Skip to content

Commit a575a0c

Browse files
authored
Merge pull request #1562 from swisstopo/develop
Release Candidate 1.1.0
2 parents 5ab5f85 + c83ddcf commit a575a0c

File tree

334 files changed

+26582
-22008
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

334 files changed

+26582
-22008
lines changed

.env

Lines changed: 17 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,17 @@
1-
# Database
2-
PGUSER=www-data
3-
PGPASSWORD=www-data
4-
PGHOST=db
5-
PGPORT=5432
6-
PGDATABASE=swissgeol-local
7-
8-
# SQLx
9-
DATABASE_URL=postgres://${PGUSER}:${PGPASSWORD}@${PGHOST}:${PGPORT}/${PGDATABASE}
10-
11-
# S3
12-
S3_AWS_REGION=eu-west-1
13-
AWS_ACCESS_KEY_ID=minio
14-
AWS_SECRET_ACCESS_KEY=minio123
1+
# Database
2+
PGUSER=www-data
3+
PGPASSWORD=www-data
4+
PGHOST=db
5+
PGPORT=5432
6+
PGDATABASE=swissgeol-local
7+
8+
# SQLx
9+
DATABASE_URL=postgres://${PGUSER}:${PGPASSWORD}@${PGHOST}:${PGPORT}/${PGDATABASE}
10+
11+
# S3
12+
S3_AWS_REGION=eu-west-1
13+
AWS_ACCESS_KEY_ID=minio
14+
AWS_SECRET_ACCESS_KEY=minio123
15+
16+
#DEBUG
17+
RUST_BACKTRACE=1

.github/ISSUE_TEMPLATE/1-issue.md

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
---
2+
name: Issue
3+
about: Beschreibe eine neue Aufgabe
4+
title: ""
5+
labels: ""
6+
assignees: ""
7+
---
8+
9+
**Beschreibung**
10+
11+
Eine klare und präzise Beschreibung der Ausgangssituation, der Problematik sowie bereits bekannter Lösungsansätze.
12+
13+
**Abgrenzung**
14+
15+
Nicht beachtet in dieser Aufgabe wird die Suche nach der Frage.
16+
17+
**Acceptance Criteria**
18+
19+
- [ ] Die Antwort muss 42 sein.
20+
- [ ] ...

.github/ISSUE_TEMPLATE/2-bug.md

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
---
2+
name: Bug
3+
about: Melde einen neuen Bug
4+
title: "Bug: "
5+
labels: bug
6+
assignees: ""
7+
---
8+
9+
**Beschreibung**
10+
Eine klare und präzise Beschreibung des Problems.
11+
12+
**Schritte zum Reproduzieren**
13+
14+
1. Gehe zur Seite '....'
15+
2. Klicke auf '....'
16+
3. Scrolle zu '....'
17+
4. Ein Fehler erscheint
18+
19+
**Beobachtetes Verhalten**
20+
Eine Beschreibung des Fehlverhaltens.
21+
22+
**Erwartetes Verhalten**
23+
Eine Beschreibung des eigentlich erwarteten Verhaltens
24+
25+
**Screenshots**
26+
Zeige Screenshots, wenn vorhanden und hilfreich.
27+
28+
**Plattform**
29+
Falls relevant:
30+
31+
- Device: [e.g. Desktop, iPhone6]
32+
- OS: [e.g. Windows, iOS8.1]
33+
- Browser [e.g. firefox, edge]
34+
- Mobile Version [e.g. 22]

