From 44b143e4c37d3426a6e0735e5b6840d9bea6d461 Mon Sep 17 00:00:00 2001 From: Stephan D Date: Fri, 7 Nov 2025 10:35:48 +0100 Subject: [PATCH] db deployment trace --- .woodpecker/db.yml | 37 ++++++++++++++++++++++++++++--------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/.woodpecker/db.yml b/.woodpecker/db.yml index 16feb10..c5a87c9 100644 --- a/.woodpecker/db.yml +++ b/.woodpecker/db.yml @@ -32,13 +32,32 @@ steps: image: alpine:latest depends_on: [ secrets ] commands: + - set -euo pipefail + - apk add --no-cache bash openssh-client rsync coreutils + - set -a + - . ./ci/prod/.env.runtime + - . ./.env.version + - set +a + - mkdir -p /root/.ssh + - install -m 600 secrets/SSH_KEY /root/.ssh/id_rsa + - SSH_OPTS='-i /root/.ssh/id_rsa -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -vv' + - REMOTE_DIR="${REMOTE_BASE%/}/${DB_DIR}" + - REMOTE_TARGET="${SSH_USER}@${SSH_HOST}" + # sync + - ssh $SSH_OPTS "$REMOTE_TARGET" "mkdir -p ${REMOTE_DIR}/{compose,env}" + - rsync -avz --delete -e "ssh $SSH_OPTS" ci/prod/compose/ "$REMOTE_TARGET:${REMOTE_DIR}/compose/" + - rsync -avz -e "ssh $SSH_OPTS" ci/prod/.env.runtime "$REMOTE_TARGET:${REMOTE_DIR}/env/.env.runtime" + # deploy on remote via heredoc - | - set -euo - apk add --no-cache bash openssh-client rsync - set -a - . ./ci/prod/.env.runtime - . ./.env.version - set +a - mkdir -p /root/.ssh - install -m 600 secrets/SSH_KEY /root/.ssh/id_rsa - bash ci/prod/scripts/deploy-db.sh + ssh $SSH_OPTS "$REMOTE_TARGET" REMOTE_DIR="$REMOTE_DIR" bash -s <<'EOSSH' + set -Eeuxo pipefail + cd "${REMOTE_DIR}/compose" + set -a + . ../env/.env.runtime + set +a + docker compose -f db.yml pull + docker compose -f db.yml up -d --remove-orphans + docker compose ps + date -Is | tee .last_deploy + logger -t deploy-db "db deployed at $(date -Is) in ${REMOTE_DIR}" + EOSSH