you have got to be kidding me

.gitlab-ci.yml

@@ -36,15 +36,15 @@ deploy:
     - $CI_COMMIT_TAG
   stage: deploy
   image:
-    name: debian:latest
+    name: debian:10
     entrypoint: [""]
   script:
-    - echo $CI_REGISTRY_IMAGE
     - apt -qq update >> /dev/null && apt -qq install -y curl gettext >> /dev/null
     - curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
     - chmod +x ./kubectl
-    - envsubst < k8s/deploy.yaml > out.yaml
+    - mkdir /deploy
-    - mv out.yaml k8s/deploy.yaml
+    - for f in $(find k8s -regex '.*\.ya*ml'); do envsubst < $f > "/deploy/$(basename $f)"; done
-    - ./kubectl apply -f k8s
+    - ./kubectl apply -f /deploy
     - ./kubectl rollout status deploy $DEPLOY
-    - ./kubectl exec $(./kubectl get pods --selector=app=$DEPLOY --output=jsonpath='{.items[*].metadata.name}') -- python manage.py migrate
+    - POD=$(./kubectl get pods --selector=app=$DEPLOY --output=jsonpath='{.items[*].metadata.name}')
+    - ./kubectl exec $POD -- python manage.py migrate

Dockerfile

@@ -6,13 +6,12 @@ COPY api api
 COPY ui ui
 COPY manage.py manage.py
 COPY requirements.txt requirements.txt
+RUN pip install -r requirements.txt
 
 RUN useradd -ms /bin/bash django
 RUN chown -R django .
 
 USER django
-RUN python -m venv venv
+RUN python manage.py collectstatic
-RUN venv/bin/pip install -r requirements.txt
-RUN venv/bin/python manage.py collectstatic
 
-CMD ["venv/bin/gunicorn","-b",":8000", "-w", "4", "config.wsgi"]
+CMD ["gunicorn","-b",":8000", "-w", "4", "config.wsgi"]

README.md

@@ -2,4 +2,23 @@
 
 My CI testing pipeline for a django project.
 
-[![pipeline status](http://gitlab.ducoterra.net/ducoterra/ci_builder/badges/master/pipeline.svg)](http://gitlab.ducoterra.net/ducoterra/ci_builder/-/commits/master)
+[![pipeline status](http://gitlab.ducoterra.net/ducoterra/ci_builder/badges/master/pipeline.svg)](http://gitlab.ducoterra.net/ducoterra/ci_builder/-/commits/master)
+
+## Django Environment Variables
+
+### Django Secret
+
+```bash
+kubectl create secret generic django-secrets --from-literal=SECRET_KEY=$(python -c "import secrets ; print(secrets.token_urlsafe(32))")
+```
+
+### Django Allowed Hosts
+
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: test
+data:
+  ALLOWED_HOSTS: localhost,test.ducoterra.net
+```

config/settings.py

@@ -20,13 +20,12 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'b8fi9=f-qj=@-#1iru34-f@a6pzfysgrf(1n_&d=ur%!1w$q*w'
+SECRET_KEY = os.getenv("SECRET_KEY")
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True if os.getenv("DEBUG") == "True" else False
 
-ALLOWED_HOSTS = ["localhost", "test.ducoterra.net"]
+ALLOWED_HOSTS = os.getenv("ALLOWED_HOSTS", "localhost").split(",")
-
 
 # Application definition
 

k8s/configmap.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: $DEPLOY
+data:
+  ALLOWED_HOSTS: localhost,test.ducoterra.net

k8s/deploy.yaml

@@ -1,22 +1,27 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: test
+  name: $DEPLOY
 spec:
   selector:
     matchLabels:
-      app: test
+      app: $DEPLOY
   template:
     metadata:
       labels:
-        app: test
+        app: $DEPLOY
     spec:
       containers:
-      - name: test
+      - name: $DEPLOY
         image: $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
+        envFrom:
+        - configMapRef:
+            name: $DEPLOY
+        - secretRef:
+            name: django-secrets
         volumeMounts:
           - mountPath: /app/db
-            name: test
+            name: $DEPLOY
         resources:
           limits:
             memory: "256Mi"
@@ -27,6 +32,6 @@ spec:
         ports:
         - containerPort: 8000
       volumes:
-        - name: test
+        - name: $DEPLOY
           persistentVolumeClaim:
-            claimName: test
+            claimName: $DEPLOY

k8s/ingress.yaml

@@ -3,7 +3,7 @@ kind: Ingress
 metadata:
   annotations:
     ingress.kubernetes.io/ssl-redirect: "true"
-  name: test
+  name: $DEPLOY
 spec:
   tls:
   - hosts:
@@ -14,7 +14,7 @@ spec:
     http:
       paths:
       - backend:
-          serviceName: test
+          serviceName: $DEPLOY
           servicePort: 8000
 
 ---
@@ -22,7 +22,7 @@ spec:
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
-  name: test-external-tls
+  name: $DEPLOY-external-tls
 spec:
   entryPoints:
     - websecure
@@ -32,7 +32,7 @@ spec:
   - match: Host(`test.ducoterra.net`)
     kind: Rule
     services:
-    - name: test
+    - name: $DEPLOY
       port: 8000
 
 ---
@@ -40,7 +40,7 @@ spec:
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
-  name: test-external-web
+  name: $DEPLOY-external-web
 spec:
   entryPoints:
     - web
@@ -48,7 +48,7 @@ spec:
   - match: Host(`test.ducoterra.net`)
     kind: Rule
     services:
-    - name: test
+    - name: $DEPLOY
       port: 8000
     middlewares:
       - name: httpsredirect

k8s/pvc.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: test
+  name: $DEPLOY
 spec:
   storageClassName: nfs-encrypted
   accessModes:

k8s/service.yaml

@@ -1,10 +1,10 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: test
+  name: $DEPLOY
 spec:
   selector:
-    app: test
+    app: $DEPLOY
   ports:
   - port: 8000
     targetPort: 8000

manage.py

@@ -6,6 +6,7 @@ import sys
 
 def main():
     os.environ.setdefault('DEBUG', 'True')
+    os.environ.setdefault('SECRET_KEY', 'SeVOOxOHISQZv82RfCPds0B2l8M6jGju4G8F-GcuSrc')
     os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings')
     try:
         from django.core.management import execute_from_command_line

ui/static/ui/button.css

@@ -0,0 +1,16 @@
+html, body { 
+    height: 100%;
+    width: 100%;
+}
+
+.section, .container {
+    height: 100%;
+}
+
+.container {
+    display: flex;
+    justify-content: center;
+    flex-direction: column;
+    align-items: center;
+    text-align: center;
+}

ui/static/ui/button.js

@@ -20,6 +20,7 @@ var count = document.getElementById("COUNT");
 
 button.addEventListener("click", event => {
     button.disabled = true;
+    button.classList.add("is-loading");
     fetch('/button', {
         method: 'POST',
         headers: {
@@ -34,6 +35,7 @@ button.addEventListener("click", event => {
             count.innerText = data.pressed;
         }).finally(() => {
             button.disabled = false;
+            button.classList.remove("is-loading");
         });
 });