags: - - latest - - ${DRONE_COMMIT_SHA:0:8} + tags: [ latest, "${DRONE_COMMIT_SHA:0:8}" ] context: backoffice dockerfile: backoffice/Dockerfile insecure: true - username: - from_secret: HARBOR_USERNAME - password: - from_secret: HARBOR_PASSWORD + username: { from_secret: HARBOR_USERNAME } + password: { from_secret: HARBOR_PASSWORD } - name: export-envs-to-k8s image: bitnami/kubectl:latest @@ -64,13 +54,13 @@ steps: JWT_SECRET: { from_secret: JWT_SECRET } MAX_UPLOAD_CAD_SIZE: { from_secret: MAX_UPLOAD_SIZE } PORT: { from_secret: PORT } - S3_BUCKET: { from_secret: S3_BUCKET } + S3_BUCKET: { from_secret: S3_BUCKET_DEV } UPLOAD_DIR: { from_secret: UPLOAD_DIR } - STRIPE_SECRET_KEY: { from_secret: STRIPE_SECRET_KEY } - STRIPE_WEBHOOK_SECRET: { from_secret: STRIPE_WEBHOOK_SECRET } - STRIPE_PUBLISHABLE_KEY: { from_secret: STRIPE_PUBLISHABLE_KEY } - WEBHOOK_BASE_URL: { from_secret: WEBHOOK_BASE_URL } - DATABASE_URL: { from_secret: DATABASE_URL } + STRIPE_SECRET_KEY: { from_secret: STRIPE_SECRET_KEY_DEV } + STRIPE_WEBHOOK_SECRET: { from_secret: STRIPE_WEBHOOK_SECRET_DEV } + STRIPE_PUBLISHABLE_KEY: { from_secret: STRIPE_PUBLISHABLE_KEY_DEV } + WEBHOOK_BASE_URL: { from_secret: WEBHOOK_BASE_URL_DEV } + DATABASE_URL: { from_secret: DATABASE_URL_DEV } CLOUDFLARE_API_TOKEN: { from_secret: CLOUDFLARE_API_TOKEN } CLOUDFLARE_ZONE_ID: { from_secret: CLOUDFLARE_ZONE_ID } CPANEL_HOST: { from_secret: CPANEL_HOST } @@ -113,16 +103,13 @@ steps: - name: deploy-apps image: bitnami/kubectl:latest commands: - # Deploy Backend - kubectl apply -f k8s/dev/backend-deployment.yaml - kubectl apply -f k8s/dev/backend-service.yaml - kubectl apply -f k8s/dev/backend-ingress-dev.yaml - - kubectl rollout restart deployment/gohorse-backend -n gohorsejobsdev - - # Deploy Backoffice (Certifique-se que os arquivos existam nestes caminhos) - kubectl apply -f k8s/dev/backoffice-deployment.yaml - kubectl apply -f k8s/dev/backoffice-service.yaml - kubectl apply -f k8s/dev/backoffice-ingress-dev.yaml + - kubectl rollout restart deployment/gohorse-backend -n gohorsejobsdev - kubectl rollout restart deployment/gohorse-backoffice -n gohorsejobsdev --- @@ -145,17 +132,24 @@ steps: settings: registry: in.gohorsejobs.com repo: in.gohorsejobs.com/gohorsejobshml/gohorsejobs-backend - tags: - - latest - - ${DRONE_COMMIT_SHA:0:8} + tags: [ latest, "${DRONE_COMMIT_SHA:0:8}" ] context: backend dockerfile: backend/Dockerfile insecure: true - insecure_skip_verify: true - username: - from_secret: HARBOR_USERNAME - password: - from_secret: HARBOR_PASSWORD + username: { from_secret: HARBOR_USERNAME } + password: { from_secret: HARBOR_PASSWORD } + + - name: build-and-push-backoffice + image: plugins/docker:latest + settings: + registry: in.gohorsejobs.com + repo: in.gohorsejobs.com/gohorsejobs-backoffice-hml/backoffice + tags: [ latest, "${DRONE_COMMIT_SHA:0:8}" ] + context: backoffice + dockerfile: backoffice/Dockerfile + insecure: true + username: { from_secret: HARBOR_USERNAME } + password: { from_secret: HARBOR_PASSWORD } - name: export-envs-to-k8s image: bitnami/kubectl:latest @@ -164,20 +158,29 @@ steps: AWS_ENDPOINT: { from_secret: AWS_ENDPOINT } AWS_REGION: { from_secret: AWS_REGION } AWS_SECRET_ACCESS_KEY: { from_secret: AWS_SECRET_ACCESS_KEY } - CORS_ORIGINS: { from_secret: CORS_ORIGINS_HML } DB_HOST: { from_secret: DB_HOST } DB_NAME: { from_secret: DB_NAME_HML } DB_PASSWORD: { from_secret: DB_PASSWORD } DB_PORT: { from_secret: DB_PORT } DB_SSLMODE: { from_secret: DB_SSLMODE } DB_USER: { from_secret: DB_USER } - ENV: "homologation" + ENV: { from_secret: ENV_DEV } + CORS_ORIGINS: { from_secret: CORS_ORIGINS_HML } JWT_SECRET: { from_secret: JWT_SECRET } - MAX_UPLOAD_CAD_SIZE: { from_secret: MAX_UPLOAD_CAD_SIZE } + MAX_UPLOAD_CAD_SIZE: { from_secret: MAX_UPLOAD_SIZE } PORT: { from_secret: PORT } - S3_BUCKET: { from_secret: S3_BUCKET } + S3_BUCKET: { from_secret: S3_BUCKET_HML } UPLOAD_DIR: { from_secret: UPLOAD_DIR } - + STRIPE_SECRET_KEY: { from_secret: STRIPE_SECRET_KEY_HML } + STRIPE_WEBHOOK_SECRET: { from_secret: STRIPE_WEBHOOK_SECRET_HML } + STRIPE_PUBLISHABLE_KEY: { from_secret: STRIPE_PUBLISHABLE_KEY_HML } + WEBHOOK_BASE_URL: { from_secret: WEBHOOK_BASE_URL_HML } + DATABASE_URL: { from_secret: DATABASE_URL_HML } + CLOUDFLARE_API_TOKEN: { from_secret: CLOUDFLARE_API_TOKEN } + CLOUDFLARE_ZONE_ID: { from_secret: CLOUDFLARE_ZONE_ID } + CPANEL_HOST: { from_secret: CPANEL_HOST } + CPANEL_USERNAME: { from_secret: CPANEL_USERNAME } + CPANEL_API_TOKEN: { from_secret: CPANEL_API_TOKEN } commands: - | cat < .env.k8s @@ -198,19 +201,31 @@ steps: PORT=$PORT S3_BUCKET=$S3_BUCKET UPLOAD_DIR=$UPLOAD_DIR + STRIPE_SECRET_KEY=$STRIPE_SECRET_KEY + STRIPE_WEBHOOK_SECRET=$STRIPE_WEBHOOK_SECRET + STRIPE_PUBLISHABLE_KEY=$STRIPE_PUBLISHABLE_KEY + WEBHOOK_BASE_URL=$WEBHOOK_BASE_URL + DATABASE_URL=$DATABASE_URL + CLOUDFLARE_API_TOKEN=$CLOUDFLARE_API_TOKEN + CLOUDFLARE_ZONE_ID=$CLOUDFLARE_ZONE_ID + CPANEL_HOST=$CPANEL_HOST + CPANEL_USERNAME=$CPANEL_USERNAME + CPANEL_API_TOKEN=$CPANEL_API_TOKEN EOF - - kubectl -n gohorsejobshml delete secret backend-secrets --ignore-not-found - kubectl -n gohorsejobshml create secret generic backend-secrets --from-env-file=.env.k8s - - name: deploy-backend + - name: deploy-apps image: bitnami/kubectl:latest commands: - - kubectl get pods -n gohorsejobshml - kubectl apply -f k8s/hml/backend-deployment.yaml - kubectl apply -f k8s/hml/backend-service.yaml - - kubectl apply -f k8s/dev/backend-ingress-hml.yaml + - kubectl apply -f k8s/hml/backend-ingress-hml.yaml + - kubectl apply -f k8s/hml/backoffice-deployment-hml.yaml + - kubectl apply -f k8s/hml/backoffice-service-hml.yaml + - kubectl apply -f k8s/hml/backoffice-ingress-hml.yaml - kubectl rollout restart deployment/gohorse-backend -n gohorsejobshml + - kubectl rollout restart deployment/gohorse-backoffice -n gohorsejobshml --- # ═══════════════════════════════════════════════════════════════════════════════ @@ -232,17 +247,24 @@ steps: settings: registry: in.gohorsejobs.com repo: in.gohorsejobs.com/gohorsejobs/gohorsejobs-backend - tags: - - latest - - ${DRONE_COMMIT_SHA:0:8} + tags: [ latest, "${DRONE_COMMIT_SHA:0:8}" ] context: backend dockerfile: backend/Dockerfile insecure: true - insecure_skip_verify: true - username: - from_secret: HARBOR_USERNAME - password: - from_secret: HARBOR_PASSWORD + username: { from_secret: HARBOR_USERNAME } + password: { from_secret: HARBOR_PASSWORD } + + - name: build-and-push-backoffice + image: plugins/docker:latest + settings: + registry: in.gohorsejobs.com + repo: in.gohorsejobs.com/gohorsejobs/backoffice + tags: [ latest, "${DRONE_COMMIT_SHA:0:8}" ] + context: backoffice + dockerfile: backoffice/Dockerfile + insecure: true + username: { from_secret: HARBOR_USERNAME } + password: { from_secret: