Skip to content

Commit

Permalink
pgo changes
Browse files Browse the repository at this point in the history
  • Loading branch information
ranchodeluxe committed Jun 16, 2024
1 parent a232fd4 commit 01770a5
Show file tree
Hide file tree
Showing 37 changed files with 1,149 additions and 512 deletions.
9 changes: 0 additions & 9 deletions .github/ISSUE_TEMPLATE/bug_report.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,6 @@ body:
value: |
Thanks for taking the time to fill out this bug report!
- type: input
id: title
attributes:
label: Title
description: A clear and concise title of the issue
placeholder: "Type the issue title here"
validations:
required: true

- type: checkboxes
id: labels
attributes:
Expand Down
9 changes: 0 additions & 9 deletions .github/ISSUE_TEMPLATE/feature_request.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,6 @@ body:
value: |
Thanks for taking the time to suggest a feature!
- type: input
id: title
attributes:
label: Title
description: A clear and concise title of the feature request
placeholder: "Type the feature title here"
validations:
required: true

- type: textarea
id: description
attributes:
Expand Down
73 changes: 37 additions & 36 deletions .github/workflows/helm-tests.yml
View file
Original file line number Diff line number Diff line change
@@ -1,44 +1,47 @@
name: CI


# On every pull request, but only on push to main
on:
push:
branches:
- main
paths: []
# only run jobs if some code have changed
#- 'helm-chart/eoapi/**'
branches: [ "main" ]
pull_request:
branches:
- main
branches: [ "main" ]
types: [ opened, reopened, synchronize, labeled ]

jobs:
helm-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: d3adb5/helm-unittest-action@v2
with:
helm-version: v3.8.2
helm-version: v3.15.2
github-token: ${{ secrets.GITHUB_TOKEN }}

- run: |
cd helm-chart
helm unittest eoapi -f 'tests/*.yaml' -v eoapi/test-helm-values.yaml
integration-tests:
if: github.event.pull_request.head.repo.full_name == github.repository
integration-tests-gcp:
# run on:
# - all pushes to specified branch(es)
# - a PR was just labeled 'test-integration'
# - a PR with 'test-integration' label was opened, reopened, or synchronized
if: |
github.event_name == 'push' ||
github.event.label.name == 'test-integration-gcp' ||
contains( github.event.pull_request.labels.*.name, 'test-integration-gcp')
permissions:
contents: 'read'
id-token: 'write'
needs: helm-tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: azure/setup-helm@v3
- uses: azure/setup-helm@v4
with:
version: v3.8.2
token: ${{ secrets.GITHUB_TOKEN }}
version: v3.15.2
#token: ${{ secrets.GITHUB_TOKEN }}

- name: last commit sha if PR
if: ${{ github.event_name == 'pull_request' }}
Expand All @@ -60,13 +63,13 @@ jobs:
echo "RELEASE_NAME=eoapi$COMMITSHA$SALT" >> $GITHUB_ENV
- id: 'auth'
uses: 'google-github-actions/auth@v1'
uses: 'google-github-actions/auth@v2'
with:
service_account: '[email protected]'
credentials_json: ${{ secrets.GH_ACTIONS_SA_JSON }}

