build fix

2025-11-07 22:58:59 +01:00
parent 1c4856f7cc
commit 0e40af7559
4 changed files with 84 additions and 60 deletions
--- a/.woodpecker/fx.yml
+++ b/.woodpecker/fx.yml
@@ -53,44 +53,7 @@ steps:
    image: gcr.io/kaniko-project/executor:debug
    depends_on: [ secrets ]
    commands:
-      - |
-        set -euo pipefail 2>/dev/null || set -eu
-        sh ci/pipelines/fx/ensure_env_version.sh
-        sed -i 's/\r$//' ./ci/prod/.env.runtime
-        sed -i 's/\r$//' ./.env.version
-        set -a
-        . ./ci/prod/.env.runtime
-        . ./.env.version
-        set +a
-        FX_GO_VERSION="${FX_GO_VERSION:-1.22}"
-        : "${REGISTRY_URL:?missing REGISTRY_URL}"
-        : "${APP_V:?missing APP_V}"
-        REGISTRY_HOST="${REGISTRY_URL#http://}"
-        REGISTRY_HOST="${REGISTRY_HOST#https://}"
-        REGISTRY_USER="$(cat secrets/REGISTRY_USER)"
-        REGISTRY_PASSWORD="$(cat secrets/REGISTRY_PASSWORD)"
-        : "${REGISTRY_USER:?missing registry user}"
-        : "${REGISTRY_PASSWORD:?missing registry password}"
-        mkdir -p /kaniko/.docker
-        AUTH_B64="$(printf '%s:%s' "$REGISTRY_USER" "$REGISTRY_PASSWORD" | base64 | tr -d '\n')"
-        cat <<EOF >/kaniko/.docker/config.json
-        {
-          "auths": {
-            "https://${REGISTRY_HOST}": { "auth": "${AUTH_B64}" }
-          }
-        }
-        EOF
-        /kaniko/executor \
-          --context "${PWD}" \
-          --dockerfile "${FX_DOCKERFILE}" \
-          --destination "${REGISTRY_URL}/${FX_IMAGE_PATH}:${APP_V}" \
-          --build-arg APP_VERSION="${APP_V}" \
-          --build-arg GIT_REV="${GIT_REV}" \
-          --build-arg BUILD_BRANCH="${BUILD_BRANCH}" \
-          --build-arg BUILD_DATE="${BUILD_DATE}" \
-          --build-arg BUILD_USER="${BUILD_USER}" \
-          --build-arg GO_VERSION="${FX_GO_VERSION}" \
-          --single-snapshot
+      - sh ci/pipelines/fx/build.sh

  - name: deploy
    image: alpine:latest
@@ -100,23 +63,8 @@ steps:
      VAULT_ROLE_ID:   { from_secret: VAULT_APP_ROLE }
      VAULT_SECRET_ID: { from_secret: VAULT_SECRET_ID }
    commands:
-      - |
-        set -euo pipefail
-        apk add --no-cache bash openssh-client rsync coreutils curl sed python3
-        mkdir -p /root/.ssh
-        install -m 600 secrets/SSH_KEY /root/.ssh/id_rsa
-        sh ci/pipelines/fx/ensure_env_version.sh
-        sed -i 's/\r$//' ./ci/prod/.env.runtime
-        set -a
-        . ./ci/prod/.env.runtime
-        . ./.env.version
-        set +a
-        export FX_MONGO_USER="$(./ci/vlt kv_get kv ${FX_MONGO_SECRET_PATH} user)"
-        export FX_MONGO_PASSWORD="$(./ci/vlt kv_get kv ${FX_MONGO_SECRET_PATH} password)"
-        if [ "${FX_NEEDS_NATS}" = "true" ]; then
-          export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)"
-          export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)"
-          export FX_NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}"
-        fi
-        bash ci/prod/scripts/bootstrap/network.sh
-        bash ci/prod/scripts/deploy/fx.sh "${FX_DEPLOY_TARGET}"
+      - set -euo pipefail
+      - apk add --no-cache bash openssh-client rsync coreutils curl sed python3
+      - mkdir -p /root/.ssh
+      - install -m 600 secrets/SSH_KEY /root/.ssh/id_rsa
+      - sh ci/pipelines/fx/deploy.sh