Skip to content

Commit

Permalink
feat: added new wallet-demo-app component (WIP)
Browse files Browse the repository at this point in the history
Signed-off-by: Anton Biriukov <[email protected]>
  • Loading branch information
birtony committed Aug 25, 2023
1 parent ef420cc commit 299934f
Show file tree
Hide file tree
Showing 15 changed files with 458 additions and 2 deletions.
7 changes: 5 additions & 2 deletions scripts/deploy_all.sh
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ set -e
: ${DEPLOYMENT_ENV:=local}

## Should be deployed in the listed order
: ${COMPONENTS=api-gateway auth-hydra edv kms vct orb resolver csh vcs vcs-v1 vault-server hub-auth hub-router wallet-web adapter-issuer adapter-rp}
: ${COMPONENTS=api-gateway auth-hydra edv kms vct orb resolver csh vcs vcs-v1 vault-server hub-auth hub-router wallet-web adapter-issuer adapter-rp wallet-demo-app}
DEPLOY_LIST=( $COMPONENTS )

## Map: component --> healthcheck(s)
Expand All @@ -36,6 +36,7 @@ declare -A HEALTCHECK_URL=(
[wallet-web]="https://wallet.$DOMAIN/healthcheck https://vcwallet.$DOMAIN/healthcheck"
[adapter-issuer]="https://adapter-issuer.$DOMAIN/healthcheck"
[adapter-rp]="https://adapter-rp.$DOMAIN/healthcheck"
[wallet-demo-app]="https://wallet-demo-app.$DOMAIN/healthcheck"
)
## Map: healthckeck --> http-code
declare -A HEALTHCHECK_CODE=(
Expand All @@ -61,7 +62,9 @@ declare -A HEALTHCHECK_CODE=(
[https://adapter-rp.$DOMAIN/healthcheck]=200
[https://adapter-issuer.$DOMAIN/healthcheck]=200
[https://auth-hydra.$DOMAIN/health/ready]=200
[https://auth-hydra-admin.$DOMAIN/health/ready]=200)
[https://auth-hydra-admin.$DOMAIN/health/ready]=200
[https://wallet-demo-app.$DOMAIN/health/ready]=200
)

# healthCheck function -- copied from sandbox
RED=$(tput setaf 1)
Expand Down
1 change: 1 addition & 0 deletions scripts/service_list.txt
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,5 @@ vcs-awskms
vcs-localkms
vcwallet
wallet
wallet-demo-app
static-file-server
131 changes: 131 additions & 0 deletions wallet-demo-app/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

SHELL := /bin/bash
CONTAINER_CMD ?= docker
USER_ID = $(shell id -u)
DOCKER_CMD_RUN_OPTS ?= -u $(USER_ID)
CONTAINER_CMD_RUN_OPTS ?= $(if $(findstring docker,$(CONTAINER_CMD)),$(DOCKER_CMD_RUN_OPTS),)

export DEPLOYMENT_ENV ?= local
# space delimited of Key:Value pairs
COMMON_LABELS := instance:${DEPLOYMENT_ENV}
export DOMAIN ?= ${DEPLOYMENT_ENV}.trustbloc.dev

OS = $(shell uname -s | tr '[:upper:]' '[:lower:]')
ARCH = $(shell uname -m | sed 's/x86_64/amd64/')

#IMAGES
WALLET_DEMO_APP_IMG ?= ghcr.io/trustbloc-cicd/wallet-demo-app:1.2.2-snapshot-b08a949


# do not modify
KUSTOMIZE_DIR = kustomize/wallet-demo-app
KEYS_OUTPUT_DIR = ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/keys
CERTS_OUTPUT_DIR = ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/certs
PREFIX ?=
KUSTOMIZE_BUILD_OPTS ?= --load-restrictor LoadRestrictionsNone --enable-alpha-plugins
export KUSTOMIZE_PLUGIN_HOME = $(abspath .)/kustomize/plugin

