Merge pull request #19 from frmscoe/dockerize

feat: add dockerfile, service.yml and deployment.yml files to auth se…

Author: Justus-at-Tazama

.dockerignore

@@ -0,0 +1,6 @@
+# SPDX-License-Identifier: Apache-2.0
+*/node_modules
+coverage
+template
+.vscode
+README.md

Dockerfile

@@ -0,0 +1,64 @@
+# SPDX-License-Identifier: Apache-2.0
+ARG BUILD_IMAGE=node:20-bullseye
+ARG RUN_IMAGE=gcr.io/distroless/nodejs20-debian11:nonroot
+
+FROM ${BUILD_IMAGE} AS builder
+LABEL stage=build
+# TS -> JS stage
+
+WORKDIR /home/app
+COPY ./src ./src
+COPY ./package*.json ./
+COPY ./tsconfig.json ./
+COPY .npmrc ./
+ARG GH_TOKEN
+
+RUN npm ci --ignore-scripts
+RUN npm run build
+
+FROM ${BUILD_IMAGE} AS dep-resolver
+LABEL stage=pre-prod
+# To filter out dev dependencies from final build
+
+COPY package*.json ./
+COPY .npmrc ./
+ARG GH_TOKEN
+RUN npm ci --omit=dev --ignore-scripts
+
+FROM ${RUN_IMAGE} AS run-env
+USER nonroot
+
+WORKDIR /home/app
+COPY --from=dep-resolver /node_modules ./node_modules
+COPY --from=builder /home/app/build ./build
+COPY package.json ./
+COPY deployment.yaml ./
+COPY service.yaml ./
+
+# Turn down the verbosity to default level.
+ENV NPM_CONFIG_LOGLEVEL warn
+
+ENV mode="http"
+ENV upstream_url="http://127.0.0.1:3000"
+ENV prefix_logs="false"
+ENV FUNCTION_NAME=auth-service
+ENV NODE_ENV=production
+ENV MAX_CPU=
+
+#Fastify
+ENV PORT=3000
+ENV HOST=0.0.0.0
+
+#Auth Lib
+ENV Auth_URL=http://localhost:8080
+ENV KEYCLOAK_REALM=tazama
+ENV CERT_PATH=private_key.pem
+ENV CLIENT_SECRET=""
+ENV CLIENT_ID=""
+
+# Set healthcheck command
+HEALTHCHECK --interval=60s CMD [ -e /tmp/.lock ] || exit 1
+EXPOSE 3000
+
+# Execute watchdog command
+CMD ["build/index.js"]

deployment.yaml

@@ -0,0 +1,45 @@
+# SPDX-License-Identifier: Apache-2.0
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: auth-service-rel-1-0-0
+  namespace: development
+  labels:
+    app: auth-service
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: auth-service
+  template:
+    metadata:
+      name: auth-service-rel-1-0-0
+      labels:
+        app: auth-service
+      annotations:
+        prometheus.io.scrape: 'false'
+    spec:
+      containers:
+        - name: auth-service-rel-1-0-0
+          image: example.io/auth-service-rel-1-0-0:1.0.0
+          ports:
+            - name: http
+              containerPort: 8080
+              protocol: TCP
+          resources: {}
+          imagePullPolicy: Always
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      imagePullSecrets:
+        - name: frmpullsecret
+      schedulerName: default-scheduler
+      enableServiceLinks: false
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 0
+      maxSurge: 1
+  revisionHistoryLimit: 10
+  progressDeadlineSeconds: 600

service.yaml

@@ -0,0 +1,20 @@
+# SPDX-License-Identifier: Apache-2.0
+apiVersion: v1
+kind: Service
+metadata:
+  name: auth-service-rel-1-0-0
+  namespace: development
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 8080
+      targetPort: 8080
+  selector:
+    app: auth-service
+  type: ClusterIP
+  sessionAffinity: None
+  ipFamilies:
+    - IPv4
+  ipFamilyPolicy: SingleStack
+  internalTrafficPolicy: Cluster