docs: Synchronize kubernetes and docker pipelines + update documentation

.drone-docker.yml

@@ -1,5 +1,5 @@
 kind: pipeline
-type: docker
+type: kubernetes
 name: default
 
 concurrency:
@@ -11,15 +11,12 @@ environment:
 trigger:
   event:
     - push
-    - promote
+  branch:
+    - master
+    - main
+    - development
 
 steps:
-- name: fetch and update submodules to the latest commit
-  image: alpine/git
-  commands:
-  - git submodule init
-  - git submodule update --recursive --remote
-
 - name: replace hosts and user variables
   image: ubuntu:impish
   environment:
@@ -30,9 +27,10 @@ steps:
     DEPLOYMENT_USER:
       from_secret: deploy_username
   commands:
-    -  sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./frontend/.env
+    -  sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example
-    -  sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible/inventory
+    -  mv ./items/frontend/.env.example ./items/frontend/.env
-    -  sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible/inventory
+    -  sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory
+    -  sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory
 
 - name: build frontend
   image: node:lts-alpine3.14
@@ -40,25 +38,25 @@ steps:
     - node -v
     - npm -v
     - yarn --version
-    - yarn --cwd ./frontend install
+    - yarn --cwd ./items/frontend install
-    - yarn --cwd ./frontend build --pure-lockfile
+    - yarn --cwd ./items/frontend build --pure-lockfile
-    - rm -rf ./api/public/static/*
+    - rm -rf ./items/api/public/static/*
-    - mv ./frontend/build/* ./api/public
+    - mv ./items/frontend/build/* ./items/api/public
-    - rm ./api/public/index.html
+    - rm ./items/api/public/index.html
 
 - name: check ansible syntax
   image: plugins/ansible:3
   settings:
-    playbook: ./.ansible/playbook.yml
+    playbook: ./.ansible-items/playbook.yml
-    inventory: ./.ansible/inventory
+    inventory: ./.ansible-items/inventory
-    galaxy: ./.ansible/requirements.yml
+    galaxy: ./.ansible-items/requirements.yml
     syntax_check: true
 - name: apply ansible playbook
   image: plugins/ansible:3
   settings:
-    playbook: ./.ansible/playbook.yml
+    playbook: ./.ansible-items/playbook.yml
-    inventory: ./.ansible/inventory
+    inventory: ./.ansible-items/inventory
-    galaxy: ./.ansible/requirements.yml
+    galaxy: ./.ansible-items/requirements.yml
     private_key:
       from_secret: deploy_ssh_key
   environment:
@@ -69,7 +67,6 @@ steps:
     DEPLOYMENT_USER:
       from_secret: deploy_username
   when:
-    event:
+    branch:
-      - promote
+      - master
-    target:
+      - main
-      - production

.drone-kubernetes.yml

@@ -31,11 +31,6 @@ steps:
     -  mv ./items/frontend/.env.example ./items/frontend/.env
     -  sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory
     -  sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory
-  when:
-    branch:
-      - master
-      - main
-      - development
 
 - name: build frontend
   image: node:lts-alpine3.14
@@ -48,11 +43,6 @@ steps:
     - rm -rf ./items/api/public/static/*
     - mv ./items/frontend/build/* ./items/api/public
     - rm ./items/api/public/index.html
-  when:
-    branch:
-      - master
-      - main
-      - development
 
 - name: check ansible syntax
   image: plugins/ansible:3

items/README.md

@@ -26,9 +26,6 @@
 ## The pipeline walkthrough
 see [Walkthrough.md](./docs/Walkthrough.md)
 
-## The pipeline details
-![workflow](./docs/workflow.png)
-
 ## Some enhancement ideas
 - Store the build so that it is not rebuilt on any `promote` event
 - Use a volume or a cache for Yarn install

