diff --git a/.gitignore b/.gitignore index 3f63b15..0e425b0 100644 --- a/.gitignore +++ b/.gitignore @@ -103,7 +103,7 @@ kubernetes-deployment/config.json dockermount/ test/ -**.local +**.local.** ghost-upstream/ content/ config.production.json @@ -114,3 +114,6 @@ ghost-local.db .monokle .monokle docker-compose.yml +trustr-production-promote.yaml +trustr-staging-build-monorepo.yaml +trustr-staging-build-not-monorepo.yaml diff --git a/Dockerfile b/Dockerfile index a8da14f..37589fd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,8 +9,7 @@ FROM node:hydrogen-bookworm-slim AS build-env ENV NODE_ENV production # Install the latest version of Ghost CLI globally and clean the npm cache -RUN npm install -g "ghost-cli@latest" && \ - npm cache clean --force +RUN npm install -g "ghost-cli@latest" # Define the GHOST_VERSION build argument and set it as an environment variable ARG GHOST_VERSION @@ -23,11 +22,11 @@ ENV GHOST_CONTENT_ORIGINAL /var/lib/ghost/content.orig # Create the Ghost installation directory and set the owner to the "node" user RUN mkdir -pv "$GHOST_INSTALL" && \ - chown node:node "$GHOST_INSTALL" + chown node:node "$GHOST_INSTALL" # Switch to the "node" user and set the working directory to the home directory USER node -WORKDIR /home/node +# WORKDIR /home/node # Install Ghost with the specified version, using MySQL as the database, and configure it without prompts, stack traces, setup, and in the specified installation directory RUN ghost install $GHOST_VERSION --db mysql --dbhost mysql --no-prompt --no-stack --no-setup --dir $GHOST_INSTALL diff --git a/deploy/02-pvc.yaml b/deploy/02-pvc.yaml index 9b713c3..28eb5e8 100644 --- a/deploy/02-pvc.yaml +++ b/deploy/02-pvc.yaml @@ -11,7 +11,7 @@ metadata: app.kubernetes.io/component: frontend app.kubernetes.io/part-of: ghost-k8s spec: - storageClassName: longhorn-rwx # Change this to your storageClassName + storageClassName: longhorn-tmp # Change this to your storageClassName volumeMode: Filesystem accessModes: - ReadWriteMany # Change this to your accessModes if needed @@ -33,7 +33,7 @@ metadata: app.kubernetes.io/part-of: ghost-k8s spec: - storageClassName: longhorn-rwx # Change this to your storageClassName + storageClassName: longhorn-tmp # Change this to your storageClassName volumeMode: Filesystem accessModes: - ReadWriteMany # Change this to ReadWriteOnce if you are not using a distributed storage system diff --git a/deploy/03-service.yaml b/deploy/03-service.yaml index 0377ea6..a8e0f03 100644 --- a/deploy/03-service.yaml +++ b/deploy/03-service.yaml @@ -4,11 +4,11 @@ metadata: name: service-ghost-k8s namespace: ghost-k8s labels: - app: service-ghost-k8s - app.kubernetes.io/name: service-ghost-k8s + app: ghost-k8s + app.kubernetes.io/name: ghost-k8s app.kubernetes.io/instance: ghost-k8s app.kubernetes.io/version: "5.8" - app.kubernetes.io/component: service + app.kubernetes.io/component: service-ghost app.kubernetes.io/part-of: ghost-k8s spec: @@ -29,11 +29,11 @@ metadata: name: service-mysql-ghost-k8s namespace: ghost-k8s labels: - app: service-mysql-ghost-k8s - app.kubernetes.io/name: service-mysql-ghost-k8s + app: mysql-ghost-k8s + app.kubernetes.io/name: mysql-ghost-k8s app.kubernetes.io/instance: ghost-k8s app.kubernetes.io/version: "5.8" - app.kubernetes.io/component: database + app.kubernetes.io/component: service app.kubernetes.io/part-of: ghost-k8s spec: ports: diff --git a/deploy/05-mysql.yaml b/deploy/05-mysql.yaml index c67e622..e9565a3 100644 --- a/deploy/05-mysql.yaml +++ b/deploy/05-mysql.yaml @@ -21,9 +21,6 @@ spec: labels: app: mysql-ghost-k8s app.kubernetes.io/name: mysql-ghost-k8s - app.kubernetes.io/instance: ghost-k8s - app.kubernetes.io/version: "5.8" - app.kubernetes.io/component: database annotations: