initial commit (#71)

deploy-k8s/.gitignore

@@ -0,0 +1 @@
+code-server/

deploy-k8s/README.md

@@ -0,0 +1,11 @@
+# deploy-k8s
+
+Some helper scripts and example images for deploying to Kubernetes. These are still a work in progress and the images do not have CI/CD set up.
+
+Note: This is a quick way to get up and running with code-server Helm charts. We recommend managing these workspaces with something other than bash scripts 😂
+
+1. Ensure you have kubectl, helm, installed and your kube context is pointed at an active cluster.
+1. Clone this repo and run `init.sh` to clone code-server 
+1. Build the images with `build-images.sh`.
+1. Edit the examples in `workspaces/` to use your images
+1. Run `provision-workspaces.sh` and then `get-deployments.sh`

deploy-k8s/build-images.sh

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+# This will build and push public images in the images/ folder to
+# DockerHub based on your Docker username with the
+# format: $username/dev-env-$folder:latest
+
+set -e
+
+docker_username=$(docker-credential-$(jq -r .credsStore ~/.docker/config.json) list | jq -r '. | to_entries[] | select(.key | contains("docker.io")) | last(.value)')
+
+build_and_push() {
+    folder=$1
+    basename=$(basename -- "$folder")
+    name=${basename%.*}
+    docker build $folder -t bencdr/dev-env-$name:latest
+    docker push $docker_username/dev-env-$name:latest
+}
+
+build_and_push "images/base"
+
+# Build all other images in the images/ folder
+# note: if you have multiple base images or heirchal images
+# you'll want to build them in a controlled order above and
+# exclude them. can be comma or space seperated :)
+exclude="images/base"
+
+for folder in images/*; do
+    if [[ ! "$exclude" == *"$folder"* ]]; then
+        build_and_push $folder
+    fi
+done

deploy-k8s/extras/new-image.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# This creates a new image folder and opens it in 
+# VS Code, if you have it installed
+
+cp -r images/frontend images/new
+
+if command -v code &> /dev/null; then
+    code images/new/Dockerfile
+fi

deploy-k8s/extras/new-workspace.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# This creates a new workspace file and opens it in 
+# VS Code, if you have it installed
+
+cp workspaces/ben.yaml workspaces/new.yaml
+
+if command -v code &> /dev/null; then
+    code workspaces/new.yaml
+fi

deploy-k8s/get-deployments.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+# This will look in your workspaces/ folder and
+# look up the helm deployments in a basic manner
+
+get_deployment() {
+    name=$1
+    ip=$(kubectl get svc $name-dev-code-server -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+    port=$(kubectl get svc $name-dev-code-server -o jsonpath='{.spec.ports[0].port}')
+    image=$(helm get values $name-dev -o json | jq .image.repository)
+    echo "$name (image: $image)"
+    echo "http://$ip:$port"
+    echo $(kubectl get secret $name-dev-code-server -o jsonpath="{.data.password}" | base64 --decode)
+    echo "---"
+}
+
+
+for file in workspaces/*.yaml; do
+    basename=$(basename -- "$file")
+    name=${basename%.*}
+    get_deployment $name
+done

deploy-k8s/images/base/Dockerfile

@@ -0,0 +1,12 @@
+FROM codercom/code-server:3.12.0
+
+# Install Homebrew, must be as a non-root user
+RUN /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+ENV PATH /home/linuxbrew/.linuxbrew/bin:${PATH}
+
+USER root
+
+RUN apt-get update && \
+    apt-get install -y python3 python3-pip
+
+USER coder

