diff --git a/.build/config/local.example.yaml b/.build/config/local.example.yaml new file mode 100644 index 0000000..82e1df7 --- /dev/null +++ b/.build/config/local.example.yaml @@ -0,0 +1,57 @@ +deploy: + env: + - name: KEYCLOAK_BASE_URL + value: + - name: KEYCLOAK_REALM + value: + - name: KEYCLOAK_CLIENT_ID + value: + - name: KEYCLOAK_CLIENT_SECRET + value: + - name: BROKER_HOST + value: + - name: BROKER_PORT + value: + - name: BROKER_USERNAME + value: + - name: BROKER_PASSWORD + value: + - name: SHORTENER_SECRET_KEY + value: + - name: CACHE_ADDRS + value: + - name: CACHE_PASSWORD + value: + - name: DB_HOSTS + value: + - name: DB_PORT + value: + - name: DB_USERNAME + value: + - name: DB_PASSWORD + value: + - name: DB_DBNAME + value: + +env: "local" +host: "0.0.0.0" +port: 8000 + +broker: + notificationsQueueName: "molva-notification" + +cache: + readOnly: false + dialTimeout: 1h + poolSize: 10 + defaultTtl: 1h + rootCaFilePath: "/root/.redis/YandexInternalRootCA.crt" + +s3Storage: + bucket: "molva-staging" + defaultLinkTtl: 1h + +database: + schema: test_schema + sslmode: require + rootCaFilePath: "/root/.redis/YandexInternalRootCA.crt" diff --git a/.build/config/production.yaml b/.build/config/production.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.build/config/staging.yaml b/.build/config/staging.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..0148b9a --- /dev/null +++ b/.dockerignore @@ -0,0 +1,10 @@ +bin/ +code-quality-report.json +.gitea/ +.gitignore +.git/ +.DS_Store +dist/ +*.md +*.yml +*.yaml \ No newline at end of file diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml new file mode 100644 index 0000000..44bb7a7 --- /dev/null +++ b/.gitea/workflows/ci.yaml @@ -0,0 +1,86 @@ +name: Go Linter + +on: + pull_request: + branches: + - master + push: + branches: + - master + +jobs: + lint: + name: Run golangci-lint + runs-on: ubuntu-22.04 + + strategy: + matrix: + project: + - api_gateway + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: 1.23 + + - name: Install golangci-lint + run: | + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 + + - name: Run golangci-lint + run: | + go mod tidy + golangci-lint run -c ./.golangci-lint.yaml --fix=false --color=always + + build: + name: Build golang services + runs-on: ubuntu-22.04 + needs: lint + + strategy: + matrix: + project: + - api_gateway + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: 1.23 + + - name: Build golang services + run: | + go mod tidy + CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o main cmd/main.go + + push: + name: Push Docker Images + runs-on: ubuntu-22.04 + needs: lint + if: gitea.ref == 'refs/heads/master' + + strategy: + matrix: + project: + - api_gateway + + steps: + - name: Checkout репозитория + uses: actions/checkout@v4 + + - name: Build and Push + env: + SECDIST_CONFIG: ${{ secrets.FMT_CRM_SECDIST_CONFIG }} + run: | + echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin + IMAGE_NAME="molvaapp/${{ matrix.project }}" + TAG="latest" + docker build -t $IMAGE_NAME:$TAG . + docker push $IMAGE_NAME:$TAG \ No newline at end of file diff --git a/.gitea/workflows/deploy_prod.yaml b/.gitea/workflows/deploy_prod.yaml new file mode 100644 index 0000000..c6e7c3a --- /dev/null +++ b/.gitea/workflows/deploy_prod.yaml @@ -0,0 +1,25 @@ +name: Deploy Production + +on: + push: + branches: [master, release] + pull_request: + branches: [master, release] + +jobs: + deploy_to_staging: + name: Deploy to Staging + runs-on: ubuntu-22.04 + if: ${{ gitea.ref == 'refs/heads/release' }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Manual Approval Step + run: echo "Ручное подтверждение