HARBOR_PASSWORD } - name: export-envs-to-k8s image: bitnami/kubectl:latest @@ -251,20 +273,29 @@ steps: AWS_ENDPOINT: { from_secret: AWS_ENDPOINT } AWS_REGION: { from_secret: AWS_REGION } AWS_SECRET_ACCESS_KEY: { from_secret: AWS_SECRET_ACCESS_KEY } - CORS_ORIGINS: { from_secret: CORS_ORIGINS } DB_HOST: { from_secret: DB_HOST } - DB_NAME: { from_secret: DB_NAME } + DB_NAME: { from_secret: DB_NAME_PRD } DB_PASSWORD: { from_secret: DB_PASSWORD } DB_PORT: { from_secret: DB_PORT } DB_SSLMODE: { from_secret: DB_SSLMODE } DB_USER: { from_secret: DB_USER } - ENV: "production" + ENV: { from_secret: ENV_PRD } + CORS_ORIGINS: { from_secret: CORS_ORIGINS_PRD } JWT_SECRET: { from_secret: JWT_SECRET } - MAX_UPLOAD_CAD_SIZE: { from_secret: MAX_UPLOAD_CAD_SIZE } + MAX_UPLOAD_CAD_SIZE: { from_secret: MAX_UPLOAD_SIZE } PORT: { from_secret: PORT } - S3_BUCKET: { from_secret: S3_BUCKET } + S3_BUCKET: { from_secret: S3_BUCKET_PRD } UPLOAD_DIR: { from_secret: UPLOAD_DIR } - + STRIPE_SECRET_KEY: { from_secret: STRIPE_SECRET_KEY_PRD } + STRIPE_WEBHOOK_SECRET: { from_secret: STRIPE_WEBHOOK_SECRET_PRD } + STRIPE_PUBLISHABLE_KEY: { from_secret: STRIPE_PUBLISHABLE_KEY_PRD } + WEBHOOK_BASE_URL: { from_secret: WEBHOOK_BASE_URL_PRD } + DATABASE_URL: { from_secret: DATABASE_URL_PRD } + CLOUDFLARE_API_TOKEN: { from_secret: CLOUDFLARE_API_TOKEN } + CLOUDFLARE_ZONE_ID: { from_secret: CLOUDFLARE_ZONE_ID } + CPANEL_HOST: { from_secret: CPANEL_HOST } + CPANEL_USERNAME: { from_secret: CPANEL_USERNAME } + CPANEL_API_TOKEN: { from_secret: CPANEL_API_TOKEN } commands: - | cat < .env.k8s @@ -285,15 +316,28 @@ steps: PORT=$PORT S3_BUCKET=$S3_BUCKET UPLOAD_DIR=$UPLOAD_DIR + STRIPE_SECRET_KEY=$STRIPE_SECRET_KEY + STRIPE_WEBHOOK_SECRET=$STRIPE_WEBHOOK_SECRET + STRIPE_PUBLISHABLE_KEY=$STRIPE_PUBLISHABLE_KEY + WEBHOOK_BASE_URL=$WEBHOOK_BASE_URL + DATABASE_URL=$DATABASE_URL + CLOUDFLARE_API_TOKEN=$CLOUDFLARE_API_TOKEN + CLOUDFLARE_ZONE_ID=$CLOUDFLARE_ZONE_ID + CPANEL_HOST=$CPANEL_HOST + CPANEL_USERNAME=$CPANEL_USERNAME + CPANEL_API_TOKEN=$CPANEL_API_TOKEN EOF - - kubectl -n gohorsejobs delete secret backend-secrets --ignore-not-found - kubectl -n gohorsejobs create secret generic backend-secrets --from-env-file=.env.k8s - - name: deploy-backend + - name: deploy-apps image: bitnami/kubectl:latest commands: - - kubectl get pods -n gohorsejobs - kubectl apply -f k8s/prd/backend-deployment.yaml - kubectl apply -f k8s/prd/backend-service.yaml + - kubectl apply -f k8s/prd/backend-ingress-prd.yaml + - kubectl apply -f k8s/prd/backoffice-deployment.yaml + - kubectl apply -f k8s/prd/backoffice-service.yaml + - kubectl apply -f k8s/prd/backoffice-ingress-prd.yaml - kubectl rollout restart deployment/gohorse-backend -n gohorsejobs + - kubectl rollout restart deployment/gohorse-backoffice -n gohorsejobs \ No newline at end of file diff --git a/k8s/hml/backoffice-deployment-hml.yaml b/k8s/hml/backoffice-deployment-hml.yaml new file mode 100644 index 0000000..fd5404e --- /dev/null +++ b/k8s/hml/backoffice-deployment-hml.yaml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gohorse-backoffice + namespace: gohorsejobshml +spec: + replicas: 1 + selector: + matchLabels: + app: gohorse-backoffice + template: + metadata: + labels: + app: gohorse-backoffice + env: development + spec: + imagePullSecrets: + - name: harbor-registry + containers: + - name: backoffice + # Imagem apontando para o projeto correto no Harbor + image: in.gohorsejobs.com/gohorsejobs-backoffice-hml/backoffice:latest + imagePullPolicy: Always + ports: + - containerPort: 8521 + envFrom: + - secretRef: + name: backend-secrets + resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" \ No newline at end of file diff --git a/k8s/hml/backoffice-ingress-hml.yaml b/k8s/hml/backoffice-ingress-hml.yaml new file mode 100644 index 0000000..a1d930c --- /dev/null +++ b/k8s/hml/backoffice-ingress-hml.