feat(all): adding makefile

Makefile

@@ -0,0 +1,10 @@
+################################
+# Makefile for Cadoles SP
+################################
+
+IMAGE_REPO := reg.cadoles.com/cadoles
+IMAGE_VERSION ?= 0.0.1
+
+DAY_SUFFIX_TAG ?= $(shell date +%Y%m%d)
+
+include main.mk

README.md

@@ -1,5 +1,55 @@
 Symfony Skeletor
 
+# Create a dev cluster with "kind"
+
+
+1. Start your Kubernetes cluster
+
+    ```shell
+    export ENGINE="kind"
+    ```
+
+    Setup your "harbor" user:
+    ```
+    export HARBOR_USER_NAME="<pnom>"
+    ```
+
+    Create the cluster
+
+    ```shell
+    ${ENGINE} create cluster --config misc/k8s/${ENGINE}/${ENGINE}-cluster.yaml
+    ```
+
+2. Check your cluster status
+
+    ```shell
+    kubectl get nodes
+    ```
+    All the nodes are "Ready"
+    ```
+    NAME                STATUS   ROLES           AGE    VERSION
+    dev-control-plane   Ready    control-plane   5d5h   v1.27.2
+    dev-worker          Ready    <none>          5d5h   v1.27.2
+    dev-worker2         Ready    <none>          5d5h   v1.27.2
+    dev-worker3         Ready    <none>          5d5h   v1.27.2
+    ```
+
+3. Déployer les opérateurs dans votre cluster
+
+    ```shell
+    kubectl apply -k misc/k8s/${ENGINE}/cluster --server-side  
+    ```
+
+4. Récupèrer la plage IP de votre "cluster"
+    Si vous utilisez [kind](https://kind.sigs.k8s.io) :
+
+    ```shell
+    docker network inspect kind | jq '.[0].IPAM.Config[0].Subnet' -r
+    ```
+    En toute logique vous devriez obtenir un résultat du type `172.XX.0.0/16`.
+    Gardez cette information pour plus tard.
+
+
 ```
 your-project/
 ├── assets/

main.mk

@@ -0,0 +1,77 @@
+IMAGES_DIR := ./misc/images
+
+#
+# $1: IMAGE_NAME
+#
+define build_image
+	echo "Building ${IMAGE_REPO}/$1";\
+	docker build \
+		-t "${IMAGE_REPO}/$1:$(IMAGE_VERSION)" \
+		-f ${IMAGES_DIR}/$1/Dockerfile \
+		.	
+endef
+
+#
+# $1: IMAGE_NAME
+# $2: IMAGE_TAG
+#
+define scan_image
+	echo "Scanning ${IMAGE_REPO}/$1"; \
+	mkdir -p .trivy/$(IMAGE_REPO)/$1; \
+	tools/trivy/bin/trivy --cache-dir .trivy/.cache image -o ".trivy/$(IMAGE_REPO)/$1/$2/report.txt" $(TRIVY_ARGS) $(IMAGE_REPO)/$1:$2 ; \
+	cat ".trivy/$(IMAGE_REPO)/$1/$2report.txt"
+endef
+
+define install_trivy
+	mkdir -p tools/trivy/bin ; \
+	curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
+endef
+
+define release_image
+	docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) ; \
+	docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION);                    \
+	docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:latest ;                             \
+	docker push $(IMAGE_REPO)/$1:latest ;                                                              \
+	docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION) ;                                                    \
+	docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
+endef
+	
+
+#list:
+build: ${IMAGES_DIR}/*
+	@for name in $(basename $(notdir $^)); do \
+		$(call build_image,$${name}); \
+	done;\
+
+scan: ${IMAGES_DIR}/*
+	$(call install_trivy)
+	@for name in $(basename $(notdir $^)); do \
+		$(call scan_image,$${name}); \
+	done;\
+	
+tools/trivy/bin/trivy:
+	mkdir -p tools/trivy/bin
+	curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
+
+
+release: ${IMAGES_DIR}/*
+	@for name in $(basename $(notdir $^)); do \
+		$(call release_image,$${name},base); \
+	done;\
+
+_release:
+	docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
+	docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
+	docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
+	docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
+	docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
+	docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
