azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-06-21 15:31:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4bf2e689cb216c4e43ae1132affd4ab31a8fb580
admin/scripts/_lib.sh
T
Oleksandr Bezdieniezhnykh c7b297de83
ci/woodpecker/push/01-test Pipeline failed
Details
ci/woodpecker/push/02-build-push unknown status
Details
refactor: remove deploy.cmd and update Dockerfile for health checks 
- Deleted the deploy.cmd script as it was no longer needed.
- Updated Dockerfile to include curl for health checks and added a non-root user for improved security.
- Modified health check command to use curl for better reliability.
- Adjusted docker-compose.test.yml to reflect changes in health check configuration.
- Cleaned up appsettings.json and removed unused configuration properties.
- Removed Resource entity and related requests from the codebase as part of the architectural shift.
- Updated documentation to reflect the removal of hardware binding and related endpoints.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-13 08:47:21 +03:00

95 lines
3.5 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# scripts/_lib.sh — shared helpers sourced by all deploy scripts.
#
# This file is sourced (not executed); do not set -e at the top — leave error
# handling to the caller. The helpers always check their own preconditions.
# ----- logging --------------------------------------------------------------
log_info() { printf '\033[32m[deploy]\033[0m %s\n' "$*" >&2; }
log_warn() { printf '\033[33m[deploy WARN]\033[0m %s\n' "$*" >&2; }
log_error() { printf '\033[31m[deploy ERROR]\033[0m %s\n' "$*" >&2; }
die() { log_error "$*"; exit 1; }
# ----- input validation -----------------------------------------------------
require_env() {
local var
for var in "$@"; do
if [[ -z "${!var:-}" ]]; then
die "Required environment variable not set: $var"
fi
done
}
require_cmd() {
local cmd
for cmd in "$@"; do
if ! command -v "$cmd" >/dev/null 2>&1; then
die "Required command not found on PATH: $cmd"
fi
done
}
# ----- env overlay ----------------------------------------------------------
# load_env_overlay <env>
# 1. Sources scripts/_defaults.env if present (developer-friendly defaults).
# 2. Sources secrets/<env>.public.env (committed plain-text).
# 3. Decrypts secrets/<env>.env via sops + age and sources the result.
# The decrypted intermediate is written to a mktemp file and removed on EXIT.
load_env_overlay() {
local env="$1"
local script_dir repo_root public_file enc_file decrypted
script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
repo_root="$(cd "$script_dir/.." && pwd)"
if [[ -f "$repo_root/.env" ]]; then
# Local dev convenience; harmless on a production host because the
# production host should not have a .env in REPO_ROOT.
log_info "Sourcing $repo_root/.env"
set -a; . "$repo_root/.env"; set +a
fi
public_file="$repo_root/secrets/${env}.public.env"
if [[ -f "$public_file" ]]; then
log_info "Sourcing $public_file"
set -a; . "$public_file"; set +a
else
log_warn "No $public_file — relying on environment / .env only"
fi
enc_file="$repo_root/secrets/${env}.env"
if [[ -f "$enc_file" ]]; then
require_cmd sops age
decrypted="$(mktemp -t azaion-env.XXXXXX)"
# shellcheck disable=SC2064
trap "rm -f '$decrypted'" EXIT INT TERM
if ! SOPS_AGE_KEY_FILE="${SOPS_AGE_KEY_FILE:-/etc/azaion/age.key}" \
sops -d "$enc_file" > "$decrypted" 2>/tmp/sops.err; then
log_error "sops decrypt failed for $enc_file"
cat /tmp/sops.err >&2
die "Cannot continue without secrets"
fi
chmod 600 "$decrypted"
log_info "Sourcing decrypted overlay (intermediate: $decrypted)"
set -a; . "$decrypted"; set +a
else
log_warn "No $enc_file — secret values must already be in the environment"
fi
}
# ----- container helpers ----------------------------------------------------
container_exists() {
docker container inspect "$1" >/dev/null 2>&1
}
container_running() {
[[ "$(docker container inspect -f '{{.State.Running}}' "$1" 2>/dev/null || echo false)" == "true" ]]
}
current_image_revision() {
# Returns the org.opencontainers.image.revision label of the running
# container, or empty if the container does not exist.
docker container inspect "$1" \
--format '{{ index .Config.Labels "org.opencontainers.image.revision" }}' 2>/dev/null || true
}
Reference in New Issue View Git Blame Copy Permalink