41 lines
1.6 KiB
Bash
Executable file
41 lines
1.6 KiB
Bash
Executable file
#!/usr/bin/env sh
|
|
# Deploy (or update) the predictor stack to a Docker Swarm via the Swarmpit
|
|
# REST API, then trigger a redeploy so running services pick up the new image.
|
|
#
|
|
# Required env: SWARMPIT_URL, SWARMPIT_TOKEN, STACK_NAME, TAG
|
|
# Optional env: CA_CERTIFICATES (PEM bundle for a private Swarmpit TLS CA)
|
|
set -eu
|
|
|
|
: "${SWARMPIT_URL:?SWARMPIT_URL is required}"
|
|
: "${SWARMPIT_TOKEN:?SWARMPIT_TOKEN is required}"
|
|
: "${STACK_NAME:?STACK_NAME is required}"
|
|
TAG="${TAG:-latest}"
|
|
|
|
# Pin the image tag in the compose we send (replace the ${TAG:-latest} default
|
|
# with the concrete tag) so the exact built image is what gets deployed.
|
|
sed "s|:\${TAG:-latest}|:${TAG}|g" docker-compose.swarm.yml > /tmp/stack.yml
|
|
|
|
CA_OPT=""
|
|
if [ -n "${CA_CERTIFICATES:-}" ]; then
|
|
echo "${CA_CERTIFICATES}" > /tmp/swarmpit-ca.crt
|
|
CA_OPT="--cacert /tmp/swarmpit-ca.crt"
|
|
fi
|
|
|
|
compose_json=$(jq -Rs . < /tmp/stack.yml)
|
|
jq -n --arg name "${STACK_NAME}" --argjson compose "${compose_json}" \
|
|
'{name: $name, spec: {compose: $compose}}' > /tmp/swarmpit-payload.json
|
|
|
|
echo "Deploying stack '${STACK_NAME}' (tag ${TAG}) to ${SWARMPIT_URL}"
|
|
curl -fsS -X POST "${SWARMPIT_URL}/api/stacks/${STACK_NAME}" \
|
|
-H "authorization: Bearer ${SWARMPIT_TOKEN}" \
|
|
-H "Content-Type: application/json" \
|
|
-d @/tmp/swarmpit-payload.json \
|
|
--max-time 60 ${CA_OPT}
|
|
|
|
echo "Triggering redeploy"
|
|
curl -fsS -X POST "${SWARMPIT_URL}/api/stacks/${STACK_NAME}/redeploy" \
|
|
-H "authorization: Bearer ${SWARMPIT_TOKEN}" \
|
|
--max-time 60 ${CA_OPT} || echo "redeploy trigger failed; services may still roll forward via autoredeploy"
|
|
|
|
rm -f /tmp/stack.yml /tmp/swarmpit-payload.json /tmp/swarmpit-ca.crt
|
|
echo "Done."
|