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gohorse-backoffice-ingress-dev + namespace: gohorsejobshml + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns + external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + ingressClassName: traefik + rules: + - host: b-hml.gohorsejobs.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gohorse-backoffice-service + port: + number: 3001 + tls: + - hosts: + - b-hml.gohorsejobs.com + secretName: gohorse-backoffice-b-hml-cert \ No newline at end of file diff --git a/k8s/hml/backoffice-service-hml.yaml b/k8s/hml/backoffice-service-hml.yaml new file mode 100644 index 0000000..6b76268 --- /dev/null +++ b/k8s/hml/backoffice-service-hml.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: gohorse-backoffice-service + namespace: gohorsejobshml +spec: + selector: + app: gohorse-backoffice + ports: + - name: http + port: 3001 + targetPort: 8521 + type: ClusterIP \ No newline at end of file diff --git a/k8s/prd/backoffice-deployment.yaml b/k8s/prd/backoffice-deployment.yaml new file mode 100644 index 0000000..1e33218 --- /dev/null +++ b/k8s/prd/backoffice-deployment.yaml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gohorse-backoffice + namespace: gohorsejobs +spec: + replicas: 1 + selector: + matchLabels: + app: gohorse-backoffice + template: + metadata: + labels: + app: gohorse-backoffice + env: development + spec: + imagePullSecrets: + - name: harbor-registry + containers: + - name: backoffice + # Imagem apontando para o projeto correto no Harbor + image: in.gohorsejobs.com/gohorsejobs-backoffice/backoffice:latest + imagePullPolicy: Always + ports: + - containerPort: 8521 + envFrom: + - secretRef: + name: backend-secrets + resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" \ No newline at end of file diff --git a/k8s/prd/backoffice-ingress-dev.yaml b/k8s/prd/backoffice-ingress-dev.yaml new file mode 100644 index 0000000..1a8a6ce --- /dev/null +++ b/k8s/prd/backoffice-ingress-dev.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gohorse-backoffice-ingress-dev + namespace: gohorsejobs + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns + external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + ingressClassName: traefik + rules: + - host: b-prd.gohorsejobs.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gohorse-backoffice-service + port: + number: 3001 + tls: + - hosts: + - b-prd.gohorsejobs.com + secretName: gohorse-backoffice-b-prd-cert \ No newline at end of file diff --git a/k8s/prd/backoffice-service.yaml b/k8s/prd/backoffice-service.yaml new file mode 100644 index 0000000..4f7dfc8 --- /dev/null +++ b/k8s/prd/backoffice-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: gohorse-backoffice-service + namespace: gohorsejobs +spec: + selector: + app: gohorse-backoffice + ports: + - name: http + port: 3001 + targetPort: 8521 + type: ClusterIP \ No newline at end of file