+
+_test: tools/bin/bash_unit
+	tools/bin/bash_unit ./tests/test_$(IMAGE_TAG).sh
+
+tools/bin/bash_unit:
+	mkdir -p tools/bin
+	cd tools/bin && bash <(curl -s https://raw.githubusercontent.com/pgrange/bash_unit/master/install.sh)	
+
+##include recipes/*.mk

misc/images/app-kube/Dockerfile

@@ -0,0 +1,3 @@
+ARG ADDITIONAL_PACKAGES="tree"
+
+FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base

misc/k8s/kind/cluster/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+- https://raw.githubusercontent.com/ory/k8s/v0.30.0/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
+- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
+- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop
+- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
+- https://forge.cadoles.com/CadolesKube/c-kustom//base/metallb?ref=develop
+- https://forge.cadoles.com/CadolesKube/c-kustom//base/metrics?ref=develop
+- https://forge.cadoles.com/CadolesKube/c-kustom//base/nginx?ref=develop

misc/k8s/kind/cluster/lb/kustomization.yaml

@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: metallb-system
+
+resources:
+- ./resources/ipaddresspoool.yaml
+- ./resources/advertise.yaml

misc/k8s/kind/cluster/lb/resources/advertise.yaml

@@ -0,0 +1,9 @@
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: l2-ip-pool-ad
+  namespace: metallb-system
+spec:
+  ipAddressPools:
+  - main-pool
+

misc/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml

@@ -0,0 +1,8 @@
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: main-pool
+  namespace: metallb-system
+spec:
+  addresses:
+  - 172.18.10.100-172.18.10.200

misc/k8s/kind/kind-cluster.yaml

@@ -0,0 +1,48 @@
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+name: mse-dev
+networking:
+  podSubnet: "10.110.0.0/16"
+  serviceSubnet: "10.115.0.0/16"
+nodes:
+- role: control-plane
+  image: kindest/node:v1.27.2
+  kubeadmConfigPatches:
+  - |
+    kind: InitConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+        node-labels: "ingress-ready=true"
+  extraPortMappings:
+  - containerPort: 31000
+    hostPort: 31000
+    listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
+  - containerPort: 80
+    hostPort: 8080
+    listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
+  labels:
+    ingress-ready: true
+- role: worker
+  image: kindest/node:v1.27.2
+  kubeadmConfigPatches:
+  - |
+    kind: JoinConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+        system-reserved: memory=2Gi
+- role: worker
+  image: kindest/node:v1.27.2
+  kubeadmConfigPatches:
+  - |
+    kind: JoinConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+        system-reserved: memory=2Gi
+- role: worker
+  image: kindest/node:v1.27.2
+  kubeadmConfigPatches:
+  - |
+    kind: JoinConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+        system-reserved: memory=2Gi

skaffold.yaml

@@ -0,0 +1,46 @@
+apiVersion: skaffold/v3
+kind: Config
+
+metadata:
+  name: mse
+
+manifests:
+  kustomize:
+    paths:
+    - misc/k8s/kustomization/base
+
+profiles:
+- name: dev
+  manifests:
+    kustomize:
+      paths:
+      - misc/k8s/kustomization/overlays/dev
+  activation:
+  - command: dev
+
+build:
+  cluster:
+    dockerConfig:
+      path: misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson
+    randomDockerConfigSecret: true
+    randomPullSecret: true
+
+  tagPolicy:
+    sha256: {}
+
+  artifacts:
+  - image: reg.cadoles.com/cadoles/app-kube
+    context: .
+    sync:
+      infer:
+      - src/**
+      - app/**
+      - translations/**
+      - scripts/**
+      - templates/**
+    kaniko:
+      dockerfile: misc/images/app-kube/Dockerfile
+      cache: {}
+
+deploy:
+  statusCheckDeadlineSeconds: 600