Merge pull request #163 from hypersign-protocol/update-cluster

Update cluster
hypersign-protocol · Dec 25, 2024 · 1c79fd5 · 1c79fd5
2 parents 595f3c3 + bdd70d9
commit 1c79fd5
Show file tree

Hide file tree

Showing 4 changed files with 156 additions and 151 deletions.
diff --git a/.deploy/deployment.yaml b/.deploy/deployment.yaml
@@ -28,11 +28,11 @@ spec:
 
         resources:
           requests:
-            memory: "3Gi"
-            cpu: "2500m"
+            memory: "2Gi"
+            cpu: "4000m"
           limits:
             memory: "4Gi"
-            cpu: "4000m"
+            cpu: "8000m"
         ports:
         - containerPort: __PORT__
         env:

diff --git a/.deploy/ingress.yaml b/.deploy/ingress.yaml
@@ -14,57 +14,42 @@ metadata:
 
 spec:
   tls:
-    - secretName: entity-ssl
-      hosts:
-        - "api.entity.hypersign.id"
-        - "*.api.entity.hypersign.id"
-
+  - secretName: entity-ssl
+    hosts:
+    - "api.entity.hypersign.id"
+    - "*.api.entity.hypersign.id"
   rules:
-    - host: "api.entity.hypersign.id"
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: entity-api-service
-                port:
-                  number: 3001
-          - path: /ssi/
-            pathType: Prefix
-            backend:
-              service:
-                name: entity-api-service
-                port:
-                  number: 3001
-          - path: /api/
-            pathType: Prefix
-            backend:
-              service:
-                name: entity-api-service
-                port:
-                  number: 3001
-    - host: "*.api.entity.hypersign.id"
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: entity-api-service
-                port:
-                  number: 3001
-          - path: /ssi/
-            pathType: Prefix
-            backend:
-              service:
-                name: entity-api-service
-                port:
-                  number: 3001
-          - path: /api/
-            pathType: Prefix
-            backend:
-              service:
-                name: entity-api-service
-                port:
-                  number: 3001
+  - host: "api.entity.hypersign.id"
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: entity-api-service
+            port:
+              number: 3001
+      - path: /api/
+        pathType: Prefix
+        backend:
+          service:
+            name: entity-api-service
+            port:
+              number: 3001
+  - host: "*.api.entity.hypersign.id"
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: entity-api-service
+            port:
+              number: 3001
+      - path: /api/
+        pathType: Prefix
+        backend:
+          service:
+            name: entity-api-service
+            port:
+              number: 3001
diff --git a/.deploy/vpa.yaml b/.deploy/vpa.yaml
@@ -0,0 +1,21 @@
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: entity-api-vpa
+  namespace: hypermine-development
+spec:
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: entity-api
+  updatePolicy:
+    updateMode: "Auto" # Options: "Off", "Initial", "Auto"
+  resourcePolicy:
+    containerPolicies:
+    - containerName: "*"
+      minAllowed:
+        cpu: "2000m"
+        memory: "2Gi"
+      maxAllowed:
+        cpu: "8000m"
+        memory: "4Gi"
diff --git a/.github/workflows/CI-CD.yaml b/.github/workflows/CI-CD.yaml
@@ -5,117 +5,116 @@ on:
     # branches:
     #   - "master"
     tags:
-      - "[0-9]+.[0-9]+.[0-9]+"
-      - "[0-9]+.[0-9]+.[0-9]-rc.[0-9]+"
+    - "[0-9]+.[0-9]+.[0-9]+"
+    - "[0-9]+.[0-9]+.[0-9]-rc.[0-9]+"
 
 jobs:
   Build:
     runs-on: ubuntu-22.04
     environment: production
     steps:
-      - name: code checkout
-        uses: actions/checkout@v3
-      - name: Set Latest Tag
-        run: echo "LATEST_RELEASE_TAG=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV
+    - name: code checkout
+      uses: actions/checkout@v3
+    - name: Set Latest Tag
+      run: echo "LATEST_RELEASE_TAG=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV
 
-      - id: "auth"
-        uses: "google-github-actions/auth@v1"
-        with:
-          credentials_json: "${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}"
+    - id: "auth"
+      uses: "google-github-actions/auth@v1"
+      with:
+        credentials_json: "${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}"
 
