Skip to content

Commit

Permalink
Add initial content (#1)
Browse files Browse the repository at this point in the history
* Add initial content

* Readjust Actions for centralized platform deployment

* Fix typos etc.

---------

Co-authored-by: Benno Evers <benno@bourbaki>
  • Loading branch information
lava and Benno Evers authored May 23, 2024
1 parent a650f33 commit cd398a5
Show file tree
Hide file tree
Showing 14 changed files with 632 additions and 2 deletions.
37 changes: 37 additions & 0 deletions .github/workflows/deploy-to-staging.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
name: Deploy submodule updates to the staging environment

on:
push:
branches: [main]

jobs:
cloud_deployment:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
submodules: true

- name: Get tenant-manager submodule commit hash
id: tenant-manager-commit
run: |
cd ./components/tenant-manager
echo "::set-output name=commit::$(git rev-parse HEAD)"
- name: Deploy tenant manager
uses: benc-uk/workflow-dispatch@v1
with:
workflow: tzcp-deploy-staging.yaml
repo: tenzir/event-horizon
token: "${{ secrets.REPO_SCOPE_ACCESS_TOKEN }}"
ref: ${{ steps.tenant-manager-commit.outputs.commit }}"
# inputs: '{ "message": "blah blah", "something": false }'

# App deployments to staging are done automatically by Vercel atm.
# - name: Deploy app
# uses: benc-uk/workflow-dispatch@v1
# with:
# workflow: deploy-staging.yaml
# repo: tenzir/app
# ref: ${{ steps.app-commit.outputs.commit }}"
120 changes: 120 additions & 0 deletions .github/workflows/platform-release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
name: Create Sovereign Edition containers and also push a new production Cloud Deployment

on:
release:
types: [created]

jobs:
cloud_deployment:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
submodules: true

- name: Get app submodule commit hash
id: app-commit
run: |
cd ./components/app
echo "::set-output name=commit::$(git rev-parse HEAD)"
- name: Get tenant-manager submodule commit hash
id: tenant-manager-commit
run: |
cd ./components/tenant-manager
echo "::set-output name=commit::$(git rev-parse HEAD)"
- name: Deploy tenant manager
uses: benc-uk/workflow-dispatch@v1
with:
workflow: tzcp-deploy-production.yaml
repo: tenzir/event-horizon
token: "${{ secrets.REPO_SCOPE_ACCESS_TOKEN }}"
ref: ${{ steps.tenant-manager-commit.outputs.commit }}"

- name: Deploy app
uses: benc-uk/workflow-dispatch@v1
with:
workflow: push-to-production.yaml
repo: tenzir/app
token: "${{ secrets.REPO_SCOPE_ACCESS_TOKEN }}"
ref: ${{ steps.app-commit.outputs.commit }}"

attach_release_artifacts:
runs-on: ubuntu-latest
steps:
- name: Create tarball
run: |
tar cf platform.tar README.md LICENSE examples/
- name: Publish tarball to the GitHub Release
if: ${{ github.event_name == 'release' }}
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: "platform.tar"
asset_name: "platform.tar"
asset_content_type: application/x-tar

build_and_push_containers:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
name: Check out code

- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: tenzir-dex
tags: platform-${{ github.event.release.tag_name }}
registry: ghcr.io
directory: components/dex
dockerfile: components/dex/Dockerfile
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: tenzir-seaweed
tags: platform-${{ github.event.release.tag_name }}
registry: ghcr.io
directory: components/seaweed
dockerfile: components/seaweed/Dockerfile
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: platform
tags: platform-${{ github.event.release.tag_name }}
registry: ghcr.io
directory: components/tenant-manager/platform/tenant_manager
dockerfile: components/tenant-manager/platform/tenant_manager/Dockerfile
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: tenzir-platform
tags: platform-${{ github.event.release.tag_name }}
registry: ghcr.io
directory: components/tenant-manager/platform/public_cli
dockerfile: components/tenant-manager/platform/public_cli/Dockerfile
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: tenzir-app
tags: platform-${{ github.event.release.tag_name }}
registry: ghcr.io
directory: components/app
dockerfile: components/app/Dockerfile
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
6 changes: 6 additions & 0 deletions .gitmodules
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
[submodule "components/app"]
path = components/app
url = git@github.com:tenzir/app.git
[submodule "components/tenant-manager"]
path = components/tenant-manager
url = git@github.com:tenzir/event-horizon.git
26 changes: 24 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,2 +1,24 @@
# platform
On-premise version of the Tenzir Platform
# Tenzir Platform

On-premise version of the Tenzir Platform.

