From bf711114b7fdaf9a586ab8744664559592ebbae2 Mon Sep 17 00:00:00 2001 From: Tip ten Brink <75669206+tiptenbrink@users.noreply.github.com> Date: Thu, 14 Dec 2023 13:59:01 +0100 Subject: [PATCH] update staging for new tidploy --- .../deploy/staging/confspawn_tidploy.json | 3 +-- deploy/build/deploy/staging/dployer.sh | 26 ++++++++++++++++++- deploy/build/deploy/staging/source.sh | 16 +++++++----- deploy/use/staging/dployer.sh | 26 ++++++++++++++++++- deploy/use/staging/source.sh | 16 +++++++----- deploy/use/staging/tidploy.json | 3 +-- 6 files changed, 70 insertions(+), 20 deletions(-) diff --git a/deploy/build/deploy/staging/confspawn_tidploy.json b/deploy/build/deploy/staging/confspawn_tidploy.json index d2d16860..b3f9816b 100644 --- a/deploy/build/deploy/staging/confspawn_tidploy.json +++ b/deploy/build/deploy/staging/confspawn_tidploy.json @@ -1,10 +1,9 @@ { - "dployer": true, "info": { "latest": "{{ confspawn_env.git_ref }}" }, "secrets": { - "dployer_env": "BWS_ACCESS_TOKEN", + "env_var": "BWS_ACCESS_TOKEN", "ids": [ "fad6f227-e0fb-46f9-9380-b0ce0130e122", "02134621-a2cc-4a96-a695-b0ce0131081f", diff --git a/deploy/build/deploy/staging/dployer.sh b/deploy/build/deploy/staging/dployer.sh index c226a14b..a7fc3668 100755 --- a/deploy/build/deploy/staging/dployer.sh +++ b/deploy/build/deploy/staging/dployer.sh @@ -1,5 +1,29 @@ #!/bin/bash + +cleanup() { + echo + echo "Removing pipe..." + rm -f deploypipe + exit 1 +} + +# if you do Ctrl+C it will run cleanup +trap cleanup SIGINT + +# remove the pipe if it somehow still exists rm -f deploypipe +# create a named fifo pipe at ./deploypipe mkfifo deploypipe -docker run -e BWS_ACCESS_TOKEN -v ./deploypipe:/dployer/ti_dploy_pipe -v ./tidploy.json:/dployer/tidploy.json ghcr.io/tiptenbrink/bws-dployer:latest & ./source.sh ./deploypipe +# run the deployer, providing it with the Secrets Manager access token and +# mounting the named pipe as well as the JSON containing the secrets to the +# container +# the process is started in the background (the '&') and then we run our +# previous script with the name of the pipe as the first argument +docker run \ + -e BWS_ACCESS_TOKEN \ + -v ./deploypipe:/dployer/ti_dploy_pipe \ + -v "./tidploy.json:/dployer/tidploy.json" \ + ghcr.io/tiptenbrink/bws-dployer:latest & \ +./source.sh ./deploypipe +# finally we clean up the pipe by removing it rm deploypipe \ No newline at end of file diff --git a/deploy/build/deploy/staging/source.sh b/deploy/build/deploy/staging/source.sh index f7f122eb..54e5ab3c 100755 --- a/deploy/build/deploy/staging/source.sh +++ b/deploy/build/deploy/staging/source.sh @@ -1,19 +1,21 @@ #!/bin/bash +# we want to auto-export all environment variables we set so docker compose can use them set -a echo "Waiting for secrets..." while [ true ] do # if file exists and is named pipe if [ -p "$1" ]; then - echo "Loaded secret." . $1 + if [ -n "$TIDPLOY_READY" ]; then + echo "Starting...." + ./entrypoint.sh + break + else + echo "Secrets loaded." + fi + # if pipe doesn't exist we don't want to run too many loops else sleep 1 fi - - if [ -n "$TIDPLOY_READY" ]; then - echo "Starting...." - ./entrypoint.sh - break - fi done \ No newline at end of file diff --git a/deploy/use/staging/dployer.sh b/deploy/use/staging/dployer.sh index c226a14b..a7fc3668 100755 --- a/deploy/use/staging/dployer.sh +++ b/deploy/use/staging/dployer.sh @@ -1,5 +1,29 @@ #!/bin/bash + +cleanup() { + echo + echo "Removing pipe..." + rm -f deploypipe + exit 1 +} + +# if you do Ctrl+C it will run cleanup +trap cleanup SIGINT + +# remove the pipe if it somehow still exists rm -f deploypipe +# create a named fifo pipe at ./deploypipe mkfifo deploypipe -docker run -e BWS_ACCESS_TOKEN -v ./deploypipe:/dployer/ti_dploy_pipe -v ./tidploy.json:/dployer/tidploy.json ghcr.io/tiptenbrink/bws-dployer:latest & ./source.sh ./deploypipe +# run the deployer, providing it with the Secrets Manager access token and +# mounting the named pipe as well as the JSON containing the secrets to the +# container +# the process is started in the background (the '&') and then we run our +# previous script with the name of the pipe as the first argument +docker run \ + -e BWS_ACCESS_TOKEN \ + -v ./deploypipe:/dployer/ti_dploy_pipe \ + -v "./tidploy.json:/dployer/tidploy.json" \ + ghcr.io/tiptenbrink/bws-dployer:latest & \ +./source.sh ./deploypipe +# finally we clean up the pipe by removing it rm deploypipe \ No newline at end of file diff --git a/deploy/use/staging/source.sh b/deploy/use/staging/source.sh index f7f122eb..54e5ab3c 100755 --- a/deploy/use/staging/source.sh +++ b/deploy/use/staging/source.sh @@ -1,19 +1,21 @@ #!/bin/bash +# we want to auto-export all environment variables we set so docker compose can use them set -a echo "Waiting for secrets..." while [ true ] do # if file exists and is named pipe if [ -p "$1" ]; then - echo "Loaded secret." . $1 + if [ -n "$TIDPLOY_READY" ]; then + echo "Starting...." + ./entrypoint.sh + break + else + echo "Secrets loaded." + fi + # if pipe doesn't exist we don't want to run too many loops else sleep 1 fi - - if [ -n "$TIDPLOY_READY" ]; then - echo "Starting...." - ./entrypoint.sh - break - fi done \ No newline at end of file diff --git a/deploy/use/staging/tidploy.json b/deploy/use/staging/tidploy.json index ca046e28..49a25a34 100644 --- a/deploy/use/staging/tidploy.json +++ b/deploy/use/staging/tidploy.json @@ -1,10 +1,9 @@ { - "dployer": true, "info": { "latest": "main" }, "secrets": { - "dployer_env": "BWS_ACCESS_TOKEN", + "env_var": "BWS_ACCESS_TOKEN", "ids": [ "fad6f227-e0fb-46f9-9380-b0ce0130e122", "02134621-a2cc-4a96-a695-b0ce0131081f",