From dc86058807deb4e36fb75115434457599e2303d3 Mon Sep 17 00:00:00 2001 From: Trey Pendragon Date: Fri, 31 May 2024 17:44:58 -0700 Subject: [PATCH 1/5] Add deploy script. Closes #21 Not sure this is the best script, and the output includes the SSH banner and stuff, but it's pretty simple! --- bin/deploy | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100755 bin/deploy diff --git a/bin/deploy b/bin/deploy new file mode 100755 index 00000000..3a66ea2c --- /dev/null +++ b/bin/deploy @@ -0,0 +1,12 @@ +#!/bin/bash +ENV=$1 +BRANCH_NAME="${BRANCH:-main}" +REPOSITORY="${REPO:-dpul-collections}" +if [[ -z ${ENV} ]]; +then + echo "Missing Environment. Command: BRANCH=main ./bin/deploy staging" + exit +fi +ssh deploy@nomad-host-prod1.lib.princeton.edu << EOF + curl -s "https://raw.githubusercontent.com/pulibrary/${REPOSITORY}/${BRANCH_NAME}/config/deploy/${ENV}.hcl" | nomad job run -var "branch_or_sha=sha-$(git ls-remote https://github.com/pulibrary/${REPOSITORY}.git ${BRANCH_NAME} | awk '{ print substr($1,1,7) }')" - +EOF From 958cc53d8199d3b86306a8983b90521e8912c0d8 Mon Sep 17 00:00:00 2001 From: Trey Pendragon Date: Fri, 31 May 2024 18:05:55 -0700 Subject: [PATCH 2/5] Improve shell display. --- bin/deploy | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/bin/deploy b/bin/deploy index 3a66ea2c..6d7bc3de 100755 --- a/bin/deploy +++ b/bin/deploy @@ -7,6 +7,7 @@ then echo "Missing Environment. Command: BRANCH=main ./bin/deploy staging" exit fi -ssh deploy@nomad-host-prod1.lib.princeton.edu << EOF - curl -s "https://raw.githubusercontent.com/pulibrary/${REPOSITORY}/${BRANCH_NAME}/config/deploy/${ENV}.hcl" | nomad job run -var "branch_or_sha=sha-$(git ls-remote https://github.com/pulibrary/${REPOSITORY}.git ${BRANCH_NAME} | awk '{ print substr($1,1,7) }')" - +ssh -qtt deploy@nomad-host-prod1.lib.princeton.edu << EOF + clear + curl -s "https://raw.githubusercontent.com/pulibrary/${REPOSITORY}/${BRANCH_NAME}/config/deploy/${ENV}.hcl" | nomad job run -var "branch_or_sha=sha-$(git ls-remote https://github.com/pulibrary/${REPOSITORY}.git ${BRANCH_NAME} | awk '{ print substr($1,1,7) }')" - && logout EOF From 55b8e82f23e3e725abd562870ea1182a37c23a02 Mon Sep 17 00:00:00 2001 From: Trey Pendragon Date: Sat, 15 Jun 2024 15:18:34 -0400 Subject: [PATCH 3/5] Add Github Deploy Notifications. --- bin/deploy | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/bin/deploy b/bin/deploy index 6d7bc3de..d5880324 100755 --- a/bin/deploy +++ b/bin/deploy @@ -2,12 +2,21 @@ ENV=$1 BRANCH_NAME="${BRANCH:-main}" REPOSITORY="${REPO:-dpul-collections}" +JOB_NAME="${JOBNAME:-dpulc}" if [[ -z ${ENV} ]]; then echo "Missing Environment. Command: BRANCH=main ./bin/deploy staging" exit fi +# Notify Github of Starting Deploy, Deploy, Notify Github of Ending Deploy ssh -qtt deploy@nomad-host-prod1.lib.princeton.edu << EOF + DEPLOY_ID=\$(curl -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer \$GITHUB_TOKEN" --data "{\"ref\":\"${BRANCH_NAME}\",\"description\":\"Deploy from Nomad script\", \"auto_merge\": false, \"environment\": \"${ENV}\", \"required_contexts\": [] }" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments" | jq .id) + curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer \$GITHUB_TOKEN" --data "{\"environment\":\"${ENV}\",\"state\":\"in_progress\",\"log_url\": \"https://nomad.lib.princeton.edu/ui/jobs/${JOB_NAME}-${ENV}\", \"description\":\"Deployment finished successfully.