Updated README.md

README.md

@@ -1,2 +1,63 @@
 # Utility-DB-Postgres
 
+A template repo for managing Postgres/postgis databases through Jenkins.
+
+> NOTE: The steps below are not for this repo, but for those using it as a template.
+
+## Bootstrapping
+> If needed, steps starting with `[sudo]` require elevated permissions.
+
+1. Create a new repository by clicking the "Use this template" button on the template repo page.
+1. Configure the new repo settings. At the bottom, select `Template Items` -> `Git Content`.
+1. Create the new repo.
+1. Pull new repo to local PC.
+1. [sudo] Give the setup script permission to execute:
+    ```bash
+    chmod +x template/setup.sh
+    ```
+1. [sudo] Run the start script and fill in the prompts:
+    ```bash
+    ./template/setup.sh
+    ```
+
+## Running Locally
+> This works only if the required files have been made during the bootstrap process.
+1. You need to have Docker locally installed
+1. From the repository root directory:
+    ```bash
+    ./start.sh
+    ```
+1. You should see a `data` folder pop up. This is where the local DB data is stored.
+1. Verify you can connect with the default user `postgres` and the password you provided.
+
+## Deploying
+If you configured the Sciocatti Jenkins pipeline during bootstrap, deployment happens automatically on branch `main`.
+The point is to serve as a GitOps "source of truth", so be wary when making changes as it will reflect.
+
+These will be deployed to node ports on the cluster with ports as per the `deployment.yaml` specs in the `cicd` folder.
+
+> Due note that branches eligible for deployments are configured on the Jenkins server, as deployments happen transparently to developers.
+
+> Note that the bootstrapped repo has to be in a organization where the Jenkins user has visibility, and the organization must be configured and linked to the Jenkins server.
+
+> Note that you have to configure a Jenkins secret, reachable by the script when deploying. This secret ID must be passed in during the bootstrap process.
+
+## MultiArch images
+> For Mac M1 chips the standard postgis/postgis woooorks, but with warnings and without guarantees.
+
+I prefer using the image from postgis/postgis, but unfortunately their image only supports AMD. This is a issue for Mac M-series chips, and Raspberry Pi 4s.
+A workaround I am using for both AMD and ARM support:
+```bash
+# Pull image from https://github.com/baosystems/docker-postgis/pkgs/container/postgis
+docker pull ghcr.io/baosystems/postgis:11-3.3
+# Retag to save to my own registry
+docker tag ghcr.io/baosystems/postgis:11-3.3 192.168.195.195:30000/postgis:11-3.3
+# Push to repo
+docker push 192.168.195.195:30000/postgis:11-3.3
+```
+
+If you don't want to depend on baosystems, or if they don't support your version, then you should also be able to build the image
+for Arm yourself as per [this suggestion](https://github.com/postgis/docker-postgis/issues/216#issuecomment-809347656)
+
+
+utils-postgres-stage-pwd

template/Jenkinsfile

@@ -24,10 +24,13 @@ spec:
         stage('Kubernetes Deploy') {
                 steps {
                     container("deploy") {
+                      withCredentials([string(credentialsId: "{{deploySecret}}", variable: "postgresPassword")]) {
                         sh 'curl -LO "https://storage.googleapis.com/kubernetes-release/release/v1.24.3/bin/linux/arm64/kubectl"'  
                         sh 'chmod u+x ./kubectl'  
                         sh 'sed -ie "s/{{replaceMe}}/`date +%s`/g" `pwd`/cicd/'+env.BRANCH_NAME+'/deployment.yaml'
-                        sh './kubectl replace -f `pwd`/cicd/'+env.BRANCH_NAME+'/deployment.yaml'
+                        sh 'sed -ie "s/{{postgresPassword}}/${postgresPassword}/g" `pwd`/cicd/'+env.BRANCH_NAME+'/deployment.yaml'
+                        sh './kubectl apply -f `pwd`/cicd/'+env.BRANCH_NAME+'/deployment.yaml'
+                      }
                     }
                 }
             }