.PHONY: all
all: setup

.PHONY: setup
setup: generate-test-certs
@echo setup

.PHONY: setup-no-certs
setup-no-certs:
@echo setup-no-certs

# TODO (#521): frapsoft/openssl only has an amd64 version. While this does work when using Docker on arm64-based macOS
# currently thanks to the automatic built-in QEMU emulation, it would be better to use a
# native arm64 version.
.PHONY: generate-test-certs
generate-test-certs: clean-certs
@echo $(abspath .)
@$(CONTAINER_CMD) run ${CONTAINER_CMD_RUN_OPTS} -i --platform linux/amd64 --rm \
-v $(abspath .):/opt/workspace:Z \
-e DOMAIN=${DOMAIN} \
-e CERTS_OUTPUT_DIR=${CERTS_OUTPUT_DIR} \
--entrypoint "/opt/workspace/scripts/generate_test_certs.sh" \
docker.io/frapsoft/openssl:latest
@cd ${CERTS_OUTPUT_DIR} && ln -fs trustbloc-dev-ca.crt ca.crt
@cd ${CERTS_OUTPUT_DIR} && ln -fs ${DOMAIN}.key tls.key
@cd ${CERTS_OUTPUT_DIR} && ln -fs ${DOMAIN}.crt tls.crt

.PHONY: deploy
deploy: prechecks kustomize kubectl set-images set-labels deploy-wallet-demo-app

.PHONY: prechecks
prechecks:
ifeq (, $(shell stat ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV} 2>/dev/null))
@echo "Environment not found ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}"
@exit 1
endif

.PHONY: set-labels
set-labels: kustomize
@pushd ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/wallet-demo-app &&\
${KUSTOMIZE} edit set label ${COMMON_LABELS} &&\
popd

.PHONY: set-images
set-images: kustomize
@pushd ${KUSTOMIZE_DIR}/base &&\
${KUSTOMIZE} edit set image wallet-demo-app=${WALLET_DEMO_APP_IMG} &&\
popd

.PHONY: deploy-wallet-demo-app
deploy-wallet-demo-app: prechecks kustomize kubectl
@minikube image load $(WALLET_DEMO_APP_IMG)
$(KUSTOMIZE) build ${KUSTOMIZE_BUILD_OPTS} \
${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/wallet-demo-app | $(KUBECTL) apply -f -

.PHONY: undeploy
undeploy: prechecks kustomize kubectl set-images set-labels undeploy-wallet-demo-app

.PHONY: undeploy-wallet-demo-app
undeploy-wallet-demo-app: prechecks kustomize kubectl
$(KUSTOMIZE) build ${KUSTOMIZE_BUILD_OPTS} \
${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/wallet-demo-app | $(KUBECTL) delete -f -

.PHONY: kustomize
kustomize:
ifeq (, $(shell which kustomize 2>/dev/null))
@{ \
set -e ;\
mkdir -p bin ;\
curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.3.0/kustomize_v4.3.0_$(OS)_$(ARCH).tar.gz | tar xzf - -C bin/ ;\
}
KUSTOMIZE=$(realpath ./bin/kustomize)
else
KUSTOMIZE=$(shell which kustomize)
endif

.PHONY: kubectl
kubectl:
ifeq (, $(shell which kubectl 2>/dev/null))
@{ \
set -e ;\
mkdir -p bin ;\
curl -sSL https://storage.googleapis.com/kubernetes-release/release/v1.21.2/bin/$(OS)/$(ARCH)/kubectl -o bin/kubectl ;\
chmod u+x bin/kubectl ;\
}
KUBECTL=$(realpath ./bin/kubectl)
else
KUBECTL=$(shell which kubectl)
endif

.PHONY: clean
clean: clean-all

.PHONY: clean-all
clean-all: clean-certs

.PHONY: clean-certs
clean-certs:
@rm -Rf ${CERTS_OUTPUT_DIR}
27 changes: 27 additions & 0 deletions wallet-demo-app/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# [Wallet Demo App](https://github.com/trustbloc/wallet-sdk/tree/main/demo/app) k8s deployment #


## pre-requisits
* [Minikube](https://minikube.sigs.k8s.io/docs/start/) with ingress addon.
* GNU sed
* (Optional: Gets installed by make) [kustomize](https://kubectl.docs.kubernetes.io/installation/kustomize/).

