From f09a32d0d19f984a186cf343c54560b3d6e07e8f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 08:28:13 +0200
Subject: [PATCH 1/8] Implement 'PRODUCTION_DB_CLEAN_ALLOW' for production
 environments on staging servers

---
 deployment/kubernetes/templates/backend/ConfigMap.yml | 1 +
 deployment/kubernetes/values.template.yaml            | 1 +
 docker-compose.ocelotsocial-branded.yml               | 1 +
 3 files changed, 3 insertions(+)

diff --git a/deployment/kubernetes/templates/backend/ConfigMap.yml b/deployment/kubernetes/templates/backend/ConfigMap.yml
index 4ea065c..a4c8405 100644
--- a/deployment/kubernetes/templates/backend/ConfigMap.yml
+++ b/deployment/kubernetes/templates/backend/ConfigMap.yml
@@ -11,6 +11,7 @@ metadata:
     app.kubernetes.io/managed-by: "{{ .Release.Service }}"
     helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
 data:
+  PRODUCTION_DB_CLEAN_ALLOW: "{{ .Values.PRODUCTION_DB_CLEAN_ALLOW }}"
   PUBLIC_REGISTRATION: "{{ .Values.PUBLIC_REGISTRATION }}"
   INVITE_REGISTRATION: "{{ .Values.INVITE_REGISTRATION }}"
   CLIENT_URI: "{{ .Values.BACKEND.CLIENT_URI }}"
diff --git a/deployment/kubernetes/values.template.yaml b/deployment/kubernetes/values.template.yaml
index 921ce3c..9b5b751 100644
--- a/deployment/kubernetes/values.template.yaml
+++ b/deployment/kubernetes/values.template.yaml
@@ -1,6 +1,7 @@
 # please duplicate template file and rename to "values.yaml" and fill in your value
 
 # change all the below if needed
+PRODUCTION_DB_CLEAN_ALLOW: false # only true for production environments on staging servers
 PUBLIC_REGISTRATION: false
 INVITE_REGISTRATION: false
 COOKIE_EXPIRE_TIME: 730 # days (730 days, two years is the default in main code)
diff --git a/docker-compose.ocelotsocial-branded.yml b/docker-compose.ocelotsocial-branded.yml
index 7591b4a..9d678ec 100644
--- a/docker-compose.ocelotsocial-branded.yml
+++ b/docker-compose.ocelotsocial-branded.yml
@@ -45,6 +45,7 @@ services:
       - PRIVATE_KEY_PASSPHRASE=a7dsf78sadg87ad87sfagsadg78
       - EMAIL_SUPPORT=support@wir.social
       - EMAIL_DEFAULT_SENDER=info@wir.social
+      - PRODUCTION_DB_CLEAN_ALLOW=true # because this is stage.ocelot.social # false # only true for production environments on staging servers
       - PUBLIC_REGISTRATION=true
       - SMTP_USERNAME=${SMTP_USERNAME}
       - SMTP_PASSWORD=${SMTP_PASSWORD}

From 0317d44adee9db47eb59aca3e49c124003dca107 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 09:37:16 +0200
Subject: [PATCH 2/8] Set push branch temporary to this branch as well

---
 .github/workflows/publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 0fde053..c89ab3f 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,7 +4,7 @@ on:
   push:
     branches:
       - master
-      # - 14-new-deployment-with-base-and-code # for testing while developing
+      - 5065-automatic-deployment-to-stage.ocelot.social-on-push-to-master-branch # for testing while developing
 
 jobs:
   ##############################################################################

From efc78594de545471b9498b1203681aa0b95d1a41 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 09:38:50 +0200
Subject: [PATCH 3/8] Add Documentation for 'Kubernetes Commands (Without Helm)
 To Deploy New Docker Images To A Kubernetes Cluster'

---
 deployment/kubernetes/README.md | 47 +++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

diff --git a/deployment/kubernetes/README.md b/deployment/kubernetes/README.md
index c519cb0..e14ab40 100644
--- a/deployment/kubernetes/README.md
+++ b/deployment/kubernetes/README.md
@@ -225,3 +225,50 @@ support, try this [helm chart](https://github.com/helm/charts/tree/master/stable
 
 On our kubernetes cluster we get "mult-attach" errors for persistent volumes.
 Apparently DigitalOcean's kubernetes clusters do not fulfill the requirements.
+
+## Kubernetes Commands (Without Helm) To Deploy New Docker Images To A Kubernetes Cluster
+
+### Deploy A Version
+
+```bash
+# !!! be aware of the correct kube context !!!
+$ kubectl config get-contexts
+
+# deploy version '$BUILD_VERSION'
+# !!! 'latest' is not recommended on production !!!
+
+# for easyness set env
+$ export BUILD_VERSION=1.0.8-48-ocelot.social1.0.8-184 # example
+# check this with
+$ echo $BUILD_VERSION
+1.0.8-48-ocelot.social1.0.8-184
+
+# deploy actual version '$BUILD_VERSION' to Kubernetes cluster
+$ kubectl -n default set image deployment/ocelot-webapp container-ocelot-webapp=ocelotsocialnetwork/webapp:$BUILD_VERSION
+$ kubectl -n default rollout restart deployment/ocelot-webapp
+$ kubectl -n default set image deployment/ocelot-backend container-ocelot-backend=ocelotsocialnetwork/backend:$BUILD_VERSION
+$ kubectl -n default rollout restart deployment/ocelot-backend
+$ kubectl -n default set image deployment/ocelot-maintenance container-ocelot-maintenance=ocelotsocialnetwork/maintenance:$BUILD_VERSION
+$ kubectl -n default rollout restart deployment/ocelot-maintenance
+$ kubectl -n default set image deployment/ocelot-neo4j container-ocelot-neo4j=ocelotsocialnetwork/neo4j-community:$BUILD_VERSION
+$ kubectl -n default rollout restart deployment/ocelot-neo4j
+# verify deployment and wait for the pods of each deployment to get ready for cleaning and seeding of the database
+$ kubectl -n default rollout status deployment/ocelot-webapp --timeout=240s
+$ kubectl -n default rollout status deployment/ocelot-maintenance --timeout=240s
+$ kubectl -n default rollout status deployment/ocelot-backend --timeout=240s
+$ kubectl -n default rollout status deployment/ocelot-neo4j --timeout=240s
+```
+
+### Staging – Clean And Seed Neo4j Database
+
+***ATTENTION:*** Cleaning and seeding of our Neo4j database is only possible in production if env `PRODUCTION_DB_CLEAN_ALLOW=true` is set in our deployment.
+
+```bash
+# !!! be aware of the correct kube context !!!
+$ kubectl config get-contexts
+
+# reset and seed Neo4j database via backend for staging
+$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- /bin/sh -c "node dist/db/clean.js"
+$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- /bin/sh -c "node dist/db/seed.js"
+
+```

