tech/sendico
2
0
Fork 0
Code Issues 31 Pull Requests Actions Packages Projects Releases Wiki Activity

[infra] vault + chsettle + aurora for dev

Browse Source
This commit is contained in:
Stephan D
2026-03-16 19:50:05 +01:00
parent 5b1aca86e7
commit 89edf33c2c
51 changed files with 1606 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ci/scripts/tron_gateway/build-image.sh
View File

@@ -37,6 +37,10 @@ TRON_GATEWAY_ENV_NAME="${TRON_GATEWAY_ENV:-$(resolve_runtime_env_name)}"
load_runtime_env_bundle "${TRON_GATEWAY_ENV_NAME}"
IMAGE_TAG="$(compute_image_tag)"
TRON_GATEWAY_CONFIG_PATH="api/gateway/tron/config.yml"
if [ "${CI_RUNTIME_ENV_NAME:-prod}" = "devserver" ] && [ -f "${REPO_ROOT}/api/gateway/tron/config.dev.yml" ]; then
TRON_GATEWAY_CONFIG_PATH="api/gateway/tron/config.dev.yml"
fi
REGISTRY_URL="${REGISTRY_URL:?missing REGISTRY_URL}"
APP_V="${APP_V:?missing APP_V}"
@@ -86,6 +90,7 @@ fi
--context "${BUILD_CONTEXT}" \
--dockerfile "${TRON_GATEWAY_DOCKERFILE}" \
--destination "${REGISTRY_URL}/${TRON_GATEWAY_IMAGE_PATH}:${IMAGE_TAG}" \
--build-arg APP_CONFIG_PATH="${TRON_GATEWAY_CONFIG_PATH}" \
--build-arg APP_VERSION="${APP_V}" \
--build-arg GIT_REV="${GIT_REV}" \
--build-arg BUILD_BRANCH="${BUILD_BRANCH}" \

12
ci/scripts/tron_gateway/deploy.sh
View File

@@ -53,11 +53,13 @@ export TRON_GATEWAY_GRPC_TOKEN="$(./ci/vlt kv_get kv "${TRON_GATEWAY_RPC_SECRET_
export TRON_GATEWAY_SERVICE_WALLET_KEY="$(./ci/vlt kv_get kv "${TRON_GATEWAY_WALLET_SECRET_PATH}" private_key)"
export TRON_GATEWAY_SERVICE_WALLET_ADDRESS="$(./ci/vlt kv_get kv "${TRON_GATEWAY_WALLET_SECRET_PATH}" address || true)"
export TRON_GATEWAY_VAULT_ROLE_ID="$(./ci/vlt kv_get kv "${TRON_GATEWAY_VAULT_SECRET_PATH}" role_id)"
export TRON_GATEWAY_VAULT_SECRET_ID="$(./ci/vlt kv_get kv "${TRON_GATEWAY_VAULT_SECRET_PATH}" secret_id)"
if [ -z "${TRON_GATEWAY_VAULT_ROLE_ID}" ] || [ -z "${TRON_GATEWAY_VAULT_SECRET_ID}" ]; then
echo "[tron-gateway-deploy] vault approle creds are empty for path ${TRON_GATEWAY_VAULT_SECRET_PATH}" >&2
exit 1
if [ "${CI_RUNTIME_ENV_NAME:-prod}" != "devserver" ]; then
export TRON_GATEWAY_VAULT_ROLE_ID="$(./ci/vlt kv_get kv "${TRON_GATEWAY_VAULT_SECRET_PATH}" role_id)"
export TRON_GATEWAY_VAULT_SECRET_ID="$(./ci/vlt kv_get kv "${TRON_GATEWAY_VAULT_SECRET_PATH}" secret_id)"
if [ -z "${TRON_GATEWAY_VAULT_ROLE_ID}" ] || [ -z "${TRON_GATEWAY_VAULT_SECRET_ID}" ]; then
echo "[tron-gateway-deploy] vault approle creds are empty for path ${TRON_GATEWAY_VAULT_SECRET_PATH}" >&2
exit 1
fi
fi
load_nats_env