tech/sendico
2
0
Fork 0
Code Issues 34 Pull Requests Actions Packages Projects Releases Wiki Activity

[infra] vault + chsettle + aurora for dev

Browse Source
This commit is contained in:
Stephan D
2026-03-16 19:50:05 +01:00
parent 5b1aca86e7
commit 89edf33c2c
51 changed files with 1606 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ci/scripts/callbacks/build-image.sh
View File

@@ -37,6 +37,10 @@ CALLBACKS_ENV_NAME="${CALLBACKS_ENV:-$(resolve_runtime_env_name)}"
load_runtime_env_bundle "${CALLBACKS_ENV_NAME}"
IMAGE_TAG="$(compute_image_tag)"
CALLBACKS_CONFIG_PATH="api/edge/callbacks/config.yml"
if [ "${CI_RUNTIME_ENV_NAME:-prod}" = "devserver" ] && [ -f "${REPO_ROOT}/api/edge/callbacks/config.dev.yml" ]; then
CALLBACKS_CONFIG_PATH="api/edge/callbacks/config.dev.yml"
fi
REGISTRY_URL="${REGISTRY_URL:?missing REGISTRY_URL}"
APP_V="${APP_V:?missing APP_V}"
@@ -69,6 +73,7 @@ fi
--context "${BUILD_CONTEXT}" \
--dockerfile "${CALLBACKS_DOCKERFILE}" \
--destination "${REGISTRY_URL}/${CALLBACKS_IMAGE_PATH}:${IMAGE_TAG}" \
--build-arg APP_CONFIG_PATH="${CALLBACKS_CONFIG_PATH}" \
--build-arg APP_VERSION="${APP_V}" \
--build-arg GIT_REV="${GIT_REV}" \
--build-arg BUILD_BRANCH="${BUILD_BRANCH}" \

12
ci/scripts/callbacks/deploy.sh
View File

@@ -43,11 +43,13 @@ CALLBACKS_VAULT_SECRET_PATH="${CALLBACKS_VAULT_SECRET_PATH:?missing CALLBACKS_VA
export CALLBACKS_MONGO_USER="$(./ci/vlt kv_get kv "${CALLBACKS_MONGO_SECRET_PATH}" user)"
export CALLBACKS_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${CALLBACKS_MONGO_SECRET_PATH}" password)"
export CALLBACKS_VAULT_ROLE_ID="$(./ci/vlt kv_get kv "${CALLBACKS_VAULT_SECRET_PATH}" role_id)"
export CALLBACKS_VAULT_SECRET_ID="$(./ci/vlt kv_get kv "${CALLBACKS_VAULT_SECRET_PATH}" secret_id)"
if [ -z "${CALLBACKS_VAULT_ROLE_ID}" ] || [ -z "${CALLBACKS_VAULT_SECRET_ID}" ]; then
echo "[callbacks-deploy] vault approle creds are empty for path ${CALLBACKS_VAULT_SECRET_PATH}" >&2
exit 1
if [ "${CI_RUNTIME_ENV_NAME:-prod}" != "devserver" ]; then
export CALLBACKS_VAULT_ROLE_ID="$(./ci/vlt kv_get kv "${CALLBACKS_VAULT_SECRET_PATH}" role_id)"
export CALLBACKS_VAULT_SECRET_ID="$(./ci/vlt kv_get kv "${CALLBACKS_VAULT_SECRET_PATH}" secret_id)"
if [ -z "${CALLBACKS_VAULT_ROLE_ID}" ] || [ -z "${CALLBACKS_VAULT_SECRET_ID}" ]; then
echo "[callbacks-deploy] vault approle creds are empty for path ${CALLBACKS_VAULT_SECRET_PATH}" >&2
exit 1
fi
fi
load_nats_env