add prometheus support

.github/workflows/build-docker.yml

@@ -30,29 +30,15 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Download artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         if: env.DOCKER_HUB_USERNAME != '' && env.DOCKER_HUB_PASSWORD != ''
         with:
           username: ${{ secrets.docker_hub_username }}
           password: ${{ secrets.docker_hub_password }}
 
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
-        if: env.AWS_ASSUME_ROLE != ''
-        with:
-          role-to-assume: "${{ secrets.aws_assume_role }}"
-          aws-region: "us-east-1"
-
-      - name: Login to ECR
-        id: ecr-login
-        uses: aws-actions/amazon-ecr-login@v2
-        if: env.AWS_ASSUME_ROLE != ''
-        with:
-          registry-type: public
-
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
@@ -66,35 +52,3 @@ jobs:
             -t ${{ inputs.image_name }}:${{ inputs.version }} \
             -t ${{ inputs.image_name }}:latest \
             .
-      - name: Copy beta to ECR
-        uses: truemark/skopeo-copy-action@v1
-        if: env.AWS_ASSUME_ROLE != ''
-        with:
-          src-image: "docker://${{ inputs.image_name }}:${{ inputs.version }}"
-          dest-image: "docker://public.ecr.aws/${{ inputs.image_name }}:${{ inputs.version }}"
-          src-username: "${{ secrets.docker_hub_username }}"
-          src-password: "${{ secrets.docker_hub_password }}"
-          dest-username: "${{ steps.ecr-login.outputs.docker_username_public_ecr_aws }}"
-          dest-password: "${{ steps.ecr-login.outputs.docker_password_public_ecr_aws }}"
-          multi-arch: "all"
-
-      - name: Copy latest to ECR
-        uses: truemark/skopeo-copy-action@v1
-        with:
-          src-image: "docker://${{ inputs.image_name }}:latest"
-          dest-image: "docker://public.ecr.aws/${{ inputs.image_name }}:latest"
-          src-username: "${{ secrets.docker_hub_username }}"
-          src-password: "${{ secrets.docker_hub_password }}"
-          dest-username: "${{ steps.ecr-login.outputs.docker_username_public_ecr_aws }}"
-          dest-password: "${{ steps.ecr-login.outputs.docker_password_public_ecr_aws }}"
-          multi-arch: "all"
-
-      - name: Create Version Artifact
-        run: |
-          echo ${{ inputs.version }} > docker-version.txt
-
-      - name: Upload Docker Image Tag
-        uses: actions/upload-artifact@v3
-        with:
-          name: docker-version
-          path: docker-version.txt

.github/workflows/build-maven.yml

@@ -22,21 +22,21 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Maven Cache
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
           restore-keys: |
             ${{ runner.os }}-maven-
       - name: Setup Java
-        uses: actions/setup-java@v3
+        uses: actions/setup-java@v4
         with:
           java-version: ${{ inputs.java_version }}
           distribution: ${{ inputs.java_distribution }}
       - name: Build Java
         run: ./mvnw -B -ntp -Drevision=${{ inputs.version }} package
       - name: Upload Target
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: target
           path: |

.github/workflows/build.yml

@@ -1,10 +1,6 @@
 on:
   workflow_dispatch:
   push:
-    branches:
-      - main
-      - develop
-      - hotfix/*
 permissions:
   id-token: write
   contents: write
@@ -19,7 +15,6 @@ jobs:
   build-docker:
     name: Build Docker
     uses: ./.github/workflows/build-docker.yml
-    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop' ||startsWith(github.ref, 'refs/heads/hotfix/')
     with:
       version: 61.${{ github.run_number }}.${{ github.run_attempt }}
       image_name: "truemark/helloworld-java"
@@ -28,35 +23,10 @@ jobs:
       docker_hub_username: ${{ secrets.DOCKER_HUB_USERNAME }}
       docker_hub_password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
     needs: [build-maven]
-  diff-stage:
-    name: CDK diff to Stage
-    uses: ./.github/workflows/cdk-diff.yml
+  make_release:
+    name: Prepare for releaes
+    uses: ./.github/workflows/releases.yml
+    needs: [build-docker]
     with:
-      environment: "stage"
-    secrets:
-      aws_assume_role: ${{ secrets.AWS_ASSUME_ROLE }}
-    needs: [ build-maven ]
-  deploy-stage:
-    if: github.ref == 'refs/heads/develop' ||startsWith(github.ref, 'refs/heads/hotfix/')
-    name: Deploy to Stage
-    uses: ./.github/workflows/deploy.yml
-    with:
-      environment: "stage"
-    needs: [diff-stage, build-docker]
-  cdk-deploy-prod:
-    name: CDK deploy to Prod
-    uses: ./.github/workflows/cdk-deploy.yml
-    with:
-      environment: "prod"
-    secrets:
-      aws_assume_role: ${{ secrets.AWS_ASSUME_ROLE }}
-    needs: [diff-stage, build-docker]
-  eks-deploy-prod:
-    if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/hotfix/')
-    name: Deploy to Prod
-    uses: ./.github/workflows/deploy.yml
-    with:
-      environment: "prod"
-    needs: [cdk-deploy-prod]
-    secrets:
-      aws_assume_role: ${{ secrets.AWS_ASSUME_ROLE }}
+      environment: "dev"
+