\"}" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments/\$DEPLOY_ID/statuses" + clear - curl -s "https://raw.githubusercontent.com/pulibrary/${REPOSITORY}/${BRANCH_NAME}/config/deploy/${ENV}.hcl" | nomad job run -var "branch_or_sha=sha-$(git ls-remote https://github.com/pulibrary/${REPOSITORY}.git ${BRANCH_NAME} | awk '{ print substr($1,1,7) }')" - && logout + + curl -s "https://raw.githubusercontent.com/pulibrary/${REPOSITORY}/${BRANCH_NAME}/config/deploy/${ENV}.hcl" | nomad job run -var "branch_or_sha=sha-$(git ls-remote https://github.com/pulibrary/${REPOSITORY}.git ${BRANCH_NAME} | awk '{ print substr($1,1,7) }')" - + + curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer \$GITHUB_TOKEN" --data "{\"environment\":\"${ENV}\",\"state\":\"success\",\"log_url\": \"https://nomad.lib.princeton.edu/ui/jobs/${JOB_NAME}-${ENV}\", \"description\":\"Deployment finished successfully.\"}" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments/\$DEPLOY_ID/statuses" && logout EOF + From 83294620e269bb4b9f4d7b04aa706d3b901285e4 Mon Sep 17 00:00:00 2001 From: Trey Pendragon Date: Sat, 15 Jun 2024 15:34:23 -0400 Subject: [PATCH 4/5] Add documentation. --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index 0594e317..db46567d 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,11 @@ The SECRET_KEY_BASE below is just a filler one for the purpose of testing locall Run Docker Image: `docker run -t -p 4000:4000 -e DATABASE_URL='ecto://postgres:@host.docker.internal:5434/database' -e SECRET_KEY_BASE='B8rwzeX3DFLveiJ4cP28lRGc0PWdEr8ZF/hDoPRucw95Nzf2IPnu7lhEB+Yldx6Z' dpul-collections` +## Deployment + +1. Connect to VPN +1. `BRANCH= ./bin/deploy staging` + ## Learn more * Official website: https://www.phoenixframework.org/ From 090068e276dc9d89ef7edc9abd3e6b758feb8aef Mon Sep 17 00:00:00 2001 From: Trey Pendragon Date: Tue, 18 Jun 2024 12:28:11 -0700 Subject: [PATCH 5/5] Add gh auth token and clean up script. Co-authored-by: Anna Headley Co-authored-by: Shaun Ellis --- bin/deploy | 62 +++++++++++++++++++++++++++++++++------ config/deploy/staging.hcl | 3 ++ 2 files changed, 56 insertions(+), 9 deletions(-) diff --git a/bin/deploy b/bin/deploy index d5880324..cd703b63 100755 --- a/bin/deploy +++ b/bin/deploy @@ -3,20 +3,64 @@ ENV=$1 BRANCH_NAME="${BRANCH:-main}" REPOSITORY="${REPO:-dpul-collections}" JOB_NAME="${JOBNAME:-dpulc}" -if [[ -z ${ENV} ]]; + +# Make sure we're on VPN +if ! nslookup nomad-host-prod1.lib.princeton.edu 2>&1 > /dev/null +then + echo "Unable to connect to nomad-host-prod1. Ensure you're on VPN." + exit 1 +fi + +## Get Github Token +if ! command -v gh &> /dev/null +then + if [ -z "$GITHUB_TOKEN" ] + then + echo "gh must be installed or a token passed with GITHUB_TOKEN. Run 'brew install gh'." + exit 1 + fi +fi + +GH_TOKEN="${GITHUB_TOKEN:-$(gh auth token 2> /dev/null)}" + +if [ "$GH_TOKEN" = "" ] +then + echo "Github token not set. Run 'gh auth login' and follow the directions." + exit 1 +fi + +if [[ -z "${ENV}" ]]; then - echo "Missing Environment. Command: BRANCH=main ./bin/deploy staging" + echo "Missing Environment. Command: 'BRANCH=main ./bin/deploy staging'." exit fi -# Notify Github of Starting Deploy, Deploy, Notify Github of Ending Deploy -ssh -qtt deploy@nomad-host-prod1.lib.princeton.edu << EOF - DEPLOY_ID=\$(curl -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer \$GITHUB_TOKEN" --data "{\"ref\":\"${BRANCH_NAME}\",\"description\":\"Deploy from Nomad script\", \"auto_merge\": false, \"environment\": \"${ENV}\", \"required_contexts\": [] }" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments" | jq .id) - curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer \$GITHUB_TOKEN" --data "{\"environment\":\"${ENV}\",\"state\":\"in_progress\",\"log_url\": \"https://nomad.lib.princeton.edu/ui/jobs/${JOB_NAME}-${ENV}\", \"description\":\"Deployment finished successfully.