- name: setup gcloud sdk
uses: google-github-actions/setup-gcloud@v1
uses: google-github-actions/setup-gcloud@v2
with:
version: '>= 363.0.0'
project_id: 'devseed-labs'
Expand All @@ -78,24 +81,13 @@ jobs:
- name: helm render/install eoapi templates
run: |
export PGUSER=username
export POSTGRES_USER=username
export PGPASSWORD=password
export POSTGRES_PASSWORD=password
export GITSHA='${{github.sha}}'
cd helm-chart
helm install $RELEASE_NAME \
--namespace eoapitest \
--namespace $RELEASE_NAME \
--create-namespace \
--set db.settings.secrets.POSTGRES_HOST=pgstac-$RELEASE_NAME \
--set db.settings.secrets.POSTGRES_HOST_READER=pgstac-$RELEASE_NAME \
--set db.settings.secrets.POSTGRES_HOST_WRITER=pgstac-$RELEASE_NAME \
--set db.settings.secrets.PGUSER=$PGUSER \
--set db.settings.secrets.POSTGRES_USER=$POSTGRES_USER \
--set db.settings.secrets.PGPASSWORD=$PGPASSWORD \
--set db.settings.secrets.POSTGRES_PASSWORD=$POSTGRES_PASSWORD \
-f ./eoapi/values.yaml \
-f ./eoapi/test-unittest-values.yaml \
./eoapi
Expand All @@ -109,7 +101,7 @@ jobs:
timeout-minutes: 10
continue-on-error: true
run: |
kubectl config set-context --current --namespace=eoapitest
kubectl config set-context --current --namespace=$RELEASE_NAME
while [[ -z "$(kubectl get pod | grep "^raster-$RELEASE_NAME-.*$" | cut -d' ' -f1 | xargs -I{} kubectl logs pod/{} | grep "GET /.*/healthz" | head -n 1)" ]]; do
echo "still waiting for raster service to start..."
sleep 1
Expand All @@ -131,6 +123,9 @@ jobs:
run: |
echo "The previous step failed or timed out. Running cleanup logic..."
helm uninstall $RELEASE_NAME
kubectl delete ns/$RELEASE_NAME
# force GH action to show failed result
exit 128
Expand All @@ -145,7 +140,7 @@ jobs:
id: testrunner
continue-on-error: true
run: |
kubectl config set-context --current --namespace=eoapitest
kubectl config set-context --current --namespace=$RELEASE_NAME
PUBLICIP='http://'$(kubectl -n ingress-nginx get svc/ingress-nginx-controller -o jsonpath='{.spec.loadBalancerIP}')
echo '#################################'
echo vector=$PUBLICIP/vector$RELEASE_NAME
Expand All @@ -163,18 +158,24 @@ jobs:
head -n 5 .github/workflows/tests/test_stac.py
pytest .github/workflows/tests/test_stac.py
sed -i "s|raster_endpoint\=.*$|raster_endpoint\='$PUBLICIP/raster$RELEASE_NAME'|g" .github/workflows/tests/test_raster.py
head -n 5 .github/workflows/tests/test_raster.py
pytest .github/workflows/tests/test_raster.py
# TODO: fix raster tests
#sed -i "s|raster_endpoint\=.*$|raster_endpoint\='$PUBLICIP/raster$RELEASE_NAME'|g" .github/workflows/tests/test_raster.py
#head -n 5 .github/workflows/tests/test_raster.py
#pytest .github/workflows/tests/test_raster.py
- name: cleanup if tests faile
if: steps.testrunner.outcome == 'failure'
run: |
echo "The previous step failed or timed out. Running cleanup logic..."
helm uninstall $RELEASE_NAME
kubectl delete ns/$RELEASE_NAME
# force GH action to show failed result
exit 128
- name: helm uinstall eoapi templates
run: |
helm uninstall $RELEASE_NAME
kubectl delete ns/$RELEASE_NAME
9 changes: 4 additions & 5 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
if: github.actor == 'ranchodeluxe' || github.actor == 'gcorradini' || github.actor == 'sunu'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 0

Expand All @@ -19,11 +19,10 @@ jobs:
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- uses: azure/setup-helm@v3
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: azure/setup-helm@v4
with:
helm-version: v3.8.2
version: v3.15.2
#token: ${{ secrets.GITHUB_TOKEN }}

- name: update gh-pages with content from main
env:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/tests/test_vector.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ def test_vector_api():
assert resp.headers["content-type"] == "application/json"
assert resp.json()["conformsTo"]

# refresh to get newest catalog
resp = client.get(f"{vector_endpoint}/refresh")
assert resp.status_code == 200

# collections
resp = client.get(f"{vector_endpoint}/collections")
assert resp.status_code == 200
Expand Down
69 changes: 37 additions & 32 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,58 +37,63 @@ If you don't have a k8s cluster set up on AWS or GCP then follow an IaC guide be