items/docs/Walkthrough.md

@@ -58,22 +58,13 @@ Here are the environment variables. They are automatically injected in every ste
 trigger:
   event:
     - push
-    - promote
+  branch:
+    - master
+    - main
+    - development
 ```
-The pipeline is run on every push and every promote. Since the repository is *kind of*  a [trunk](https://trunkbaseddevelopment.com), I dont think we need branches policies. Most steps are executed on any push since we want to check that everything builds and is still valid (tests are not added yet). Only the deployment is protected behing the promotion to production.
+The pipeline is run on every push only on branches `master`, `main` and `development`. We want to check that every development on `development` branch is correct and deploy automatically when merged in `master`/`main`.
-
 ## Steps
-### Fetch and update submodules
-```yml
-- name: fetch and update submodules to the latest commit
-  image: alpine/git
-  commands:
-  - git submodule init
-  - git submodule update --recursive --remote
-```
-Executed on every push. \
-Fetching and updating [submodules](https://git-scm.com/book/en/v2/Git-Tools-Submodules) to the latest commit.
-
 ### Replace hosts and user variables
 ```yml
 - name: replace hosts and user variables
@@ -86,9 +77,10 @@ Fetching and updating [submodules](https://git-scm.com/book/en/v2/Git-Tools-Subm
     DEPLOYMENT_USER:
       from_secret: deploy_username
   commands:
-    -  sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./frontend/.env
+    -  sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example
-    -  sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible/inventory
+    -  mv ./items/frontend/.env.example ./items/frontend/.env
-    -  sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible/inventory
+    -  sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory
+    -  sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory
 ```
 Executed on every push. \
 The following environment variables are injected using Drone secrets:
@@ -107,11 +99,11 @@ The changes are never pushed and are discarded when the container/pod is termina
     - node -v
     - npm -v
     - yarn --version
-    - yarn --cwd ./frontend install
+    - yarn --cwd ./items/frontend install
-    - yarn --cwd ./frontend build --pure-lockfile
+    - yarn --cwd ./items/frontend build --pure-lockfile
-    - rm -rf ./api/public/static/*
+    - rm -rf ./items/api/public/static/*
-    - mv ./frontend/build/* ./api/public
+    - mv ./items/frontend/build/* ./items/api/public
-    - rm ./api/public/index.html
+    - rm ./items/api/public/index.html
 ```
 Executed on every push. \
 Since the PHP backend serves the ReactJS frontend, the former is built and moved in the latter.
@@ -125,9 +117,9 @@ Notes:
 - name: check ansible syntax
   image: plugins/ansible:3
   settings:
-    playbook: ./.ansible/playbook.yml
+    playbook: ./.ansible-items/playbook.yml
-    inventory: ./.ansible/inventory
+    inventory: ./.ansible-items/inventory
-    galaxy: ./.ansible/requirements.yml
+    galaxy: ./.ansible-items/requirements.yml
     syntax_check: true
 ```
 Executed on every push. \
@@ -138,9 +130,9 @@ Check the Ansible syntax in [playbook.yml](../.ansible/playbook.yml), [inventory
 - name: apply ansible playbook
   image: plugins/ansible:3
   settings:
-    playbook: ./.ansible/playbook.yml
+    playbook: ./.ansible-items/playbook.yml
-    inventory: ./.ansible/inventory
+    inventory: ./.ansible-items/inventory
-    galaxy: ./.ansible/requirements.yml
+    galaxy: ./.ansible-items/requirements.yml
     private_key:
       from_secret: deploy_ssh_key
   environment:
@@ -151,10 +143,9 @@ Check the Ansible syntax in [playbook.yml](../.ansible/playbook.yml), [inventory
     DEPLOYMENT_USER:
       from_secret: deploy_username
   when:
-    event:
+    branch:
-      - promote
+      - master
-    target:
+      - main
-      - production
 ```
 Executed only on promotion to production. \
 This step actually deploys to the server. \
@@ -168,9 +159,6 @@ The following environment variables are injected using Drone secrets:
 #### Playbook definition
 ```yml
 hosts: host
-become_user: root
-become: true
-become_method: sudo
 ```
 Uses the host defined in [inventory](../.ansible/inventory). Remember, the step [Replace hosts and user variables](#replace-hosts-and-user-variables) already replaced the variables at this point. The playbook will be executed as `root` user using `sudo`.
 
@@ -188,7 +176,7 @@ Since the copy does not override the folder, this step takes care of it. \
 ```yml
 - name: Copy the project
   copy:
-    src: ../api/
+    src: ../items/api/
     dest: "{{ lookup('env', 'SPT_ITEMS_PATH') }}"
 ```
 Copies the whole project (frontend and backend) from the [api](../api) folder into the server.
@@ -245,9 +233,9 @@ Uses [Jinja2](https://jinja2docs.readthedocs.io/en/stable/) to resolve the [temp
 - name: Reset files permissions
   file:
     path: "{{ lookup('env', 'SPT_ITEMS_PATH') }}"
-    owner: www-data
+    owner: "{{ lookup('env', 'DEPLOYMENT_USER') }}"
     group: www-data
-    mode: 0744
+    mode: 0774
     recurse: yes
 ```
 Permissions 0644:
@@ -256,3 +244,14 @@ Permissions 0644:
     * other: read
 `www-data` is hardcoded here but it should be the standard user for Apache and Nginx. \
 `SPT_ITEMS_PATH` is injected thanks to the pipeline level environment variables (see [Environment variables](#environment-variables)).
+
+#### Initialize database
+```yml
+- name: Initialize database
+  uri:
+    url: "https://{{ lookup('env', 'SPT_ITEMS_HOSTNAME') }}/api/refresh"
+    method: GET
+    status_code: [200, 204]
+    timeout: 60
+```
+The call to `/api/refresh` fetches the data from AKI Server repository, `development` branch.