.github/actions/create-image/action.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,3 +69,5 @@ runs:
6969
no-cache: true
7070
build-args: |
7171
APP_VERSION=${{ inputs.VERSION }}
72+
secrets: |
73+
github_token=${{ inputs.GITHUB_TOKEN }}
Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
name: "Deploy K8s Chart"
2+
description: "Deploys a Kubernetes Chart"
3+
inputs:
4+
TARGET_ENV:
5+
description: "The environment to which the chart is deployed."
6+
required: true
7+
DEPLOYMENT_NAME:
8+
description: "The deployment's name under which it will appear in Kubernetes."
9+
required: true
10+
REPO_PATH:
11+
description: "The path at which the Helm charts can be found within the repo."
12+
required: true
13+
VAULT_PATH:
14+
description: "The path at which the chart's secrets can be found within the Vault."
15+
required: true
16+
17+
runs:
18+
using: "composite"
19+
steps:
20+
- name: "Load secrets"
21+
id: load-secrets
22+
uses: hashicorp/vault-action@v3
23+
with:
24+
url: https://swisstopo-vault-public-vault-d680830d.382257a9.z1.hashicorp.cloud:8200
25+
method: jwt
26+
namespace: admin/igi/igi-cloud/swisstopo-ngm
27+
secrets: |
28+
viewer/data/${{ inputs.TARGET_ENV }} kubeconfig | KUBECONFIG;
29+
viewer/data/${{ inputs.TARGET_ENV }}/${{ inputs.VAULT_PATH }} helm_values | HELM_VALUES;
30+
viewer/data/${{ inputs.TARGET_ENV }}/${{ inputs.VAULT_PATH }} helm_secrets | HELM_SECRETS;
31+
viewer/data/${{ inputs.TARGET_ENV }}/${{ inputs.VAULT_PATH }} namespace | K8S_NAMESPACE;
32+
33+
- name: "Write values to file"
34+
shell: bash
35+
run: |
36+
cat <<'EOF' > ./k8s/values.yaml
37+
${{ env.HELM_VALUES }}
38+
EOF
39+
40+
- name: "Write secrets to file"
41+
shell: bash
42+
run: |
43+
cat <<'EOF' > ./k8s/secrets.yaml
44+
${{ env.HELM_SECRETS }}
45+
EOF
46+
47+
- name: "Write kubeconfig to file"
48+
shell: bash
49+
run: |
50+
cat <<'EOF' > kubeconfig.yaml
51+
${{ env.KUBECONFIG }}
52+
EOF
53+
54+
- name: "Deploy helm charts"
55+
shell: bash
56+
run: |
57+
helm upgrade --install ${{ inputs.DEPLOYMENT_NAME }} ${{ inputs.REPO_PATH }} \
58+
--values ./k8s/values.yaml \
59+
--values ./k8s/secrets.yaml \
60+
--kubeconfig $(pwd)/kubeconfig.yaml \
61+
--namespace ${{ env.K8S_NAMESPACE }}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
name: "Deploy K8s Suite"
2+
description: "Deploys an entire Viewer Suite to K8s"
3+
inputs:
4+
TARGET_ENV:
5+
description: "The environment to which the chart is deployed."
6+
required: true
7+
AWS_ROLE:
8+
description: "The AWS role to assume."
9+
required: true
10+
AWS_REGION:
11+
description: "The AWS region to deploy to."
12+
required: true
13+
14+
runs:
15+
using: "composite"
16+
steps:
17+
- name: "Setup kubectl"
18+
uses: azure/setup-kubectl@v4
19+
- name: "Install helm"
20+
uses: azure/setup-helm@v4
21+
- name: "Configure AWS credentials from AWS account"
22+
uses: aws-actions/configure-aws-credentials@v4
23+
with:
24+
role-to-assume: ${{ inputs.AWS_ROLE }}
25+
aws-region: ${{ inputs.AWS_REGION }}
26+
role-session-name: GitHub-OIDC
27+
retry-max-attempts: 3
28+
29+
- name: "Deploy viewer"
30+
uses: ./.github/actions/deploy-k8s-chart
31+
with:
32+
TARGET_ENV: ${{ inputs.TARGET_ENV }}
33+
DEPLOYMENT_NAME: "swissgeol-viewer"
34+
REPO_PATH: ./k8s
35+
VAULT_PATH: "viewer"
36+

.github/scripts/wait_for_service.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ if [ ! -n "$SERVICE_NAME" ]; then
99
fi
1010

1111
for i in $(seq 1 $MAX_RETRY_COUNT); do
12-
if [ "$(docker inspect -f '{{.State.Health.Status}}' "swissgeol-viewer-app-$SERVICE_NAME-1")" == "healthy" ]; then
12+
if [ "$(docker inspect -f '{{.State.Health.Status}}' "swissgeol-viewer-suite-$SERVICE_NAME-1")" == "healthy" ]; then
1313
echo "Service $SERVICE_NAME is healthy!"
1414
exit 0
1515
else