<a name="helminstall"/>

## Helm Installation
## Helm Installation

Once you have a k8s cluster set up you can `helm install` eoAPI as follows:
Once you have a k8s cluster set up you can `helm install` eoAPI with the following steps:

1. `helm install` from https://devseed.com/eoapi-k8s/:
0. `eoapi-k8s` depends on the [Crunchydata Postgresql Operator](https://access.crunchydata.com/documentation/postgres-operator/latest/installation/helm). Install that first:

```python
$ helm install --set disable_check_for_upgrades=true pgo oci://registry.developers.crunchydata.com/crunchydata/pgo
```


1. Add the eoapi repo from https://devseed.com/eoapi-k8s/:

```python
# add the eoapi helm repo locally
$ helm repo add eoapi https://devseed.com/eoapi-k8s/

# list out the eoapi chart versions
$ helm search repo eoapi --versions
NAME CHART VERSION APP VERSION DESCRIPTION
eoapi/eoapi 0.1.1 0.1.0 Create a full Earth Observation API with Metada...
eoapi/eoapi 0.1.2 0.1.0 Create a full Earth Observation API with Metada...

# add the required secret overrides to an arbitrarily named `.yaml` file (`config.yaml` below)
$ cat config.yaml
db:
settings:
secrets:
PGUSER: "username"
POSTGRES_USER: "username"
PGPASSWORD: "password"
POSTGRES_PASSWORD: "password"

# then run `helm install` with those overrides
$ helm install -n eoapi --create-namespace eoapi eoapi/eoapi --version 0.1.2 -f config.yaml
```

2. or `helm install` from this repo's `helm-chart/` folder:
2. List out the eoapi chart versions

```python
$ helm search repo eoapi --versions
NAME CHART VERSION APP VERSION DESCRIPTION
eoapi/eoapi 0.2.14 0.3.1 Create a full Earth Observation API with Metada...
eoapi/eoapi 0.1.13 0.2.11 Create a full Earth Observation API with Metada...
```
3. Optionally override keys/values in the default `values.yaml` with a custom `config.yaml` like below:

```python
$ cat config.yaml
vector:
enable: false
pgstacBootstrap:
settings:
envVars:
LOAD_FIXTURES: "0"
RUN_FOREVER: "1"
```
4. Then `helm install` with those `config.yaml` values:

```python
$ helm install -n eoapi --create-namespace eoapi eoapi/eoapi --version 0.1.2 -f config.yaml
```

5. or check out this repo and `helm install` from this repo's `helm-chart/` folder:

```python
######################################################
# create os environment variables for required secrets
######################################################
$ export GITSHA=$(git rev-parse HEAD | cut -c1-10)
$ export PGUSER=s00pers3cr3t
$ export POSTGRES_USER=s00pers3cr3t
$ export POSTGRES_PASSWORD=superuserfoobar
$ export PGPASSWORD=foobar

$ cd ./helm-chart

$ helm install \
--namespace eoapi \
--create-namespace \
--set gitSha=$GITSHA \
--set db.settings.secrets.PGUSER=$PGUSER \
--set db.settings.secrets.POSTGRES_USER=$POSTGRES_USER \
--set db.settings.secrets.PGPASSWORD=$PGPASSWORD \
--set db.settings.secrets.POSTGRES_PASSWORD=$POSTGRES_PASSWORD \
eoapi \
./eoapi
```
Expand Down
2 changes: 1 addition & 1 deletion docs/aws-eks.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

This is a verbose walkthrough. It uses `eksctl` and assumes you already have an AWS account, have the [eksctl prerequisites installed](https://docs.aws.amazon.com/eks/latest/userguide/getting-started-eksctl.html) including `eksctl` and `helm`.