получено. Запуск деплоя..." + + - name: Deployment Script (Заглушка) + run: | + echo "Здесь будет скрипт деплоя на staging" + # TODO: Реальный скрипт деплоя + echo "Симуляция деплоя..." \ No newline at end of file diff --git a/.gitea/workflows/deploy_staging.yaml b/.gitea/workflows/deploy_staging.yaml new file mode 100644 index 0000000..2079ec9 --- /dev/null +++ b/.gitea/workflows/deploy_staging.yaml @@ -0,0 +1,120 @@ +name: Deploy Staging + +on: + workflow_dispatch: + inputs: + environment: + description: Environment to deploy to + required: true + default: staging + version: + description: Version to deploy (default: latest) + required: false + default: latest + type: choice + options: + - latest + logLevel: + description: Log level + required: false + default: info + type: choice + options: + - info + - debug + - warning + +jobs: + get_available_versions: + name: Get available versions + runs-on: ubuntu-22.04 + outputs: + version_options: ${{ steps.get_versions.outputs.version_options }} + steps: + - name: Get available versions from Docker Registry + id: get_versions + env: + REGISTRY: docker.io + REPO: molva-backend + run: | + TOKEN=$(curl -s -u "${{ secrets.DOCKER_USERNAME }}:${{ secrets.DOCKER_PASSWORD }}" \ + "https://$REGISTRY/v2/token?service=$REGISTRY&scope=repository:$REPO:pull" | jq -r .token) + + TAGS=$(curl -s -H "Authorization: Bearer $TOKEN" \ + "https://$REGISTRY/v2/$REPO/tags/list" | jq -r '.tags[] | select(. != "latest")' | sort -rV | head -10 | tr '\n' ',') + + echo "version_options=latest,${TAGS%,}" >> $GITHUB_OUTPUT + + deploy_to_staging: + name: Deploy to Staging + runs-on: ubuntu-22.04 + + env: + STACK_NAME: molvaapp-${{ inputs.environment }} + + strategy: + matrix: + project: + - api_gateway + + steps: + - name: Checkout code + uses: actions/checkout@v4 + # with: + # fetch-depth: 0 + + - name: Show selected version + run: | + echo "Deploying version: ${{ inputs.version }}" + echo "Available versions were: ${{ needs.get_available_versions.outputs.version_options }}" + + - name: Extract Git metadata + id: git-metadata + run: | + echo "GIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT + echo "GIT_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "none")" >> $GITHUB_OUTPUT + echo "REF_NAME=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT + + - name: Manual Approval Step + run: echo "Ручное подтверждение получено. Запуск деплоя в ${{ inputs.environment }}..." + + - name: Login to Docker Registry + run: | + echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin + + - name: Push Docker Image + run: | + if [ "${{ inputs.version }}" == "latest" ]; then + TAG=${{ steps.git-metadata.outputs.GIT_TAG != "none" && steps.git-metadata.outputs.GIT_TAG || steps.git-metadata.outputs.GIT_SHA }} + IMAGE_NAME="molvaapp/${{ matrix.project }}" + docker build -t $IMAGE_NAME:$TAG . + docker push $IMAGE_NAME:$TAG + else + echo "Using non-latest version ${{ inputs.version }}" + echo "Skipping pushing image..." + fi + + - name: Install Docker Compose + run: sudo apt-get update && sudo apt-get install -y docker-compose-plugin + + - name: Deploy to Swarm + run: | + if [ "${{ inputs.version }}" == "latest" ]; then + VERSION="latest" + else + VERSION="${{ inputs.version }}" + fi + + echo "Deploying version $VERSION to ${{ inputs.environment }}..." + echo "Log level: ${{ inputs.logLevel }}" + + docker -H ${{ secrets.SWARM_MANAGER_HOST }} \ + stack deploy \ + --with-registry-auth \ + -c docker-compose.staging.yaml \ + ${{ env.STACK_NAME }} + + - name: Post-deploy + run: | + echo "Deployment to ${{ inputs.environment }} completed." + echo "Version deployed: $VERSION"