Removing cloud folder | Introducing Terragrunt for multitenancy | A…

…djusting trivy config file | Creating dev cluster using K3d | Enabling `dorny paths filter` in Github Actions
Archisman-Mridha · Jan 28, 2024 · 4b6bb7d · 4b6bb7d
1 parent 7a033f0
commit 4b6bb7d
Show file tree

Hide file tree

Showing 34 changed files with 330 additions and 393 deletions.
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
@@ -141,31 +141,31 @@ jobs:
 
       ## If sourcecode of the microservice has changed, only then we will rebuild, push, sign
       ## and scan the container image.
-      ## - name: Detect sourcecode change
-      ##   uses: dorny/paths-filter@v2
-      ##   id: path-filter
-      ##   with:
-      ##     base: ${{ github.ref }}
-      ##     filters: ${{ matrix.microservice.path_filters }}
+      - name: Detect sourcecode change
+        uses: dorny/paths-filter@v2
+        id: path-filter
+        with:
+          base: ${{ github.ref }}
+          filters: ${{ matrix.microservice.path_filters }}
 
       - name: Set up QEMU
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: docker/setup-qemu-action@v2
 
       - name: Set up Docker Buildx
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: docker/setup-buildx-action@v2
 
       - name: Login to GitHub Container Registry
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: docker/login-action@v2.1.0
         with:
           registry: ghcr.io
           username: archisman-mridha
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Restore cached Cargo dependencies (if exists)
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: actions/cache/restore@v3
         with:
           path: |
@@ -174,7 +174,7 @@ jobs:
           key: ${{ runner.os }}-cargo-${{ matrix.microservice.name }}-${{ hashFiles('**/Cargo.lock') }}
 
       - name: Build and push AMD64 container image
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: docker/build-push-action@v4
         with:
           context: .
@@ -191,7 +191,7 @@ jobs:
           cache-to: type=gha,mode=max
 
       - name: Cache Cargo dependencies
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: actions/cache@v3
         with:
           path: |
@@ -200,20 +200,20 @@ jobs:
           key: ${{ runner.os }}-cargo-${{ matrix.microservice.name }}-${{ hashFiles('**/Cargo.lock') }}
 
       - name: Remove cached folders from local machine
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         run: |
           rm -rf /usr/local/cargo/registry/ target/
 
       ## Cosign is a command line utility that can sign and verify software artifact, such as
       ## container images and blobs.
       - name: Install Cosign
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: sigstore/cosign-installer@v3.1.1
         with:
           cosign-release: v2.2.1
 
       - name: Sign the published container image
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         env:
           COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
         run: |
@@ -225,11 +225,11 @@ jobs:
             ghcr.io/archisman-mridha/instagram-clone-${{ matrix.microservice.name }}:${{ github.sha }} -y
 
       - name: Create outputs directory
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         run: mkdir -p ./outputs/trivy
 
       - name: Scan container image for vulnerabilities
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: ghcr.io/archisman-mridha/instagram-clone-${{ matrix.microservice.name }}:${{ github.sha }}
@@ -240,14 +240,14 @@ jobs:
           output: ./outputs/trivy/${{ matrix.microservice.name }}.container-image-scan-result.sarif
 
       - name: Upload the scan result as Github artifact
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         uses: actions/upload-artifact@v3
         with:
           name: trivy.${{ matrix.microservice.name }}-microservice.container-image-scan-result.sarif
           path: ./outputs/trivy/${{ matrix.microservice.name }}.container-image-scan-result.sarif
 
       - name: Update container image tag in Kubernetes manifests
-        ## if: steps.path-filter.outputs.changed == 'true'
+        if: steps.path-filter.outputs.changed == 'true'
         run: |
           git config --global user.name "Archisman-Mridha"
           git config --global user.email "archismanmridha12345@gmail.com"

diff --git a/.gitignore b/.gitignore
@@ -38,6 +38,15 @@ override.tf.json
 .terraformrc
 terraform.rc
 
+#--- Terragrunt ---
+
+# terragrunt cache directories
+**/.terragrunt-cache/*
+
+# Terragrunt debug output file (when using `--terragrunt-debug` option)
+# See: https://terragrunt.gruntwork.io/docs/reference/cli-options/#terragrunt-debug
+terragrunt-debug.tfvars.json
+
 # --- RUST ---
 
 # Generated by Cargo

diff --git a/Makefile b/Makefile
@@ -31,4 +31,10 @@ gen-sealed-secrets:
 
 ## Generate a token using which we can signin into the Kiali dashboard.
 get-kiali-token:
-	kubectl -n istio-system create token kiali-service-account
+	kubectl -n istio-system create token kiali-service-account
+
+get-argocd-admin-password:
+	kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
+
+show-argocd-ui:
+	kubectl port-forward svc/argocd-server -n argocd 8080:443
diff --git a/backend/microservices/feeds/adapters/kafka.rs b/backend/microservices/feeds/adapters/kafka.rs
@@ -68,12 +68,11 @@ impl KafkaAdapter {
         let consumeMessage: bool;
 
         match payload.op {
-          DbOperation::Create =>
           // TODO: For each message, spin up a new thread (or take a thread from a thread-pool)
-          // and do the processing in that separate thread parallaly.
+          // and do the processing in that separate thread parallely.
           //
           // TODO: If any error occurs, then send it to a central log management system.
-          {
+          DbOperation::Create => {
             consumeMessage = usecases
               .pushPostToFeeds(payload.after.unwrap())
               .await

diff --git a/cloud/.terraform.lock.hcl b/cloud/.terraform.lock.hcl
diff --git a/cloud/1.cluster.tf b/cloud/1.cluster.tf
diff --git a/cloud/2.cilium.tf b/cloud/2.cilium.tf
diff --git a/cloud/3.prepare-cluster.tf b/cloud/3.prepare-cluster.tf