If you are familiar with Terraform would like an IaC choice that is more terse consider setting up your cluster with that: https://github.com/developmentseed/eoapi-k8s-terraform
If you're familiar with Terraform and would like an IaC choice that is more terse consider setting up your cluster with that: https://github.com/developmentseed/eoapi-k8s-terraform


## Table of Contents:
Expand Down
23 changes: 4 additions & 19 deletions docs/configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,16 @@ $ head -n 9 <eoapi-k8s-repo>/values.schema.json
"$schema": "http://json-schema.org/schema#",
"type": "object",
"required": [
"db",
"service",
"gitSha"
],
```
Most of the required fields have common-sense defaults except traditional username and password secrets under `db`.
Most of the required fields have common-sense defaults.
The table below and the `values.yaml` comments should explain what the options and defaults are:
| **Values Key** | **Description** | **Default** | **Choices** |
|:-------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------|:------------|:------------------------|
| `db.settings.secrets.PGUSER`<br>`db.settings.secrets.PGPASSWORD` | username and password used by application for connections<br>https://www.postgresql.org/docs/current/libpq-envars.html | | |
| `db.settings.secrets.POSTGRES_USER`<br>`db.settings.secrets.POSTGRES_PASSWORD` | username and password used by<br>base postgresl image for admin purposes<br>see https://www.postgresql.org/docs/current/libpq-envars.html | | |
| `service.port` | the port that all vector/raster/stac services run on<br>used in `kind: Service` and `kind: Ingress` | 8080 | your favorite port |
| `gitSha` | sha attached to a `kind: Deployment` key `metadata.labels` | gitshaABC123 | your favorite sha |
Expand All @@ -31,23 +28,11 @@ The table below and the `values.yaml` comments should explain what the options a
## Default Configuration
Running `helm install` from https://devseed.com/eoapi-k8s/ with this simple `config.yml` overrides below
should spin up similar infrastructure in EKS or GKE:
```python
$ cat config.yaml
db:
settings:
secrets:
PGUSER: "username"
POSTGRES_USER: "username"
PGPASSWORD: "password"
POSTGRES_PASSWORD: "password"
```
Running `helm install` from https://devseed.com/eoapi-k8s/ should spin up similar infrastructure in EKS or GKE:
In EKS or GKE you'll by default get:
* a pgstac PostgreSQL database deployment and service
* a HA PostgreSQL database deployment and service via [Crunchdata's Postgresl Operator](https://access.crunchydata.com/documentation/postgres-operator)
* the same vector and raster data fixtures used for testing loaded into the DB
* a load balancer and nginx-compatible ingress with the following path rewrites:
* a `/stac` service for `stac_fastapi.pgstac`
Expand All @@ -69,7 +54,7 @@ Here's a simplified high-level diagram to grok:
| **Values Key** | **Description** | **Default** | **Choices** |
|:-----------------|:-----------------------------------------------------------------------------------------------------------------------------------------------|:-----------|:--------------|
| `autoscaling.type` | a simple example of a default metric (`cpu`) and custom metric (`requestRate`) to scale by. NOTE: `requestRate` is based on nginx metrics and currently isn't supported for `ingress.className: alb/gce` options yet. It will throw an error during install if you attemp this. If selecting `both` the metric that results in the "highest amount of change" wins. See https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#scaling-on-multiple-metrics for more info | requestRate | requestRate<br>cpu<br>both<br> |
| `autoscaling.type` | a simple example of a default metric (`cpu`) and custom metric (`requestRate`) to scale by. If selecting `both` the metric that results in the "highest amount of change" wins. See [k8s documentation](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#scaling-on-multiple-metrics) for more info | requestRate | requestRate<br>cpu<br>both<br> |
#### `autoscaling.behaviour.[scaleDown||scaleUp]`
Expand Down
2 changes: 1 addition & 1 deletion docs/gcp-gke.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

This is a verbose walkthrough. It uses `gcloud` and assumes you already have an GCP account and project where you want to run eoapi. We also assume that you have some prerequisites installed including `gcloud`, `kubectl` and `helm`.

If you are familiar with Terraform would like an IaC choice that is more terse consider setting up your cluster with that: https://github.com/developmentseed/eoapi-k8s-terraform
If you're familiar with Terraform and would like an IaC choice that is more terse consider setting up your cluster with that: https://github.com/developmentseed/eoapi-k8s-terraform

# Table of Contents
- [Pre-requisites](#pre-requisites)
Expand Down
Loading

0 comments on commit 01770a5

Please sign in to comment.