container.apparmor.security.beta.kubernetes.io/mysql-ghost-k8s: runtime/default spec: @@ -41,19 +38,35 @@ spec: - -c - | set -ex - chown -R 999:999 /mnt/mysql || true + echo 'Changing ownership of mysql mount directory to 999:999' + chown -R 999:999 /mnt/mysql || echo 'Error changing ownership of mysql mount directory to 999:999' && true + echo 'Changing ownership of tmp mount directory to 999:999' + chown -R 999:999 /mnt/tmp || echo 'Error changing ownership of tmp mount directory to 999:999' && true + echo 'Changing ownership of socket mount directory to 999:999' + chown -R 999:999 /mnt/var/run/mysqld || echo 'Error changing ownership of socket mount directory to 999:999' && true + exit 0 + + volumeMounts: - name: mysql-ghost-k8s-volume mountPath: /mnt/mysql subPath: mysql-empty-dir + + - name: mysql-ghost-k8s-tmp + mountPath: /mnt/tmp + readOnly: false + + - name: mysql-ghost-k8s-socket + mountPath: /mnt/var/run/mysqld + readOnly: false + resources: requests: - memory: 100Mi - cpu: 100m + memory: 400Mi + cpu: 300m limits: - memory: 200Mi - cpu: 200m - + memory: 1000Mi # You c + cpu: 1000m containers: - name: mysql-ghost-k8s @@ -65,17 +78,17 @@ spec: runAsUser: 999 image: docker.io/mysql:8.2 - imagePullPolicy: IfNotPresent + imagePullPolicy: IfNotPresent # You can change this value according to your needs envFrom: - secretRef: name: mysql-ghost-k8s resources: requests: - memory: 200Mi - cpu: 100m + memory: 400Mi + cpu: 300m limits: - memory: 1Gi - cpu: 1000m + memory: 1Gi # You can change this value according to your needs + cpu: 1000m # You can change this value according to your needs ports: - containerPort: 3306 protocol: TCP @@ -84,13 +97,16 @@ spec: - name: mysql-ghost-k8s-volume mountPath: /var/lib/mysql subPath: mysql-empty-dir + - name: mysql-ghost-k8s-tmp mountPath: /tmp readOnly: false + - name: mysql-ghost-k8s-socket mountPath: /var/run/mysqld readOnly: false automountServiceAccountToken: false + # Optional: Uncomment the following to specify node selectors # affinity: # nodeAffinity: @@ -105,6 +121,7 @@ spec: securityContext: seccompProfile: type: RuntimeDefault + volumes: - name: mysql-ghost-k8s-volume persistentVolumeClaim: diff --git a/deploy/06-ghost-deployment.yaml b/deploy/06-ghost-deployment.yaml index 8d3d856..f60bbb6 100644 --- a/deploy/06-ghost-deployment.yaml +++ b/deploy/06-ghost-deployment.yaml @@ -53,8 +53,8 @@ spec: runAsNonRoot: false resources: limits: - cpu: 500m - memory: 256Mi + cpu: 1000m + memory: 1000Mi requests: cpu: 100m memory: 128Mi @@ -62,18 +62,21 @@ spec: - /bin/bash - '-c' - | - set -e + set -ex # Check if $GHOST_CONTENT/themes/source exists if [ ! -d "$GHOST_CONTENT/themes/source" ]; then # Clone the repository if the directory doesn't exist git clone https://github.com/TryGhost/Source.git $GHOST_CONTENT/themes/source --single-branch --branch=main --depth=1 echo "Cloned Source theme" + # Remove gitconfig file and gitcredentials file. + rm -f $GHOST_CONTENT/themes/source/.gitconfig $GHOST_CONTENT/themes/source/.git-credentials || true else - # If the directory exists, cd into it and pull the latest changes - cd $GHOST_CONTENT/themes/source - git config --global --add safe.directory $PWD - git pull origin main - echo "Pulled latest changes from Source theme" + # If the directory exists, recursively delete it. + rm -rf $GHOST_CONTENT/themes/source + # Clone the repository + git clone https://github.com/TryGhost/Source.git $GHOST_CONTENT/themes/source --single-branch --branch=main --depth=1 + # Remove gitconfig file and gitcredentials file. + rm -f $GHOST_CONTENT/themes/source/.gitconfig $GHOST_CONTENT/themes/source/.git-credentials || true fi chown -Rf 1000:1000 $GHOST_CONTENT || true echo "Assured ownership of the ghost installation"