.github/workflows/code-quality.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,8 @@ jobs:
7474
restore-keys: |
7575
${{ runner.os }}-node_modules-
7676
- name: Install node dependencies
77+
env:
78+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
7779
run: cd ui && npm ci
7880

7981

.github/workflows/deploy-k8s.yml

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
name: Deploy K8s
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
env:
7+
type: choice
8+
description: The environment to which the Kubernetes config is deployed.
9+
options:
10+
- dev
11+
- int
12+
- prod
13+
14+
permissions:
15+
contents: read
16+
id-token: write
17+
18+
env:
19+
TARGET_ENV: ${{ github.event.inputs.env || 'dev' }}
20+
21+
jobs:
22+
deploy-viewer:
23+
name: "deploy viewer"
24+
runs-on: ubuntu-latest
25+
steps:
26+
- name: "Select AWS_ROLE"
27+
id: select-aws-role
28+
env:
29+
DEV_ROLE: ${{ secrets.AWS_ROLE_DEV }}
30+
INT_ROLE: ${{ secrets.AWS_ROLE_INT }}
31+
PROD_ROLE: ${{ secrets.AWS_ROLE_PROD }}
32+
run: |
33+
VAR_NAME="${TARGET_ENV^^}_ROLE"
34+
AWS_ROLE="${!VAR_NAME}"
35+
echo "AWS_ROLE=$AWS_ROLE" >> $GITHUB_OUTPUT
36+
- name: "Checkout repository"
37+
uses: actions/checkout@v4
38+
- name: "Deploy"
39+
uses: ./.github/actions/deploy-k8s-suite
40+
with:
41+
TARGET_ENV: ${{ env.TARGET_ENV }}
42+
AWS_ROLE: ${{ steps.select-aws-role.outputs.AWS_ROLE }}
43+
AWS_REGION: ${{ secrets.AWS_REGION }}

.github/workflows/deploy.yml

Lines changed: 0 additions & 65 deletions
This file was deleted.

.github/workflows/earthquakes.yml

Lines changed: 0 additions & 32 deletions
This file was deleted.
Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
name: Fetch Earthquakes
2+
3+
on:
4+
workflow_dispatch:
5+
6+
# Run this workflow every night
7+
schedule:
8+
- cron: '0 10 * * *'
9+
10+
jobs:
11+
fetch-earthquakes:
12+
name: "fetch earthquakes"
13+
runs-on: ubuntu-latest
14+
env:
15+
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
16+
AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID_DOWNLOAD}}
17+
AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY_DOWNLOAD}}
18+
AWS_DEFAULT_REGION: eu-west-1
19+
steps:
20+
- name: 'Fetch last 90 days'
21+
run: |
22+
FILENAME="earthquakes_last_90d.txt"
23+
STARTTIME=$(date -d '-90 days' +'%FT%H:%M:%S')
24+
ENDTIME=$(date +'%FT%H:%M:%S')
25+
curl --fail "http://arclink.ethz.ch/fdsnws/event/1/query?starttime=$STARTTIME&endtime=$ENDTIME&minmagnitude=1&format=text&nodata=404&EventType=earthquake" > $FILENAME
26+
aws s3 --debug cp --cache-control no-cache $FILENAME s3://ngmpub-download-bgdi-ch/earthquakes/
27+
- name: 'Fetch all with a magnitude greater than three'
28+
run: |
29+
FILENAME="earthquakes_magnitude_gt_3.txt"
30+
STARTTIME="1979-01-01T00:00:00"
31+
ENDTIME=$(date +'%FT%H:%M:%S')
32+
curl --fail "http://arclink.ethz.ch/fdsnws/event/1/query?starttime=$STARTTIME&endtime=$ENDTIME&minmagnitude=3&format=text&nodata=404&EventType=earthquake" > $FILENAME
33+
aws s3 --debug cp --cache-control no-cache $FILENAME s3://ngmpub-download-bgdi-ch/earthquakes/

0 commit comments

Comments
 (0)