From d05cb55cb0387863db663e1e38949bdb2b83b3c6 Mon Sep 17 00:00:00 2001 From: Yaojia Wang Date: Mon, 9 Mar 2026 23:28:31 +0100 Subject: [PATCH] feat: add Docker, Drone CI, and k8s deployment manifests - Dockerfile for Python 3.12 FastAPI app - Drone CI pipeline to build and push to internal registry - Kubernetes manifests (Deployment, Service, Secret, Namespace) - ArgoCD Application for GitOps deployment - Kustomize base configuration --- .dockerignore | 10 +++++++ .drone.yml | 22 +++++++++++++++ Dockerfile | 22 +++++++++++++++ k8s/argocd-app.yaml | 20 +++++++++++++ k8s/base/deployment.yaml | 56 +++++++++++++++++++++++++++++++++++++ k8s/base/kustomization.yaml | 10 +++++++ k8s/base/namespace.yaml | 4 +++ k8s/base/secret.yaml | 11 ++++++++ k8s/base/service.yaml | 15 ++++++++++ 9 files changed, 170 insertions(+) create mode 100644 .dockerignore create mode 100644 .drone.yml create mode 100644 Dockerfile create mode 100644 k8s/argocd-app.yaml create mode 100644 k8s/base/deployment.yaml create mode 100644 k8s/base/kustomization.yaml create mode 100644 k8s/base/namespace.yaml create mode 100644 k8s/base/secret.yaml create mode 100644 k8s/base/service.yaml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..714136f --- /dev/null +++ b/.dockerignore @@ -0,0 +1,10 @@ +__pycache__/ +*.pyc +.env +.pytest_cache/ +.coverage +.claude/ +tests/ +*.md +environment.yml +test_*.py diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..b7f9d2c --- /dev/null +++ b/.drone.yml @@ -0,0 +1,22 @@ +kind: pipeline +type: docker +name: build-and-push + +trigger: + branch: + - main + - develop + event: + - push + +steps: + - name: build-and-push + image: plugins/docker + settings: + repo: 192.168.68.11:30500/invest-api + registry: 192.168.68.11:30500 + insecure: true + tags: + - ${DRONE_COMMIT_SHA:0:8} + - latest + dockerfile: Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..5b7fa41 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +FROM python:3.12-slim AS base + +WORKDIR /app + +RUN apt-get update && \ + apt-get install -y --no-install-recommends gcc g++ && \ + rm -rf /var/lib/apt/lists/* + +COPY pyproject.toml ./ + +RUN pip install --no-cache-dir . && \ + pip install --no-cache-dir openbb-quantitative openbb-econometrics openbb-technical && \ + apt-get purge -y gcc g++ && \ + apt-get autoremove -y + +COPY *.py ./ + +EXPOSE 8000 + +USER nobody + +CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"] diff --git a/k8s/argocd-app.yaml b/k8s/argocd-app.yaml new file mode 100644 index 0000000..48589d4 --- /dev/null +++ b/k8s/argocd-app.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: invest-api + namespace: argocd +spec: + project: default + source: + repoURL: https://git.colacoder.com/kai/openbb-invest-api.git + targetRevision: main + path: k8s/base + destination: + server: https://kubernetes.default.svc + namespace: invest-api + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/k8s/base/deployment.yaml b/k8s/base/deployment.yaml new file mode 100644 index 0000000..31bc949 --- /dev/null +++ b/k8s/base/deployment.yaml @@ -0,0 +1,56 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: invest-api + namespace: invest-api + labels: + app: invest-api +spec: + replicas: 1 + selector: + matchLabels: + app: invest-api + template: + metadata: + labels: + app: invest-api + spec: + containers: + - name: invest-api + image: 192.168.68.11:30500/invest-api:latest + imagePullPolicy: Always + ports: + - containerPort: 8000 + protocol: TCP + env: + - name: INVEST_API_HOST + value: "0.0.0.0" + - name: INVEST_API_PORT + value: "8000" + - name: INVEST_API_LOG_LEVEL + value: "info" + - name: INVEST_API_CORS_ORIGINS + value: '["*"]' + envFrom: + - secretRef: + name: invest-api-secrets + optional: true + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + livenessProbe: + httpGet: + path: /health + port: 8000 + initialDelaySeconds: 15 + periodSeconds: 30 + readinessProbe: + httpGet: + path: /health + port: 8000 + initialDelaySeconds: 5 + periodSeconds: 10 diff --git a/k8s/base/kustomization.yaml b/k8s/base/kustomization.yaml new file mode 100644 index 0000000..b8616d2 --- /dev/null +++ b/k8s/base/kustomization.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: invest-api + +resources: + - namespace.yaml + - secret.yaml + - deployment.yaml + - service.yaml diff --git a/k8s/base/namespace.yaml b/k8s/base/namespace.yaml new file mode 100644 index 0000000..c079629 --- /dev/null +++ b/k8s/base/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: invest-api diff --git a/k8s/base/secret.yaml b/k8s/base/secret.yaml new file mode 100644 index 0000000..9439667 --- /dev/null +++ b/k8s/base/secret.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: invest-api-secrets + namespace: invest-api +type: Opaque +stringData: + # Replace with your actual keys before applying, or use sealed-secrets / external-secrets + INVEST_API_FINNHUB_API_KEY: "" + INVEST_API_FRED_API_KEY: "" + INVEST_API_ALPHAVANTAGE_API_KEY: "" diff --git a/k8s/base/service.yaml b/k8s/base/service.yaml new file mode 100644 index 0000000..03b39c5 --- /dev/null +++ b/k8s/base/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: invest-api + namespace: invest-api + labels: + app: invest-api +spec: + type: ClusterIP + selector: + app: invest-api + ports: + - port: 8000 + targetPort: 8000 + protocol: TCP