Deployment
Our deployment strategy involves GitHub Branches and rules, utilising runners to build and deploy docker images to our Kubernetes Cluster.
Prerequisites
- Knowledge of GitHub flows, actions, runners and secrets
- Docker and Kubernetes Knowledge
- Local Port forward of the Kubernetes-dashboard Pod
Tools
- Vscode
- Docker
- Kubectl
- Doctl
For Local development
Docker is required
docker compose up -d
Each environment now get it's own pod/deployment, except from Cypress nodes which uses the development pod(s). GitHub Runners have all the tools needed for deployment. All environments are secured via SSL and TLS.
Environments
| Environment | Alt name | URL |
|---|---|---|
| Production | master | files.prod.cluster.figment.cloud |
| QA Test | develop | files.dev.cluster.figment.cloud |
| UX Validation | uxval | files.uxval.cluster.figment.cloud |
| Functional Validation | funcval | files.funcval.cluster.figment.cloud |
Deployment steps
- On Branch update/push
- Github Action triggers
- Runner builds image the docker image since docker is pre-installed, with a tag
- Runner uploads the image to the digital ocean container registry.
- Runner updates the Kustomize deployment file with the appropriate image tag
- Runner authenticates with DigitalOcean
- Runner adds secrets from GitHub Secrets
- Runner deploys using Kubectl and Kustomize.
Deployment Authorisation
- The Github runner needs authorisation to interact with DigitalOcean Kubernetes Cluster
- The Github runner needs authorisation to interact with DigitalOcean Container Registry
Environment Variables for local development
.env file
APP_KEY="RANDOMKEY"
AWS_STORAGE_DEVELOPMENT="true"
AWS_STORAGE_ENDPOINT="http://host.docker.internal:9445"
AWS_STORAGE_ACCESS_KEY_ID="S3EXAMPLEAPIKEY"
AWS_STORAGE_SECRET_ACCESS_KEY="S3EXAMPLEAPISECRET123"
AWS_STORAGE_DEFAULT_REGION="eu-west-2"
AWS_STORAGE_BUCKET="figment-cloud-primary"
UPLOAD_CALLBACK_HOST="http://localhost, http://host.docker.internal"
UPLOAD_CALLBACK_ENDPOINT="/api/v1/files/store"
ARCHIVE_CALLBACK_HOST="http://localhost, http://host.docker.internal"
ARCHIVE_CALLBACK_ENDPOINT="/api/v1/archive/download"