Merge pull request 'Refactored dockerfile' (#4) from test into main

Reviewed-on: #4

.dockerignore

@@ -12,6 +12,7 @@
 **/*.dbmdl
 **/*.jfm
 **/azds.yaml
+**/bin
 **/charts
 **/docker-compose*
 **/Dockerfile*
@@ -26,7 +27,4 @@ README.md
 !.git/HEAD
 !.git/config
 !.git/packed-refs
-!.git/refs/heads/**
-# Ensure the build output is NOT ignored
-!**/bin/Release/**/publish/
-!**/publish/
+!.git/refs/heads/**

.drone.yml

@@ -1,68 +1,86 @@
 ---
 kind: pipeline
-type: docker
-name: build-and-package
+type: kubernetes
+name: build
+
+clone:
+  disable: false
 
 steps:
-  - name: build-test-publish
-    image: nexus.khongisa.co.za/sdk:10.0
+  - name: dotnet restore
+    image: mcr.microsoft.com/dotnet/sdk:8.0
     commands:
-      - dotnet restore --source https://nexus.khongisa.co.za/repository/nuget-group/index.json --no-cache
-      - dotnet build --configuration Release --no-restore
-      - dotnet test --configuration Release --no-build
-      - dotnet publish --configuration Release --no-build
+      - dotnet restore
 
-  - name: docker-build-and-push
-    image: plugins/docker
-    settings:
-      registry: nexus.khongisa.co.za
-      repo: nexus.khongisa.co.za/webapitest
-      tags: [ "${DRONE_BUILD_NUMBER}", "latest" ]
-      username: { from_secret: docker_username }
-      password: { from_secret: docker_password }
-
-  - name: vulnerability-scan
-    image: aquasec/trivy:0.50.1
-    environment:
-      TRIVY_USERNAME: { from_secret: docker_username }
-      TRIVY_PASSWORD: { from_secret: docker_password }
+  - name: dotnet build
+    image: mcr.microsoft.com/dotnet/sdk:8.0
     commands:
-      - trivy image --image-src remote --exit-code 1 --severity CRITICAL nexus.khongisa.co.za/webapitest:${DRONE_BUILD_NUMBER}
+      - dotnet build --configuration Release
+      - ls ./SampleApi/bin/Release/net8.0/
 
-trigger:
-  branch:
-    - main
-  event:
-    exclude:
-      - promote
+  - name: dotnet test
+    image: mcr.microsoft.com/dotnet/sdk:8.0
+    commands:
+      - dotnet test --configuration Release
 
 ---
 kind: pipeline
-type: docker
-name: deploy-to-uat
+type: kubernetes
+name: package
 