-      - name: install gcloud cli tools
-        uses: google-github-actions/setup-gcloud@v1
-        with:
-          project_id: ${{secrets.GOOGLE_PROJECT_ID}}
-          service_account_key: ${{secrets.GOOGLE_APPLICATION_CREDENTIALS}}
-          install_components: "gke-gcloud-auth-plugin"
-          export_default_credentials: true
-      - name: "Use gcloud CLI"
-        run: "gcloud info"
+    - name: install gcloud cli tools
+      uses: google-github-actions/setup-gcloud@v1
+      with:
+        project_id: ${{secrets.GOOGLE_PROJECT_ID}}
+        service_account_key: ${{secrets.GOOGLE_APPLICATION_CREDENTIALS}}
+        install_components: "gke-gcloud-auth-plugin"
+        export_default_credentials: true
+    - name: "Use gcloud CLI"
+      run: "gcloud info"
 
-      - name: "Docker Auth"
-        env:
-          GOOGLE_ARTIFACT_URL: ${{secrets.GOOGLE_ARTIFACT_URL}}
+    - name: "Docker Auth"
+      env:
+        GOOGLE_ARTIFACT_URL: ${{secrets.GOOGLE_ARTIFACT_URL}}
 
-        run: gcloud auth configure-docker $GOOGLE_ARTIFACT_URL
+      run: gcloud auth configure-docker $GOOGLE_ARTIFACT_URL
 
-      - name: "Docker Build and Push"
-        env:
-          GOOGLE_PROJECT_ID: ${{secrets.GOOGLE_PROJECT_ID}}
-          GOOGLE_ARTIFACT_URL: ${{secrets.GOOGLE_ARTIFACT_URL}}
-          GOOGLE_ARTIFACT_REPO: ${{secrets.GOOGLE_ARTIFACT_REPO}}
-        run:
-          docker build -t $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/enity-api-service:${{ env.LATEST_RELEASE_TAG }} .
+    - name: "Docker Build and Push"
+      env:
+        GOOGLE_PROJECT_ID: ${{secrets.GOOGLE_PROJECT_ID}}
+        GOOGLE_ARTIFACT_URL: ${{secrets.GOOGLE_ARTIFACT_URL}}
+        GOOGLE_ARTIFACT_REPO: ${{secrets.GOOGLE_ARTIFACT_REPO}}
+      run: docker build -t $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/enity-api-service:${{ env.LATEST_RELEASE_TAG }} .
 
-          docker push $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/enity-api-service:${{ env.LATEST_RELEASE_TAG }}
-      - name: "Docker Build and Push"
-        env:
-          GOOGLE_PROJECT_ID: ${{secrets.GOOGLE_PROJECT_ID}}
-          GOOGLE_ARTIFACT_URL: ${{secrets.GOOGLE_ARTIFACT_URL}}
-          GOOGLE_ARTIFACT_REPO: ${{secrets.GOOGLE_ARTIFACT_REPO}}
-        run:
-          docker build -t $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/nginx-entity:latest ./nginx/
+        docker push $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/enity-api-service:${{ env.LATEST_RELEASE_TAG }}
+    # - name: "Docker Build and Push"
+    #   env:
+    #     GOOGLE_PROJECT_ID: ${{secrets.GOOGLE_PROJECT_ID}}
+    #     GOOGLE_ARTIFACT_URL: ${{secrets.GOOGLE_ARTIFACT_URL}}
+    #     GOOGLE_ARTIFACT_REPO: ${{secrets.GOOGLE_ARTIFACT_REPO}}
+    #   run:
+    #     docker build -t $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/nginx-entity:latest ./nginx/
 
-          docker push $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/nginx-entity:latest
+    #     docker push $GOOGLE_ARTIFACT_URL/$GOOGLE_PROJECT_ID/$GOOGLE_ARTIFACT_REPO/nginx-entity:latest
 
   Deploy:
-    needs: [Build]
+    needs: [ Build ]
     runs-on: ubuntu-latest
     environment: production
     steps:
-      - name: code checkout
-        uses: actions/checkout@v3
-      - name: Set Latest Tag
-        run: echo "LATEST_RELEASE_TAG=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV
+    - name: code checkout
+      uses: actions/checkout@v3
+    - name: Set Latest Tag
+      run: echo "LATEST_RELEASE_TAG=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV
 
