Quang tru HUYNH
Python Django Template

Repository

# https://docs.docker.com/engine/reference/builder/
# FROM refer the image where we start from
# Here we will use a basic python 3 debian image

FROM python:3

# Use the RUN command to pass command to be run
# Here we update the image and add python3 virtualenv

RUN apt-get update && apt-get upgrade -y && apt-get install \
  -y --no-install-recommends python3

# Install pip dependencies
ADD requirements.txt /app/requirements.txt
RUN pip install --default-timeout=100 --upgrade pip && pip install -r /app/requirements.txt

# We add the current content of the git repo in the /app directory
ADD . /app
WORKDIR /app
RUN rm -rf .gitlab-ci.yml Dockerfile README.md img
# We use the CMD command to start the gunicorn daemon
# when we start the container.
# Note the $PORT variable, we will need to define it when we start the container
CMD python manage.py runserver 0.0.0.0:$PORT
stages:
  - build
  - deploy

services:
  - docker:dind

build:
  image: docker:latest
  stage: build
  script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
    - docker build -t "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME/polls:${CI_COMMIT_SHORT_SHA}" .
    - docker tag "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME/polls:${CI_COMMIT_SHORT_SHA}" "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME/polls:latest"
    - docker push "$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME/polls:${CI_COMMIT_SHORT_SHA}"
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: postgres-claim
  labels:
      app: postgresql
spec:
  accessModes:
      - ReadWriteOnce
  resources:
      requests:
        storage: 1Gi
apiVersion: v1
kind: Secret
metadata:
  name: postgresql-credentials
type: Opaque
data:
  username: cG9sbHNfdXNlcgo=
  password: cG9sbHMK
  database: cG9sbHMK
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgresql
  labels:
    app: postgresql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgresql
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: postgresql
        tier: postgreSQL
    spec:
      containers:
      - name: postgresql
        image: postgres:9.6.2-alpine
        env:
        - name: POSTGRES_USER
          valueFrom:
            secretKeyRef:
              name: postgresql-credentials
              key: username
        - name: POSTGRES_DB
          valueFrom:
            secretKeyRef:
              name: postgresql-credentials
              key: database
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: postgresql-credentials
              key: password
        ports:
        - containerPort: 5432
          name: postgresql
        resources:
          requests:
            memory: "64Mi"
            cpu: "50m"
          limits:
            memory: "128Mi"
            cpu: "100m"
        volumeMounts:
        - name: postgresql
          mountPath: /var/lib/postgresql/data
          subPath: data
      volumes:
      - name: postgresql
        persistentVolumeClaim:
          claimName: postgres-claim
      - name: postgresql-credentials
        secret:
          secretName: postgresql-credentials
apiVersion: v1
kind: Service
metadata:
  name: postgresql
  labels:
    app: postgresql
spec:
  ports:
    - port: 5432
  selector:
    app: postgresql
    tier: postgreSQL
apiVersion: apps/v1
kind: Deployment
metadata:
  name: polls
  labels:
      app: polls
spec:
  replicas: 1
  selector:
    matchLabels:
      app: polls
  template:
    metadata:
      labels:
        app: polls
    spec:
      containers:
      - name: polls-app
        image: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME/polls:${CI_COMMIT_SHORT_SHA}
        imagePullPolicy: Always
        env:
        - name: DATABASE_HOST
          value: postgresql
        - name: DATABASE_NAME
          valueFrom:
            secretKeyRef:
              name: postgresql-credentials
              key: database
        - name: DATABASE_USER
          valueFrom:
            secretKeyRef:
              name: postgresql-credentials
              key: username
        - name: DATABASE_PASSWORD
          valueFrom:
            secretKeyRef:
              name: postgresql-credentials
              key: password
        - name: PORT
          value: "8080"
        ports:
        - containerPort: 8080
        resources:
          requests:
            memory: "64Mi"
            cpu: "50m"
          limits:
            memory: "128Mi"
            cpu: "100m"
      imagePullSecrets:
        - name: registry-gitlab
      volumes:
      - name: postgresql-credentials
        secret:
          secretName: postgresql-credentials
apiVersion: v1
kind: Service
metadata:
  name: polls
  labels:
    app: polls
spec:
  type: ClusterIP
  ports:
  - port: 8080
  selector:
    app: polls
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: traefik
  labels:
    app: polls
  name: polls
spec:
  rules:
  - host: ${GITLAB_USER_LOGIN}.k8s-dev.pasteur.fr
    http:
      paths:
      - backend:
          serviceName: polls
          servicePort: 8080
        path: /
---
apiVersion: batch/v1
kind: Job
metadata:
  name: polls-migrations
spec:
  template:
      spec:
        containers:
            - name: django
              image: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_NAME/polls:${CI_COMMIT_SHORT_SHA}
              command: ['python', '/app/manage.py', 'migrate']
              env:
              - name: DATABASE_HOST
                value: postgresql
              - name: DATABASE_NAME
                valueFrom:
                  secretKeyRef:
                    name: postgresql-credentials
                    key: database
              - name: DATABASE_USER
                valueFrom:
                  secretKeyRef:
                    name: postgresql-credentials
                    key: username
              - name: DATABASE_PASSWORD
                valueFrom:
                  secretKeyRef:
                    name: postgresql-credentials
                    key: password
        restartPolicy: Never
        imagePullSecrets:
          - name: registry-gitlab
        volumes:
        - name: postgresql-credentials
          secret:
            secretName: postgresql-credentials
  backoffLimit: 5
deploy:
  stage: deploy
  image: registry-gitlab.pasteur.fr/dsi-tools/docker-images:docker_kubernetes_image
  variables:
    NAMESPACE: "<your gitlab user>-django"
  environment:
    name: <your gitlab user>-django
    url: https://<your gitlab user>-django.k8s-dev.pasteur.fr
  script:
    - yum install -y gettext
    - kubectl delete secret registry-gitlab -n ${NAMESPACE} --ignore-not-found=true
    - kubectl create secret docker-registry -n ${NAMESPACE} registry-gitlab --docker-server=registry-gitlab.pasteur.fr --docker-username=${DEPLOY_USER} --docker-password=${DEPLOY_TOKEN} --docker-email=kubernetes@pasteur.fr
    - envsubst < manifest.yaml | kubectl apply -n ${NAMESPACE} -f -
    - kubectl delete job polls-migrations -n ${NAMESPACE} --ignore-not-found=true
    - envsubst < job.yaml | kubectl apply -n ${NAMESPACE} -f -
    - kubectl patch deployment polls -p "{\"spec\":{\"template\":{\"metadata\":{\"labels\":{\"date\":\"`date +'%s'`\"}}}}}"