 depends_on:
-  - build-and-package
+  - build
+
+clone:
+  disable: true
 
 steps:
-  - name: uat-deployment
+  - name: dotnet publish
+    image: mcr.microsoft.com/dotnet/sdk:8.0
+    commands:
+      - dotnet publish --configuration Release
+      - ls ./SampleApi/bin/Release/net8.0/publish/
+
+  - name: docker build and push
+    image: plugins/docker
+    settings:
+      repo: registry-server.registry.svc.cluster.local:5000/sampleapi
+      auto_tag: true
+      registry: registry-server.registry.svc.cluster.local:5000
+      insecure: true
+      username:
+        from_secret: registry-username
+      password:
+        from_secret: registry-password
+      dockerfile: Dockerfile
+      context: ./SampleApi/bin/Release/net8.0/publish/
+
+---
+kind: pipeline
+type: kubernetes
+name: deploy
+
+depends_on:
+  - package
+
+clone:
+  disable: true
+
+steps:
+  - name: deploy via SSH
     image: appleboy/drone-ssh
     settings:
-      host: { from_secret: ssh_host }
-      username: { from_secret: ssh_user }
-      password: { from_secret: ssh_password }
+      host: lead.mngoma.lab
+      username:
+        from_secret: host-username
+      password:
+        from_secret: host-password
+      port: 22
       script:
-        - echo $DOCKER_PASSWORD | docker login nexus.khongisa.co.za -u $DOCKER_USERNAME --password-stdin
-        - docker pull nexus.khongisa.co.za/webapitest:latest
-        - docker stop webapi 2>/dev/null || true
-        - docker rm webapi 2>/dev/null || true
-        - docker run -d --name webapi --restart unless-stopped -e ASPNETCORE_ENVIRONMENT=Development -p 4000:8081 nexus.khongisa.co.za/webapitest:latest
-    environment:
-      DOCKER_USERNAME: { from_secret: docker_username }
-      DOCKER_PASSWORD: { from_secret: docker_password }
-
-trigger:
-  event:
-    - promote
-  target:
-    - staging
+        - set -euo pipefail
+        - echo "Applying Kubernetes manifest via SSH..."
+        # Apply the manifest remotely via kubectl on the host
+        - ssh -o StrictHostKeyChecking=no $DRONE_REMOTE_USER@lead.mngoma.lab 'kubectl apply -f -' <<'EOF'
+          $(cat ./manifests/deploy.yml)
+          EOF
+        - echo "Manifest applied successfully."

Dockerfile

@@ -1,11 +1,12 @@
-FROM nexus.khongisa.co.za/aspnet:10.0 AS final
+# Stage 1: Build the app using the SDK
+FROM ://mcr.microsoft.com AS build
+WORKDIR /src
+COPY . .
+RUN dotnet publish "SampleApi/SampleApi.csproj" -c Release -o /app/publish
+
+# Stage 2: Run the app using the Runtime
+FROM ://mcr.microsoft.com
 WORKDIR /app
-
-USER app
-
-COPY --chown=app:app ./SampleApi/bin/Release/net10.0/publish/ .
-
-EXPOSE 8081
-ENV ASPNETCORE_HTTP_PORTS=8081
-
-ENTRYPOINT ["dotnet", "SampleApi.dll"]
+# Copy the compiled files from the 'build' stage to this stage
+COPY --from=build /app/publish .
+ENTRYPOINT ["dotnet", "SampleApi.dll"]

SampleApi/Controllers/DemoController.cs

@@ -1,43 +0,0 @@
-using Microsoft.AspNetCore.Mvc;
-
-// For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
-
-namespace SampleApi.Controllers
-{
-    [Route("api/[controller]")]
-    [ApiController]
-    public class DemoController : ControllerBase
-    {
-        // GET: api/<DemoController>
-        [HttpGet]
-        public IEnumerable<string> Get()
-        {
-            return new string[] { "value1", "value2" };
-        }
-
-        // GET api/<DemoController>/5
-        [HttpGet("{id}")]
-        public string Get(int id)
-        {
-            return "value";
-        }
-
-        // POST api/<DemoController>
-        [HttpPost]
-        public void Post([FromBody] string value)
-        {
-        }
-
-        // PUT api/<DemoController>/5
-        [HttpPut("{id}")]
-        public void Put(int id, [FromBody] string value)
-        {
-        }
-
-        // DELETE api/<DemoController>/5
-        [HttpDelete("{id}")]
-        public void Delete(int id)
-        {
-        }
-    }
-}

SampleApi/Program.cs

@@ -1,22 +1,25 @@
 var builder = WebApplication.CreateBuilder(args);
 
+// Add services to the container.
+
 builder.Services.AddControllers();
+// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen();
-builder.Services.AddHealthChecks();
 
 var app = builder.Build();
 
+// Configure the HTTP request pipeline.
 if (app.Environment.IsDevelopment())
 {
     app.UseSwagger();
     app.UseSwaggerUI();
 }
 
-app.MapHealthChecks("/health");
-app.UseRouting();
 app.UseHttpsRedirection();
+
 app.UseAuthorization();
+
 app.MapControllers();
 
 app.Run();