.github/workflows/releases.yml

@@ -0,0 +1,96 @@
+on:
+  workflow_call:
+    inputs:
+      environment:
+        description: "Environment to deploy to"
+        required: true
+        type: string
+
+jobs:
+  prepare-release:
+    runs-on: ubuntu-latest
+    environment: stage
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install kubectl
+        run: |
+          echo "Installing kubectl..."
+          KUBECTL_VERSION=$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)
+          curl -LO "https://storage.googleapis.com/kubernetes-release/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
+          chmod +x ./kubectl
+          sudo mv ./kubectl /usr/local/bin/kubectl
+          echo "kubectl installed successfully."
+
+      - name: Install yq
+        run: |
+          sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq
+          sudo chmod +x /usr/bin/yq
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: "${{ vars.AWS_ASSUME_ROLE_DEPLOY }}"
+          aws-region: "us-east-2"
+
+      - name: Prepare Release
+        run: |
+          echo "Preparing release for environment ${{ inputs.environment }}"
+          echo "Release version: ${{ github.run_number }}"
+          echo "Release attempt: ${{ github.run_attempt }}"
+          echo "Release environment: ${{ inputs.environment }}"
+          echo "Release date: $(date)"
+
+      - name: Update image tag in values.yaml
+        run: |
+          yq eval '.deployment.image.tag = "61.${{ github.run_number }}.${{ github.run_attempt }}"' -i k8s/values.yaml
+
+      - name: Configure Git for PAT authentication
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git remote set-url origin https://${{ secrets.PAT }}@github.com/${{ github.repository }}.git
+
+      - name: Commit Changes
+        run: |
+          git add k8s/values.yaml
+          git commit -m "Update image tag for ${{ inputs.environment }} release"
+          git push origin HEAD
+
+      - name: Force Update Tag
+        run: |
+          git tag -f ${{ inputs.environment }}
+          git push origin --force ${{ inputs.environment }}
+
+      - name: Poll application status
+        env:
+          APP_NAME: hello-world
+        run: |
+          aws eks update-kubeconfig --region us-east-2 --name ${{ vars.CLUSTER_NAME }}
+          echo "Polling application status for $APP_NAME..."
+          INITIAL_CHECK_DONE=false
+          while true; do
+            STATUS=$(kubectl get -n argocd application/$APP_NAME -o jsonpath='{.status.sync.status}')
+            HEALTH=$(kubectl get -n argocd application/$APP_NAME -o jsonpath='{.status.health.status}')
+            echo "$(date): Sync status: $STATUS, Health status: $HEALTH"
+
+            # Ignore the initial Healthy/Synced state
+            if [[ "$INITIAL_CHECK_DONE" == "false" ]]; then
+              echo "Ignoring initial status: Sync=$STATUS, Health=$HEALTH"
+              if [[ "$STATUS" != "Synced" || "$HEALTH" != "Healthy" ]]; then
+                INITIAL_CHECK_DONE=true
+              fi
+            else
+              # Check for successful sync and healthy state
+              if [[ "$STATUS" == "Synced" && "$HEALTH" == "Healthy" ]]; then
+                echo "Application $APP_NAME successfully synced and healthy."
+                break
+              fi
+            fi
+
+            # Wait for 10 seconds before polling again
+            sleep 10
+          done
+          echo "Recent events for $APP_NAME:"
+          kubectl get -n argocd events --field-selector involvedObject.name=$APP_NAME --sort-by='.metadata.creationTimestamp' -o wide | tail -n 5

Dockerfile

@@ -2,7 +2,6 @@ FROM amazoncorretto:21-al2023-headless
 USER nobody
 WORKDIR /home/app
 COPY target/*.jar /home/app/
-#HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD curl --fail http://localhost:8080/actuator/info || exit 1
 ENV MESSAGE="Hello Universe!"
 EXPOSE 8080
 ENTRYPOINT ["/bin/bash", "-c", "java -Xmx64m -jar *.jar"]

helm-chart/hello-world/templates/istio.yaml

@@ -1,14 +1,3 @@
-apiVersion: networking.istio.io/v1alpha3
-kind: Gateway
-metadata:
-  name: {{ include "truemark.fullname" . }}
-  labels:
-    {{- include "truemark.labels" . | nindent 4 }}
-spec:
-  selector:
-    app: istio-gateway-external
-  servers:
-  {{- toYaml .Values.istio.externalGateway.servers | nindent 2 }}
 ---
 apiVersion: networking.istio.io/v1alpha3
 kind: VirtualService