## Quick Run
* `make all`
* `make deploy-wallet-demo-app`

## Cleanup
* `make undeploy-wallet-demo-app`
* `make clean`

## options and features
* By default dns domain is `local.trustboc.dev`. To run with different domain (See next), run with: `make DOMAIN=ali.trustbloc.dev`
* By default Bloc domain is `orb-1.trustboc.dev`. To run with different domain (See next), run with: `make BLOC_DOMAIN=orb-1.ali.trustbloc.dev`
* Will create an Ingress for external access. When running with unregistered dns domains, create records (/etc/hosts) for:
- `wallet.DOMAIN`
* if running `podman` pass `CONTAINER_CMD=podman` as option to make
* Running with none self-signed certificates: place certs into kustomize/wallet/overlays/sandbox/certs, then run with: `make setup-no-certs`.
>files:
- ca.crt
- tls.crt
- tls.key
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/usr/bin/env bash
#
# Copyright SecureKey Technologies Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

# https://github.com/kubernetes-sigs/kustomize/blob/master/plugin/someteam.example.com/v1/sedtransformer/SedTransformer
# Skip the config file name argument.
shift
args=()
for arg in "$@"; do
env_expanded=${arg@P}
args+=(-e "$env_expanded")
done

sed "${args[@]}"
8 changes: 8 additions & 0 deletions wallet-demo-app/kustomize/wallet-demo-app/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

**/keys/**
**/certs/**
35 changes: 35 additions & 0 deletions wallet-demo-app/kustomize/wallet-demo-app/base/deployment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

---
kind: Deployment
apiVersion: apps/v1
metadata:
name: wallet-demo-app
spec:
replicas: 1
selector:
matchLabels:
app: wallet-demo-app
template:
metadata:
labels:
app: wallet-demo-app
spec:
containers:
- name: wallet-demo-app
image: wallet-demo-app:latest
ports:
- containerPort: 80
protocol: TCP
name: http-port
livenessProbe:
httpGet:
path: /healthcheck
port: http-port
initialDelaySeconds: 30
periodSeconds: 10
failureThreshold: 5
18 changes: 18 additions & 0 deletions wallet-demo-app/kustomize/wallet-demo-app/base/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

generatorOptions: {}

resources:
- deployment.yml
- service.yml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
images:
- name: wallet-demo-app
newName: ghcr.io/trustbloc-cicd/wallet-demo-app
newTag: 1.2.2-snapshot-b08a949
29 changes: 29 additions & 0 deletions wallet-demo-app/kustomize/wallet-demo-app/base/service.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
name: wallet-demo-app
labels:
app: wallet-demo-app
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: http-port
- name: prometheus
port: 9100
protocol: TCP
targetPort: prometheus
selector:
app: wallet-demo-app
status:
loadBalancer: {}
---
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

# Adds namespace to all resources.
#namespace: edge-sandbox-system

# Value of this field is prepended to the
# names of all resources, e.g. a deployment named
# "wordpress" becomes "alices-wordpress".
# Note that it should also match with the prefix (text before '-') of the namespace
# field above.
commonLabels:
group: services
project: trustbloc


apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
- ../../base

transformers:
- sedtransform.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

apiVersion: svceng
kind: SedTransformer
metadata:
name: sedtransformer
argsOneLiner: s^||DOMAIN||^${DOMAIN}^g
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#
# Copyright Gen Digital Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wallet-demo-app
labels:
app: wallet-demo-app
spec:
tls:
- hosts:
- wallet-demo-app.||DOMAIN||
secretName: INGRESS_TLS_SECRET
rules:
- host: wallet-demo-app.||DOMAIN||
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: wallet-demo-app
port:
name: http
Loading

0 comments on commit 299934f

Please sign in to comment.