From eafc73dc0f449827598a538dc85518acdf5e7226 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 09:51:30 +0200
Subject: [PATCH 4/8] Comment out 'PRODUCTION_DB_CLEAN_ALLOW' in
 'docker-compose.ocelotsocial-branded.yml'

---
 docker-compose.ocelotsocial-branded.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.ocelotsocial-branded.yml b/docker-compose.ocelotsocial-branded.yml
index 9d678ec..b8c3ce4 100644
--- a/docker-compose.ocelotsocial-branded.yml
+++ b/docker-compose.ocelotsocial-branded.yml
@@ -45,7 +45,7 @@ services:
       - PRIVATE_KEY_PASSPHRASE=a7dsf78sadg87ad87sfagsadg78
       - EMAIL_SUPPORT=support@wir.social
       - EMAIL_DEFAULT_SENDER=info@wir.social
-      - PRODUCTION_DB_CLEAN_ALLOW=true # because this is stage.ocelot.social # false # only true for production environments on staging servers
+      # - PRODUCTION_DB_CLEAN_ALLOW=false # only true for production environments on staging servers
       - PUBLIC_REGISTRATION=true
       - SMTP_USERNAME=${SMTP_USERNAME}
       - SMTP_PASSWORD=${SMTP_PASSWORD}

From ac19f5959c6ad7c3a322e4ebf27c02aa7b57de0e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 09:52:56 +0200
Subject: [PATCH 5/8] Comment out 'PRODUCTION_DB_CLEAN_ALLOW' in
 'docker-compose.yml'

---
 docker-compose.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index 5610511..285a0d3 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -54,6 +54,7 @@ services:
       - PRIVATE_KEY_PASSPHRASE=a7dsf78sadg87ad87sfagsadg78
       - EMAIL_SUPPORT=support@wir.social
       - EMAIL_DEFAULT_SENDER=info@wir.social
+      # - PRODUCTION_DB_CLEAN_ALLOW=false # only true for production environments on staging servers
       - PUBLIC_REGISTRATION=true
       - SMTP_USERNAME=${SMTP_USERNAME}
       - SMTP_PASSWORD=${SMTP_PASSWORD}

From 126c92480b8b55e742799838bac83a7a5013d2b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 10:00:55 +0200
Subject: [PATCH 6/8] Fix changing of push branch temporary to this branch as
 well

---
 .github/workflows/publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index c89ab3f..ce08ee1 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,7 +4,7 @@ on:
   push:
     branches:
       - master
-      - 5065-automatic-deployment-to-stage.ocelot.social-on-push-to-master-branch # for testing while developing
+      - 55-implement-PRODUCTION_DB_CLEAN_ALLOW-for-staging-production-evironments # for testing while developing
 
 jobs:
   ##############################################################################

From 0adbe7696b8540814367f614ad230995150a7377 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 14:50:07 +0200
Subject: [PATCH 7/8] Change back to only publish on master branch push

---
 .github/workflows/publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index ce08ee1..2743a25 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,7 +4,7 @@ on:
   push:
     branches:
       - master
-      - 55-implement-PRODUCTION_DB_CLEAN_ALLOW-for-staging-production-evironments # for testing while developing
+      # - 55-implement-PRODUCTION_DB_CLEAN_ALLOW-for-staging-production-evironments # for testing while developing
 
 jobs:
   ##############################################################################

From 92007dfb7452a1b072dd8f927ae2ada9d4407dba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= <wolle.huss@pjannto.com>
Date: Wed, 20 Jul 2022 14:53:10 +0200
Subject: [PATCH 8/8] Change document by accumulate Neo4j db 'clean.js' and
 'seed.js' and make the node calls await with flag '--experimental-repl-await'
 in 'publish.yml'

---
 deployment/kubernetes/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/deployment/kubernetes/README.md b/deployment/kubernetes/README.md
index e14ab40..1a9a762 100644
--- a/deployment/kubernetes/README.md
+++ b/deployment/kubernetes/README.md
@@ -268,7 +268,7 @@ $ kubectl -n default rollout status deployment/ocelot-neo4j --timeout=240s
 $ kubectl config get-contexts
 
 # reset and seed Neo4j database via backend for staging
-$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- /bin/sh -c "node dist/db/clean.js"
-$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- /bin/sh -c "node dist/db/seed.js"
+$ kubectl -n default exec -it $(kubectl -n default get pods | grep ocelot-backend | awk '{ print $1 }') -- /bin/sh -c "node --experimental-repl-await dist/db/clean.js && node --experimental-repl-await dist/db/seed.js"
+
 
 ```