# Full Deployment (Beta)

## Overview

This guide walks you through the steps required to set up DIGIT using helmfile.

## Pre-requisites

* [helmfile](https://helmfile.readthedocs.io/en/latest/)
* git
* Kubernetes Cluster

Helmfile is a declarative spec for deploying helm charts. It lets you…

* Keep a directory of chart value files and maintain changes in version control.
* Apply CI/CD to configuration changes.
* Periodically sync to avoid skew in environments.

To avoid upgrades for each iteration of `helm`, the `helmfile` executable delegates to `helm` - as a result, [`helm`](https://helm.sh/docs/intro/install/) must be installed.

### Why Helmfile <a href="#installation" id="installation"></a>

* Standardisation of Helm templates (Override specific parameters such as namespace)
* To improve the Utilisation of Helm capabilities (Rollback)
* Easy to add any open-source helm chart to your DIGIT stack

## Installation <a href="#installation" id="installation"></a>

* download one of the [releases](https://github.com/helmfile/helmfile/releases)
* run as a container
* Archlinux: install via `pacman -S helmfile`
* open SUSE: install via `zypper in helmfile` assuming you are on Tumbleweed; if you are on Leap you must add the [kubic](https://download.opensuse.org/repositories/devel:/kubic/) repo for your distribution version once before that command, e.g. `zypper ar https://download.opensuse.org/repositories/devel:/kubic/openSUSE_Leap_\$releasever kubic`
* Windows (using [scoop](https://scoop.sh/)): `scoop install helmfile`
* macOS (using [homebrew](https://brew.sh/)): `brew install helmfile`

#### Running as a container <a href="#running-as-a-container" id="running-as-a-container"></a>

The [Helmfile Docker images are available in GHCR](https://github.com/helmfile/helmfile/pkgs/container/helmfile). There is no `latest` tag, since the `0.x` versions can contain breaking changes, so pick the right tag. Example using `helmfile 0.156.0`:

```sh-session
$ docker run --rm --net=host -v "${HOME}/.kube:/helm/.kube" -v "${HOME}/.config/helm:/helm/.config/helm" -v "${PWD}:/wd" --workdir /wd ghcr.io/helmfile/helmfile:v0.156.0 helmfile sync
```

You can also use a shim to make calling the binary easier:

```sh-session
$ printf '%s\n' '#!/bin/sh' 'docker run --rm --net=host -v "${HOME}/.kube:/helm/.kube" -v "${HOME}/.config/helm:/helm/.config/helm" -v "${PWD}:/wd" --workdir /wd ghcr.io/helmfile/helmfile:v0.156.0 helmfile "$@"' |
    tee helmfile
$ chmod +x helmfile
$ ./helmfile sync
```

## Helm File - commands

### init

The helmfile init sub-command checks the dependencies required for helmfile operation, such as helm, helm diff plugin, helm secrets plugin, helm helm-git plugin, helm s3 plugin. When it does not exist or the version is too low, it can be installed automatically.

### sync

The helmfile sync sub-command syncs your cluster state as described in your helmfile. The default helmfile is helmfile.yaml, but any YAML file can be passed by specifying a --file path/to/your/yaml/file flag.

### apply

The helmfile apply sub-command begins by executing diff. If diff finds that there are any changes, sync is executed. Adding --interactive instructs Helm File to request your confirmation before sync.

### destroy

The helmfile destroys sub-commands uninstalls and purges all the releases defined in the manifests. helmfile --interactive destroy instructs Helm File to request your confirmation before actually deleting releases.\\

## Deploying DIGIT Using Helmfile

```
$ git clone https://github.com/egovernments/DIGIT-DevOps.git
$ cd DIGIT-DevOps
$ git checkout DIGIT-2.9LTS
```

* Update domain name in env.yaml

```
$ vi deploy-as-code/charts/environments/env.yaml
```

<figure><img src="https://3868804918-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FegsIWleSdyH9rMLJ8ShI%2Fuploads%2Fgit-blob-402107c9757609fe8ce8881343212219dc354023%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

* Update db password , flywaypassword, loginusername, loginpassword and git-sync private key in env-secrets.yaml

