Updated main branch (GSM integration)

code/kubernetes/mongo/deployment.yaml

@@ -26,12 +26,12 @@ spec:
             - name: MONGO_INITDB_ROOT_USERNAME
               valueFrom:
                 secretKeyRef:
-                  name: mongodb-credentials
+                  name: mongo-secret
                   key: MONGO_INITDB_ROOT_USERNAME
             - name: MONGO_INITDB_ROOT_PASSWORD
               valueFrom:
                 secretKeyRef:
-                  name: mongodb-credentials
+                  name: mongo-secret
                   key: MONGO_INITDB_ROOT_PASSWORD
           volumeMounts:
             - name: mongodb-data
@@ -40,3 +40,14 @@ spec:
         - name: mongodb-data
           persistentVolumeClaim:
             claimName: mongo-pvc
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mongo-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 2Gi

code/kubernetes/scripts/README.md

@@ -13,18 +13,20 @@ $ ./create-cluster.sh
 ```
 ### 2. Deployment 
 
-Builds and pushes Docker images to **Google Container Registry (GCR)**, and deploys all services to the cluster using `kubectl`
+Deploys all services and components to the cluster using `kubectl`.
 
 ```bash
 $ ./deploy.sh
 ```
 
-#### Optional: Skip Image Build & Push
+This will deploy using the latest available Docker images in **Google Container Registry (GCR)**.
 
-If you've already built and pushed your Docker images, you can skip that step to speed up re-deployments:
+#### Optional: Build & Push
+
+If you want to build and push the Docker images before deploying, use the --build flag:
 
 ```bash
-$ ./deploy.sh --skip-build
+$ ./deploy.sh --build
 ```
 
 ### 3. View Cluster Info

code/kubernetes/scripts/deploy.sh

@@ -1,62 +1,75 @@
 #!/bin/bash
 set -e
 
+BUILD=false
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
 PROJECT_ID="threadit-api"
 CLUSTER_NAME="threadit-cluster"
 ZONE="europe-west1-b"
+SERVICES=(db community thread comment vote search popular)
 
-SKIP_BUILD=false
-
-# Check for --skip-build flag
-if [[ "$1" == "--skip-build" ]]; then
-  SKIP_BUILD=true
-  echo "Skipping image build and push..."
-fi
-
+# Set project and set up cluster context
 gcloud config set project $PROJECT_ID
+gcloud container clusters get-credentials $CLUSTER_NAME --zone=$ZONE
 
-# Auth Docker with GCR
-gcloud auth configure-docker
+GCS_KEY="gcs-key"
+BUCKET_SECRET=$(gcloud secrets versions access latest --secret=$GCS_KEY)
+MONGO_USER=$(gcloud secrets versions access latest --secret="mongo-user")
+MONGO_PASS=$(gcloud secrets versions access latest --secret="mongo-pass")
 
-# Move to repo code root (Threadit/code/)
-cd "$(dirname "$0")/../../"
+# Check for --build flag
+if [[ "$1" == "--build" ]]; then
+  BUILD=true
+  echo "Building and pushing images..."
+fi
+
+# Build and push docker images
+build_and_push_images() {
+  cd "$SCRIPT_DIR/../../" || exit 1
 
-# Services list
-SERVICES=(db-service community-service thread-service comment-service vote-service search-service popular-service)
+  gcloud auth configure-docker
 
-if [ "$SKIP_BUILD" = false ]; then
-  # Build and push all service images
   for SERVICE in "${SERVICES[@]}"; do
-    docker build -t gcr.io/$PROJECT_ID/$SERVICE:latest -f services/$SERVICE/Dockerfile .
-    docker push gcr.io/$PROJECT_ID/$SERVICE:latest
+    docker build -t gcr.io/$PROJECT_ID/"$SERVICE-service":latest -f services/"$SERVICE-service"/Dockerfile .
+    docker push gcr.io/$PROJECT_ID/"$SERVICE-service":latest
   done
 
-  # gRPC Gateway
   docker build -t gcr.io/$PROJECT_ID/grpc-gateway:latest -f grpc-gateway/Dockerfile .
   docker push gcr.io/$PROJECT_ID/grpc-gateway:latest
-fi
 
-# Move to Kubernetes directory
-cd kubernetes
+  cd "$SCRIPT_DIR" || exit 1
+}
 
-# Authenticate and set up cluster context
-gcloud container clusters get-credentials $CLUSTER_NAME --zone=$ZONE
+# Build and push images if --build is passed
+if [ "$BUILD" = true ]; then
+  build_and_push_images
+fi
 
-# Apply general config
-kubectl apply -n $CLUSTER_NAME -f config.yaml
+cd "$SCRIPT_DIR/.." || exit 1
 
-# Traefik
+# Deploy traefik
+helm repo add traefik https://traefik.github.io/charts
+helm repo update
 helm upgrade --install traefik traefik/traefik -n $CLUSTER_NAME -f traefik/values.yaml
+
 kubectl apply -n $CLUSTER_NAME -f traefik/cors.yaml
 kubectl apply -n $CLUSTER_NAME -f traefik/strip-prefix.yaml
 
-# MongoDB
+# Deploy threadit application
+kubectl create secret generic "bucket-secret" \
+  --from-literal="$GCS_KEY.json=$BUCKET_SECRET" \
+  -n $CLUSTER_NAME --dry-run=client -o yaml | kubectl apply -f -
+
+kubectl create secret generic "mongo-secret" \
+  --from-literal="MONGO_INITDB_ROOT_USERNAME=$MONGO_USER" \
+  --from-literal="MONGO_INITDB_ROOT_PASSWORD=$MONGO_PASS" \
+  -n $CLUSTER_NAME --dry-run=client -o yaml | kubectl apply -f -
+
+kubectl apply -n $CLUSTER_NAME -f config.yaml
 kubectl apply -n $CLUSTER_NAME -f mongo/
 
-# Services
 for SERVICE in "${SERVICES[@]}"; do
-  kubectl apply -n $CLUSTER_NAME -f services/$SERVICE/
+  kubectl apply -n $CLUSTER_NAME -f services/"$SERVICE-service"/
 done
 
-# gRPC Gateway
 kubectl apply -n $CLUSTER_NAME -f grpc-gateway/

code/kubernetes/services/db-service/deployment.yaml

@@ -28,17 +28,17 @@ spec:
               value: "mongodb://$(MONGO_INITDB_ROOT_USERNAME):$(MONGO_INITDB_ROOT_PASSWORD)@mongodb:27017/$(MONGO_INITDB_DATABASE)?authSource=admin"
           envFrom:
             - secretRef:
-                name: mongodb-credentials
+                name: mongo-secret
             - configMapRef:
                 name: threadit-config
           volumeMounts:
             - mountPath: /var/secret/gcp/
-              name: gcs-credentials
+              name: bucket-credentials
               readOnly: true
       volumes:
-        - name: gcs-credentials
+        - name: bucket-credentials
           secret:
-            secretName: db-secret
+            secretName: bucket-secret
             items:
               - key: gcs-key.json
                 path: gcs-key.json