template/deployment.yaml

@@ -1,12 +1,12 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{k3sApp}}-{{k3sEnv}}-svc
+  name: {{k3sApp}}-svc
   namespace: {{k3sNamespace}}
 spec:
   type: NodePort
   selector:
-    app: {{k3sApp}}-{{k3sEnv}}
+    app: {{k3sApp}}
   ports:
     - name: http
       nodePort: {{k3sport}}
@@ -17,35 +17,36 @@ spec:
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{k3sApp}}-{{k3sEnv}}
+  name: {{k3sApp}}
   namespace: {{k3sNamespace}}
 spec:
   replicas: 1
-  strategy:
-    rollingUpdate:
-      maxSurge: 1
-      maxUnavailable: 1
-    type: RollingUpdate
   selector:
     matchLabels:
-      app: {{k3sApp}}-{{k3sEnv}}
+      app: {{k3sApp}}
   template:
     metadata:
       labels:
-        app: {{k3sApp}}-{{k3sEnv}}
+        app: {{k3sApp}}
         delpoymentDate: "{{replaceMe}}"
     spec:
       containers:
-        - name: {{k3sApp}}-{{k3sEnv}}
+        - name: postgis
-          image: 192.168.195.195:30000/{{k3sApp}}:{{k3sEnv}}
+          image: {{k3sContainerBase}}
           imagePullPolicy: Always
+          env:
+          - name: POSTGRES_PASSWORD
+            value: {{postgresPassword}}
+          - name: PGDATA
+            value: /var/lib/postgresql/data/pgdata
           ports:
             - name: http
               containerPort: 5432
-          readinessProbe:
+          volumeMounts:
-            httpGet:
+          - mountPath: /var/lib/postgresql/data
-              path: /
+            name: postgis-volume
-              port: 5432
+      volumes:
-            initialDelaySeconds: 5
+      - name: postgis-volume
-            periodSeconds: 5
+        hostPath:
-            successThreshold: 1
+          path: /home/victor/cluster/postgis/{{k3sApp}}
+          type: ""

template/setup.sh

@@ -14,11 +14,13 @@ then
     echo "Configuring local settings"
     read -p "    Local port to expose DB on? [eg 5432] " localPort
     read -p "    Postgres container to use? [eg postgis/postgis:latest] " localContainer
+    read -p "    Superuser password? " postgresPassword
 
     echo "    Creating start script"
     cp template/start.sh start.sh
     sed -ie "s|{{localPort}}|$localPort|g" start.sh
     sed -ie "s|{{localContainer}}|$localContainer|g" start.sh
+    sed -ie "s|{{postgresPassword}}|$postgresPassword|g" start.sh
     chmod +x start.sh
     rm start.she
 fi
@@ -30,11 +32,11 @@ then
     echo "Configuring deployment settings. See the Readme for info on deployable branches."
     read -p "    K3S App name: " k3sApp
     read -p "    K3S namespace: [eg utility] " k3sNamespace
-    read -p "    K3S base container: [eg postgis/postgis:latest] " k3sContainerBase
+    read -p "    K3S container: [eg postgis/postgis:latest] " k3sContainerBase
     read -p "    K3S NodePort: " k3sport
+    read -p "    Superuser Password Secret ID: " deploySecret
 
     k3sportMain=$((k3sport+1))
-    k3sportStage=$((k3sport+2))
 
     echo "Creating Folders"
     echo "    Creating cicd/"
@@ -46,26 +48,30 @@ then
     echo "    Loading cicd/Jenkinsfile"
     cp template/Jenkinsfile cicd/Jenkinsfile
     sed -ie "s|{{k3sApp}}|$k3sApp|g" cicd/Jenkinsfile
+    sed -ie "s|{{deploySecret}}|$deploySecret|g" cicd/Jenkinsfile
     rm cicd/Jenkinsfilee
 
     echo "    Loading main"
     k3sEnv=main
     echo "        Loading cicd/main/Dockerfile"
     cp template/Dockerfile cicd/main/Dockerfile
+    sed -ie "s|{{k3sApp}}|$k3sApp|g" cicd/main/Dockerfile
+    sed -ie "s|{{k3sNamespace}}|$k3sNamespace|g" cicd/main/Dockerfile
     sed -ie "s|{{k3sContainerBase}}|$k3sContainerBase|g" cicd/main/Dockerfile
+    sed -ie "s|{{k3sport}}|$k3sport|g" cicd/main/Dockerfile
     rm cicd/main/Dockerfilee
 
     echo "        Loading cicd/main/deployment.yaml"
     cp template/deployment.yaml cicd/main/deployment.yaml
     sed -ie "s|{{k3sApp}}|$k3sApp|g" cicd/main/deployment.yaml
-    sed -ie "s|{{k3sport}}|$k3sportMain|g" cicd/main/deployment.yaml
+    sed -ie "s|{{k3sport}}|$k3sport|g" cicd/main/deployment.yaml
     sed -ie "s|{{k3sNamespace}}|$k3sNamespace|g" cicd/main/deployment.yaml
-    sed -ie "s|{{k3sEnv}}|$k3sEnv|g" cicd/main/deployment.yaml
+    sed -ie "s|{{k3sContainerBase}}|$k3sContainerBase|g" cicd/main/deployment.yaml
     rm cicd/main/deployment.yamle
 
 fi
 
 echo "Removing template folder"
-rm -rf template
+# rm -rf template
 
 echo "Thank you! Happy building..."

template/start.sh

@@ -3,4 +3,4 @@ echo ""
 echo "Starting an Postgres container listening on http://localhost:{{localPort}}"
 echo ""
 echo ""
-docker run --rm -v $(pwd)/data/:/var/lib/postgresql/data/ -p {{localPort}}:80 {{localContainer}}
+docker run --rm -v $(pwd)/data/:/var/lib/postgresql/data/ -e POSTGRES_PASSWORD={{postgresPassword}} -p {{localPort}}:80 {{localContainer}}