<mark style="color:red;">**Note:**</mark> <mark style="color:red;">Make sure the db\_password and flywaypassword are same</mark>

```
$ vi deploy-as-code/charts/environments/env-secrets.yaml
```

<figure><img src="https://3868804918-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FegsIWleSdyH9rMLJ8ShI%2Fuploads%2Fgit-blob-64a66cee227e6cdb6510fabd33548ac1b52eb994%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3868804918-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FegsIWleSdyH9rMLJ8ShI%2Fuploads%2Fgit-blob-6b446b2a2a2ea67a6a5a2e5250ef7620bfe7d0bc%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
**Note**

1\. Generate SSH key pairs using the below method\
Using the online website (not recommended in a production setup. To be only used for demo setups): <https://8gwifi.org/sshfunctions.jsp>\
2\. Add the public key to your GitHub account - (reference: <https://www.youtube.com/watch?v=9C7_jBn9XJ0&ab_channel=AOSNote> )
{% endhint %}

* Run the below command to install DIGIT successfully.

```
$ helmfile -f deploy-as-code/digit-helmfile.yaml apply
```

## **Deploying DIGIT Using Managed Database**

This guide outlines a deployment strategy for running containerized applications on Kubernetes, focusing on seamless database integration. It's suitable for teams looking to simplify their database setup using in-cluster PostgreSQL or externally managed database services.

### Transitioning to Managed Database Services

By updating the Kubernetes deployment configuration, teams can easily switch from an in-cluster PostgreSQL database to a managed service. This move enhances scalability and reliability while reducing the operational overhead of database management.

#### Key Benefits:

* **Scalability and Reliability:** Managed services offer superior scalability and reliability compared to in-cluster databases.
* **Reduced Operational Overhead:** Outsourcing database management allows teams to concentrate on application development.

### Integration Steps

```
$ git clone https://github.com/egovernments/DIGIT-DevOps.git
$ cd DIGIT-DevOps
$ git checkout DIGIT-2.9LTS(Helmfile)
```

* To integrate a managed PostgreSQL service, modify the following parameters in the

  deploy-as-code/charts/environments/env.yaml configuration file:

  * `db-host`: Update with the database service host address.
  * **`db-name`**: Update with the specific database name.
  * `db-url`: Update with the complete database connection URL.
  * `domain`: Update domain name with your domain name

```
$ vi deploy-as-code/charts/environments/env.yaml
```

<figure><img src="https://3868804918-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FegsIWleSdyH9rMLJ8ShI%2Fuploads%2Fgit-blob-5e0e919e2d6b37f70f0dad9cfc3954f00da39c17%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

* Update db password, db username, flyway username, flyway password, login username, login password and git-sync private key in env-secrets.yaml

```
$ vi deploy-as-code/charts/environments/env-secrets.yaml
```

<div align="left"><figure><img src="https://3868804918-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FegsIWleSdyH9rMLJ8ShI%2Fuploads%2Fgit-blob-a402665d1de28e1c85997845672bebe8c77f2f6a%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure></div>

<figure><img src="https://3868804918-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FegsIWleSdyH9rMLJ8ShI%2Fuploads%2Fgit-blob-6b446b2a2a2ea67a6a5a2e5250ef7620bfe7d0bc%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
**Note:** 1. Generate SSH key pairs using the below method\
Using the online website (not recommended in production setup. To be only used for demo setups): <https://8gwifi.org/sshfunctions.jsp>\
2\. Add the public key to your GitHub account - (reference: <https://www.youtube.com/watch?v=9C7_jBn9XJ0&ab_channel=AOSNote> )
{% endhint %}

* Run the below command to install DIGIT successfully.

```
$ helmfile -f deploy-as-code/digit-helmfile.yaml apply    
```

## Post Deployment

Please hit the below URL to login into the employee dashboard with SUPERUSER access

```
https://<domain_name>/employee
```

Log in with the user credentials which you have provided in the below file path

```
deploy-as-code/charts/environments/env-secrets.yaml
```

## **Destroying The Deployed DIGIT Using Helmfile**

```
$ helmfile -f deploy-as-code/digit-helmfile.yaml destroy
```

\
Tested Environment

This deployment approach has been thoroughly tested on an Amazon Web Services Elastic Kubernetes Service (AWS EKS) Cluster with Kubernetes version 1.28.\\