SampleApi/SampleApi.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net10.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
     <UserSecretsId>cfe6b4ce-2d40-4273-b3a3-e4df67304fc5</UserSecretsId>
@@ -9,9 +9,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.23.0" />
-    <PackageReference Include="Polly" Version="8.6.6" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.7" />
+    <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.19.6" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
   </ItemGroup>
 
 </Project>

docker-compose.yml

@@ -5,6 +5,4 @@ services:
       context: .
       dockerfile: Dockerfile
     ports:
-      - "8081:8081"
-    environment:
-      - ASPNETCORE_ENVIRONMENT=Development
+      - "8080:8081"

manifests/deploy.yml

@@ -0,0 +1,99 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: experiments
+  labels:
+    name: experiments
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sampleapi-config
+  namespace: experiments
+data:
+  appname: "SampleApi"
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sampleapi
+  namespace: experiments
+  labels:
+    app: sampleapi
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: sampleapi
+  template:
+    metadata:
+      labels:
+        app: sampleapi
+    spec:
+      containers:
+        - name: sampleapi
+          image: registry.registry.svc.cluster.local:5000/experiments/sampleapi:latest
+          imagePullPolicy: Always
+          ports:
+            - name: http
+              containerPort: 8080
+            - name: https
+              containerPort: 8081
+          resources:
+            requests:
+              memory: "128Mi"
+              cpu: "250m"
+            limits:
+              memory: "256Mi"
+              cpu: "500m"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: sampleapi
+  namespace: experiments
+spec:
+  type: ClusterIP
+  selector:
+    app: sampleapi
+  ports:
+    - name: http
+      port: 80
+      targetPort: 8080
+    - name: https
+      port: 443
+      targetPort: 8081
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: sampleapi-http
+  namespace: experiments
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`sampleapi.apps.mngoma.lab`)
+      kind: Rule
+      services:
+        - name: sampleapi
+          port: 80
+          scheme: http
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: sampleapi-https
+  namespace: experiments
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`sampleapi.apps.mngoma.lab`)
+      kind: Rule
+      services:
+        - name: sampleapi
+          port: 443
+          scheme: http
+  tls: {}

manifests/deployment.yaml.bak

@@ -0,0 +1,93 @@
+# namespace
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: experiments
+  labels:
+    name: experiments
+---
+# config map
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sampleapi-configmap
+  namespace: experiments
+data:
+  appname: "SampleApi"
+---
+# deployment
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sampleapi-deployment
+  namespace: experiments
+  labels:
+    app: sampleapi
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: sampleapi
+  template:
+    metadata:
+      labels:
+        app: sampleapi
+    spec:
+      containers:
+      - name: sampleapi
+        image: khwezi/mngomalab:latest
+        imagePullPolicy: IfNotPresent
+        ports:
+        - name: http
+          containerPort: 8080
+          protocol: TCP
+        - name: https
+          containerPort: 8081
+          protocol: TCP
+---
+# service
+apiVersion: v1
+kind: Service
+metadata:
+  name: sampleapi-service
+  namespace: experiments
+spec:
+  type: ClusterIP
+  selector:
+    app: sampleapi
+    app.kubernetes.io/instance: sampleapi
+  ports:
+  - port: 8080
+    targetPort: 80
+  - port: 8081
+    targetPort: 443
+---
+# ingress
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: sampleapi-ingress
+  namespace: experiments
+  annotations:
+    cert-manager.io/cluster-issuer: sampleapi-secret
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    cert-manager.io/private-key-size: "4096"
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: sampleapi.main.k3s.lab.mngoma.africa
+    http:
+      paths:
+      - pathType: Prefix
+        path: /
+        backend:
+          service:
+            name: sampleapi-service
+            port:
+              number: 80
+  tls:
+  - hosts:
+    - sampleapi.main.k3s.lab.mngoma.africa
+    secretName: sampleapi-secret
+