-      - id: "auth"
-        uses: "google-github-actions/auth@v1"
-        with:
-          credentials_json: "${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}"
-      - name: install gcloud cli tools
-        uses: google-github-actions/setup-gcloud@v1
-        with:
-          project_id: ${{secrets.GOOGLE_PROJECT_ID}}
-          service_account_key: ${{secrets.GOOGLE_APPLICATION_CREDENTIALS}}
-          install_components: "gke-gcloud-auth-plugin"
-          export_default_credentials: true
-      - name: "Configure kubectl"
-        run: gcloud container clusters get-credentials hypermine-gke --region=asia-south1
-      - name: Replace tags
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__LATEST_RELEASE_TAG__#${{ env.LATEST_RELEASE_TAG }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__PORT__/${{ secrets.PORT }}/g'' {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__BASE_DB_PATH__#${{ secrets.BASE_DB_PATH }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__DB_CONFIG__#${{ secrets.DB_CONFIG }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__HID_NETWORK_RPC__#${{ secrets.HID_NETWORK_RPC }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__HID_NETWORK_API__#${{ secrets.HID_NETWORK_API }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__HID_NETWORK_NAMESPACE__#${{ secrets.HID_NETWORK_NAMESPACE }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_BASE_URL__#${{ secrets.EDV_BASE_URL }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_CONFIG_DIR__#${{ secrets.EDV_CONFIG_DIR }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_DID_FILE_PATH__#${{ secrets.EDV_DID_FILE_PATH }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_KEY_FILE_PATH__#${{ secrets.EDV_KEY_FILE_PATH }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__GLOBAL_TXN_CONTROLLER_QUEUE__#${{ secrets.GLOBAL_TXN_CONTROLLER_QUEUE }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__RABBIT_MQ_URI__#${{ secrets.RABBIT_MQ_URI }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__MNEMONIC__#${{ secrets.MNEMONIC }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__JWT_SECRET__#${{ secrets.JWT_SECRET }}#" {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__GOOGLE_ARTIFACT_URL__/${{ secrets.GOOGLE_ARTIFACT_URL }}/g'' {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__GOOGLE_ARTIFACT_REPO__/${{ secrets.GOOGLE_ARTIFACT_REPO }}/g'' {} \;
-      - name: "Replace secrets"
-        run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__GOOGLE_PROJECT_ID__/${{ secrets.GOOGLE_PROJECT_ID }}/g'' {} \;
-      - name: "Deploy to GKE"
-        run: kubectl apply -f .deploy/deployment.yaml
+    - id: "auth"
+      uses: "google-github-actions/auth@v1"
+      with:
+        credentials_json: "${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}"
+    - name: install gcloud cli tools
+      uses: google-github-actions/setup-gcloud@v1
+      with:
+        project_id: ${{secrets.GOOGLE_PROJECT_ID}}
+        service_account_key: ${{secrets.GOOGLE_APPLICATION_CREDENTIALS}}
+        install_components: "gke-gcloud-auth-plugin"
+        export_default_credentials: true
+    - name: "Configure kubectl"
+      run: gcloud container clusters get-credentials hypermine-gke-manual --region=asia-south1
+    - name: Replace tags
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__LATEST_RELEASE_TAG__#${{ env.LATEST_RELEASE_TAG }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__PORT__/${{ secrets.PORT }}/g'' {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__BASE_DB_PATH__#${{ secrets.BASE_DB_PATH }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__DB_CONFIG__#${{ secrets.DB_CONFIG }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__HID_NETWORK_RPC__#${{ secrets.HID_NETWORK_RPC }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__HID_NETWORK_API__#${{ secrets.HID_NETWORK_API }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__HID_NETWORK_NAMESPACE__#${{ secrets.HID_NETWORK_NAMESPACE }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_BASE_URL__#${{ secrets.EDV_BASE_URL }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_CONFIG_DIR__#${{ secrets.EDV_CONFIG_DIR }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_DID_FILE_PATH__#${{ secrets.EDV_DID_FILE_PATH }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__EDV_KEY_FILE_PATH__#${{ secrets.EDV_KEY_FILE_PATH }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__GLOBAL_TXN_CONTROLLER_QUEUE__#${{ secrets.GLOBAL_TXN_CONTROLLER_QUEUE }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__RABBIT_MQ_URI__#${{ secrets.RABBIT_MQ_URI }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__MNEMONIC__#${{ secrets.MNEMONIC }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i -e "s#__JWT_SECRET__#${{ secrets.JWT_SECRET }}#" {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__GOOGLE_ARTIFACT_URL__/${{ secrets.GOOGLE_ARTIFACT_URL }}/g'' {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__GOOGLE_ARTIFACT_REPO__/${{ secrets.GOOGLE_ARTIFACT_REPO }}/g'' {} \;
+    - name: "Replace secrets"
+      run: find .deploy/deployment.yaml -type f -exec sed  -i ''s/__GOOGLE_PROJECT_ID__/${{ secrets.GOOGLE_PROJECT_ID }}/g'' {} \;
+    - name: "Deploy to GKE"
+      run: kubectl apply -f .deploy/deployment.yaml