deploy-k8s/images/devops/Dockerfile

@@ -0,0 +1,37 @@
+FROM bencdr/dev-env-base:latest
+
+USER root
+
+RUN apt-get update
+RUN apt-get install -y apt-transport-https gnupg
+
+# Install kubectl
+RUN curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg && \
+    echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list && \
+    apt-get update && apt-get install -y kubectl
+
+# Install helm
+RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
+
+# Install gcloud
+RUN curl -fsSLo /usr/share/keyrings/cloud.google.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg && \
+    echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" |   tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && \
+    apt-get update && apt-get install -y google-cloud-sdk
+
+# Install AWS CLI
+RUN pip3 install awscli
+
+USER coder
+
+# Install terraform
+RUN brew tap hashicorp/tap && \
+    brew install hashicorp/tap/terraform
+
+# Install kubectx
+RUN brew install kubectl
+
+# Install Docker
+RUN sudo apt-get install -y docker.io systemd systemd-sysv
+RUN systemctl enable docker
+
+USER coder

deploy-k8s/images/frontend/Dockerfile

@@ -0,0 +1,13 @@
+FROM bencdr/dev-env-base:latest
+
+USER root
+
+# Install Node.js
+ARG NODE_VERSION=14
+RUN curl -sL "https://deb.nodesource.com/setup_$NODE_VERSION.x" | bash -
+RUN DEBIAN_FRONTEND="noninteractive" apt-get install -y nodejs
+
+# Install yarn
+RUN npm install -g yarn
+
+USER coder

deploy-k8s/init.sh

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+# This will create a namespace on your cluster
+# and ensure you have the proper commands.
+
+# It will also clone code server so that you
+# can use the helmchart :)
+
+NAMESPACE=${NAMESPACE:-dev-envs}
+
+git clone https://github.com/cdr/code-server
+kubectl create namespace $NAMESPACE
+
+./set-namespace.sh $NAMESPACE
+
+if ! command -v helm &> /dev/null; then
+    echo "! Please install the helm: https://helm.sh/docs/intro/install/"
+    exit
+fi
+
+if ! command -v jq &> /dev/null; then
+    echo "! Please install the yq command: https://stedolan.github.io/jq/"
+    exit
+fi

deploy-k8s/provision-workspaces.sh

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+# This will create/update helm deployments based
+# on the charts in your workspaces folder.
+
+# To create a new deployment: clone a chart,
+# modify accordingly, and run this script.
+
+for file in workspaces/*.yaml; do
+    basename=$(basename -- "$file")
+    name=${basename%.*}
+    helm upgrade --install $name-dev code-server/ci/helm-chart --values $file
+    
+    # restart the pods to grab the latest version
+    # this is not needed if you version-control images
+    kubectl rollout restart deployment $name-dev-code-server
+    echo "---"
+done

deploy-k8s/set-namespace.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# Pretty lame, but helpful command :)
+# kubens is cool too.
+
+# ex: ./set-namespace.sh dev-envs
+
+kubectl config set-context --current --namespace=$1

deploy-k8s/workspaces/ben.yaml

@@ -0,0 +1,90 @@
+replicaCount: 1
+
+hostnameOverride: "ben-dev"
+
+image:
+  repository: bencdr/dev-env-devops
+  tag: "latest"
+  pullPolicy: Always
+
+resources:
+  limits:
+    cpu: 2000m
+    memory: 8000Mi
+  requests:
+    cpu: 500m
+    memory: 1000Mi
+
+persistence:
+  enabled: true
+  accessMode: ReadWriteOnce
+  size: 10Gi
+  annotations: {}
+
+extraContainers: |
+  - name: docker-dind
+    image: docker:20.10-dind
+    imagePullPolicy: IfNotPresent
+    resources:
+      requests:
+        cpu: 250m
+        memory: 256M
+    securityContext:
+      privileged: true
+      procMount: Default
+    env:
+      - name: DOCKER_TLS_CERTDIR
+        value: ""
+      - name: DOCKER_DRIVER
+        value: "overlay2"
+
+volumePermissions:
+  enabled: true
+  securityContext:
+    runAsUser: 0
+
+securityContext:
+  enabled: true
+  fsGroup: 1000
+  runAsUser: 1000
+
+service:
+  type: LoadBalancer
+  port: 8080
+
+ingress:
+  enabled: false
+  #annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: "true"
+  #hosts:
+  #  - host: code-server.example.loc
+  #    paths:
+  #      - /
+
+  #tls:
+  #  - secretName: code-server
+  #    hosts:
+  #      - code-server.example.loc
+
+extraArgs: []
+extraVars:
+  - name: DOCKER_HOST
+    value: tcp://localhost:2375
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+extraSecretMounts: []
+
+extraVolumeMounts: []
+
+hostPath: ""
+
+extraConfigmapMounts: []
+
+serviceAccount:
+  create: false

