ordinarthur/wetalk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add backend API (Hono/Bun) for metadata proxying + fullstack K8s deploy
Some checks failed
Build & Deploy / build-and-deploy (push) Failing after 2m26s
Details

Browse Source
This commit is contained in:
ordinarthur 2026-04-13 11:24:40 +02:00
parent 569b5a5846
commit 1ae040cdd3
6 changed files with 87 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
.gitea/workflows/deploy.yml
View File

@ -6,7 +6,8 @@ on:
env: env:
REGISTRY: git.arthurbarre.fr REGISTRY: git.arthurbarre.fr
IMAGE: ordinarthur/wetalk IMAGE_FRONT: ordinarthur/wetalk
IMAGE_API: ordinarthur/wetalk-api
NAMESPACE: wetalk NAMESPACE: wetalk
jobs: jobs:
@ -23,17 +24,27 @@ jobs:
username: ordinarthur username: ordinarthur
password: ${{ secrets.REGISTRY_PASSWORD }} password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Build and push image - name: Build and push frontend
uses: docker/build-push-action@v5 uses: docker/build-push-action@v5
with: with:
context: . context: .
push: true push: true
tags: | tags: |
${{ env.REGISTRY }}/${{ env.IMAGE }}:latest ${{ env.REGISTRY }}/${{ env.IMAGE_FRONT }}:latest
${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ github.sha }} ${{ env.REGISTRY }}/${{ env.IMAGE_FRONT }}:${{ github.sha }}
build-args: | build-args: |
VITE_SUPABASE_URL=${{ secrets.VITE_SUPABASE_URL }} VITE_SUPABASE_URL=${{ secrets.VITE_SUPABASE_URL }}
VITE_SUPABASE_ANON_KEY=${{ secrets.VITE_SUPABASE_ANON_KEY }} VITE_SUPABASE_ANON_KEY=${{ secrets.VITE_SUPABASE_ANON_KEY }}
VITE_API_URL=
- name: Build and push API
uses: docker/build-push-action@v5
with:
context: ./api
push: true
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_API }}:latest
${{ env.REGISTRY }}/${{ env.IMAGE_API }}:${{ github.sha }}
- name: Install kubectl - name: Install kubectl
run: | run: |
@ -57,13 +68,21 @@ jobs:
--docker-password=${{ secrets.REGISTRY_PASSWORD }} \ --docker-password=${{ secrets.REGISTRY_PASSWORD }} \
--dry-run=client -o yaml | kubectl apply -f - --dry-run=client -o yaml | kubectl apply -f -
# Create API secrets
kubectl -n $NAMESPACE create secret generic wetalk-api-secrets \
--from-literal=SPOTIFY_CLIENT_ID=${{ secrets.SPOTIFY_CLIENT_ID }} \
--from-literal=SPOTIFY_CLIENT_SECRET=${{ secrets.SPOTIFY_CLIENT_SECRET }} \
--from-literal=YOUTUBE_API_KEY=${{ secrets.YOUTUBE_API_KEY }} \
--dry-run=client -o yaml | kubectl apply -f -
# Apply manifests # Apply manifests
kubectl apply -f k8s/service.yml kubectl apply -f k8s/service.yml
kubectl apply -f k8s/deployment.yml kubectl apply -f k8s/deployment.yml
# Force rollout with new image # Force rollout with new images
kubectl -n $NAMESPACE set image deployment/wetalk \ kubectl -n $NAMESPACE set image deployment/wetalk \
wetalk=$REGISTRY/$IMAGE:${{ github.sha }} wetalk=$REGISTRY/$IMAGE_FRONT:${{ github.sha }} \
wetalk-api=$REGISTRY/$IMAGE_API:${{ github.sha }}
# Wait for rollout # Wait for rollout
kubectl -n $NAMESPACE rollout status deployment/wetalk --timeout=120s kubectl -n $NAMESPACE rollout status deployment/wetalk --timeout=120s

1
Dockerfile
View File

@ -5,6 +5,7 @@ RUN npm ci
COPY . . COPY . .
ARG VITE_SUPABASE_URL ARG VITE_SUPABASE_URL
ARG VITE_SUPABASE_ANON_KEY ARG VITE_SUPABASE_ANON_KEY
ARG VITE_API_URL
RUN ./node_modules/.bin/vite build RUN ./node_modules/.bin/vite build
FROM nginx:alpine FROM nginx:alpine

2
api/.dockerignore Normal file
View File

@ -0,0 +1,2 @@
node_modules
.env

8
api/Dockerfile Normal file
View File

@ -0,0 +1,8 @@
FROM oven/bun:1-alpine
WORKDIR /app
COPY package.json bun.lock* ./
RUN bun install --frozen-lockfile || bun install
COPY . .
EXPOSE 3001
HEALTHCHECK --interval=30s --timeout=3s CMD wget -q --spider http://localhost:3001/health || exit 1
CMD ["bun", "run", "src/index.ts"]

43
k8s/deployment.yml
View File

@ -37,5 +37,48 @@ spec:
limits: limits:
memory: "64Mi" memory: "64Mi"
cpu: "100m" cpu: "100m"
- name: wetalk-api
image: git.arthurbarre.fr/ordinarthur/wetalk-api:latest
ports:
- containerPort: 3001
env:
- name: SPOTIFY_CLIENT_ID
valueFrom:
secretKeyRef:
name: wetalk-api-secrets
key: SPOTIFY_CLIENT_ID
- name: SPOTIFY_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: wetalk-api-secrets
key: SPOTIFY_CLIENT_SECRET
- name: YOUTUBE_API_KEY
valueFrom:
secretKeyRef:
name: wetalk-api-secrets
key: YOUTUBE_API_KEY
- name: PORT
value: "3001"
livenessProbe:
httpGet:
path: /health
port: 3001
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /health
port: 3001
initialDelaySeconds: 3
periodSeconds: 10
resources:
requests:
memory: "32Mi"
cpu: "10m"
limits:
memory: "128Mi"
cpu: "200m"
imagePullSecrets: imagePullSecrets:
- name: gitea-registry - name: gitea-registry

8
nginx.conf
View File

@ -3,6 +3,14 @@ server {
root /usr/share/nginx/html; root /usr/share/nginx/html;
index index.html; index index.html;
location /api/ {
proxy_pass http://localhost:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / { location / {
try_files $uri $uri/ /index.html; try_files $uri $uri/ /index.html;
} }