**NOTE**: The examples and files in this repository are only
usable in combination with Sovereign Edition access token.
Please [contact sales](https://tenzir.com/pricing) for more
information.

## Quick Start

For detailed instructions, visit our [documentation](https://docs.tenzir.com/setup-guides/deploy-the-platform).

```
echo <SOVEREIGN_EDITION_TOKEN> | docker login ghcr.io -u tenzir-distribution --password-stdin
cd examples/localdev
mv env.example .env
vim .env
docker compose up -d
docker compose logs -f
```


For Tenzir employees, it's instead recommended to start with [this version](https://github.com/tenzir/event-horizon/tree/main/platform/compose) that ties into our deployed infrastructure.
1 change: 1 addition & 0 deletions components/app
Submodule app added at e000d6
11 changes: 11 additions & 0 deletions components/dex/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# A fork of the upstream dex container that
# allows configuring the initial user and
# password via environment variables, by writing a
# config file to `/etc/dex/tenzir-config.yaml`

FROM dexidp/dex:v2.38.0

COPY dex.tenzir-entrypoint.sh /tenzir-entrypoint.sh

ENTRYPOINT /tenzir-entrypoint.sh

36 changes: 36 additions & 0 deletions components/dex/dex.tenzir-entrypoint.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
#!/bin/sh

# Custom entrypoint to work around some options of dex being
# only configurable via config file and not via environment
# variable.

cat <<EOF > /etc/dex/tenzir-config.yaml
issuer: ${TENZIR_PLATFORM_OIDC_PROVIDER_ISSUER_URL}
storage:
type: sqlite3
web:
http: 0.0.0.0:5556
staticClients:
- id: tenzir-app
redirectURIs:
- '${TENZIR_PLATFORM_DOMAIN}/auth/callback/dex'
name: 'Tenzir App'
secret: ${TENZIR_PLATFORM_OIDC_PROVIDER_CLIENT_SECRET}
enablePasswordDB: true
staticPasswords:
- email: "${DEX_EMAIL}"
hash: "${DEX_PASSWORD_HASH}"
username: "${DEX_USER}"
userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"
EOF

# Chain into the entrypoint of the upstream dexidp/dex image
exec /usr/local/bin/docker-entrypoint "$@"



11 changes: 11 additions & 0 deletions components/seaweed/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# A fork of the official seaweed container that
# allows configuring the bucket name and access
# keys via environment variables, by writing a
# config file to `/config.json`

FROM chrislusf/seaweedfs

COPY seaweed.tenzir-entrypoint.sh /tenzir-entrypoint.sh

ENTRYPOINT /tenzir-entrypoint.sh

26 changes: 26 additions & 0 deletions components/seaweed/seaweed.tenzir-entrypoint.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
#!/bin/sh

cat <<EOF > /config.json
{
"identities": [
{
"name": "tenzir-platform",
"credentials": [
{
"accessKey": "${TENZIR_PLATFORM_INTERNAL_ACCESS_KEY_ID}",
"secretKey": "${TENZIR_PLATFORM_INTERNAL_SECRET_ACCESS_KEY}"
}
],
"actions": [
"Read:${TENZIR_PLATFORM_INTERNAL_BUCKET_NAME}",
"Write:${TENZIR_PLATFORM_INTERNAL_BUCKET_NAME}",
"List:${TENZIR_PLATFORM_INTERNAL_BUCKET_NAME}",
"Tagging:${TENZIR_PLATFORM_INTERNAL_BUCKET_NAME}",
"Admin:${TENZIR_PLATFORM_INTERNAL_BUCKET_NAME}"
]
}
]
}
EOF

exec /entrypoint.sh "$@"
1 change: 1 addition & 0 deletions components/tenant-manager
Submodule tenant-manager added at 725edd
Loading

0 comments on commit cd398a5

Please sign in to comment.