\"}" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments/\$DEPLOY_ID/statuses" - clear +# Create Github Deployment +DEPLOY_OUTPUT=$(curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer ${GH_TOKEN}" --data "{\"ref\":\"${BRANCH_NAME}\",\"description\":\"Deploy from Nomad script\", \"auto_merge\": false, \"environment\": \"${ENV}\", \"required_contexts\": [] }" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments") +regex='"id": ([0-9]+),' +[[ $DEPLOY_OUTPUT =~ $regex ]] +DEPLOY_ID=${BASH_REMATCH[1]} - curl -s "https://raw.githubusercontent.com/pulibrary/${REPOSITORY}/${BRANCH_NAME}/config/deploy/${ENV}.hcl" | nomad job run -var "branch_or_sha=sha-$(git ls-remote https://github.com/pulibrary/${REPOSITORY}.git ${BRANCH_NAME} | awk '{ print substr($1,1,7) }')" - +if [[ -z "${DEPLOY_ID}" ]] +then + echo "Unable to fetch Deploy ID." + exit 1 +fi - curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer \$GITHUB_TOKEN" --data "{\"environment\":\"${ENV}\",\"state\":\"success\",\"log_url\": \"https://nomad.lib.princeton.edu/ui/jobs/${JOB_NAME}-${ENV}\", \"description\":\"Deployment finished successfully.\"}" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments/\$DEPLOY_ID/statuses" && logout +# Create "Started" Deployment Status +curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer ${GH_TOKEN}" --data "{\"environment\":\"${ENV}\",\"state\":\"in_progress\",\"log_url\": \"https://nomad.lib.princeton.edu/ui/jobs/${JOB_NAME}-${ENV}\", \"description\":\"Deployment started.\"}" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments/${DEPLOY_ID}/statuses" > /dev/null + +# Deploy using nomad-host-prod1, which has the nomad management key. +ssh deploy@nomad-host-prod1.lib.princeton.edu << EOF + curl -s "https://raw.githubusercontent.com/pulibrary/${REPOSITORY}/${BRANCH_NAME}/config/deploy/${ENV}.hcl" | nomad job run -var "branch_or_sha=sha-$(git ls-remote https://github.com/pulibrary/${REPOSITORY}.git ${BRANCH_NAME} | awk '{ print substr($1,1,7) }')" - EOF +retcode=$? +if [ $retcode -eq 0 ] +then + # Create "Completed Successfully" Deployment Status + curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer ${GH_TOKEN}" --data "{\"environment\":\"${ENV}\",\"state\":\"success\",\"log_url\": \"https://nomad.lib.princeton.edu/ui/jobs/${JOB_NAME}-${ENV}\", \"description\":\"Deployment finished successfully.\"}" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments/${DEPLOY_ID}/statuses" > /dev/null +else + # Create "Failed" Deployment Status + curl -s -X POST -H "Accept: application/vnd.github+json-H" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Bearer ${GH_TOKEN}" --data "{\"environment\":\"${ENV}\",\"state\":\"failure\",\"log_url\": \"https://nomad.lib.princeton.edu/ui/jobs/${JOB_NAME}-${ENV}\", \"description\":\"Deployment failed.\"}" "https://api.github.com/repos/pulibrary/${REPOSITORY}/deployments/${DEPLOY_ID}/statuses" > /dev/null +fi diff --git a/config/deploy/staging.hcl b/config/deploy/staging.hcl index f43ea23a..42cd711a 100644 --- a/config/deploy/staging.hcl +++ b/config/deploy/staging.hcl @@ -6,6 +6,9 @@ job "dpulc-staging" { region = "global" datacenters = ["dc1"] type = "service" + update { + auto_revert = true + } group "web" { count = 2 network {