deploy-k8s/workspaces/jordan.yaml

@@ -0,0 +1,70 @@
+replicaCount: 1
+
+hostnameOverride: "jordan-dev"
+
+image:
+  repository: bencdr/dev-env-frontend
+  tag: "latest"
+  pullPolicy: Always
+
+resources:
+  limits:
+    cpu: 4000m
+    memory: 8000Mi
+  requests:
+    cpu: 1000m
+    memory: 2000Mi
+
+persistence:
+  enabled: true
+  accessMode: ReadWriteOnce
+  size: 10Gi
+  annotations: {}
+
+volumePermissions:
+  enabled: true
+  securityContext:
+    runAsUser: 0
+
+securityContext:
+  enabled: true
+  fsGroup: 1000
+  runAsUser: 1000
+
+service:
+  type: LoadBalancer
+  port: 8083
+
+ingress:
+  enabled: false
+  #annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: "true"
+  #hosts:
+  #  - host: code-server.example.loc
+  #    paths:
+  #      - /
+
+  #tls:
+  #  - secretName: code-server
+  #    hosts:
+  #      - code-server.example.loc
+
+extraArgs: []
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+extraSecretMounts: []
+
+extraVolumeMounts: []
+
+hostPath: ""
+
+extraConfigmapMounts: []
+
+serviceAccount:
+  create: false

deploy-k8s/workspaces/maria.yaml

@@ -0,0 +1,70 @@
+replicaCount: 1
+
+hostnameOverride: "maria-dev"
+
+image:
+  repository: bencdr/dev-env-frontend
+  tag: "latest"
+  pullPolicy: Always
+
+resources:
+  limits:
+    cpu: 4000m
+    memory: 8000Mi
+  requests:
+    cpu: 1000m
+    memory: 2000Mi
+
+persistence:
+  enabled: true
+  accessMode: ReadWriteOnce
+  size: 10Gi
+  annotations: {}
+
+volumePermissions:
+  enabled: true
+  securityContext:
+    runAsUser: 0
+
+securityContext:
+  enabled: true
+  fsGroup: 1000
+  runAsUser: 1000
+
+service:
+  type: LoadBalancer
+  port: 8081
+
+ingress:
+  enabled: false
+  #annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: "true"
+  #hosts:
+  #  - host: code-server.example.loc
+  #    paths:
+  #      - /
+
+  #tls:
+  #  - secretName: code-server
+  #    hosts:
+  #      - code-server.example.loc
+
+extraArgs: []
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+extraSecretMounts: []
+
+extraVolumeMounts: []
+
+hostPath: ""
+
+extraConfigmapMounts: []
+
+serviceAccount:
+  create: false

deploy-k8s/workspaces/skyler.yaml

@@ -0,0 +1,31 @@
+replicaCount: 1
+
+hostnameOverride: "skyler-dev"
+
+image:
+  repository: bencdr/dev-env-frontend
+  tag: "latest"
+  pullPolicy: Always
+
+resources:
+  limits:
+    cpu: 4000m
+    memory: 8000Mi
+  requests:
+    cpu: 1000m
+    memory: 2000Mi
+
+persistence:
+  enabled: true
+  accessMode: ReadWriteOnce
+  size: 10Gi
+  annotations: {}
+
+volumePermissions:
+  enabled: true
+  securityContext:
+    runAsUser: 0
+
+service:
+  type: LoadBalancer
+  port: 8082