pipeline build v18 - GPT syntax
This commit is contained in:
parent
ffae20ca37
commit
177edea37d
@ -1,44 +1,39 @@
|
|||||||
steps:
|
steps:
|
||||||
ssh-test:
|
ssh-test: # keep the name, keep the image
|
||||||
image: google/cloud-sdk:latest
|
image: google/cloud-sdk:latest
|
||||||
commands: |
|
commands:
|
||||||
|
- |
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
mkdir -p ~/.ssh
|
mkdir -p ~/.ssh
|
||||||
|
|
||||||
# ── Fetch & install secrets from Secret Manager ─────────────
|
# ── Install known‑hosts from Secret Manager ─────────────────
|
||||||
gcloud secrets versions access latest \
|
gcloud secrets versions access latest \
|
||||||
--secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev | base64 -d > ~/.ssh/known_hosts
|
--secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev \
|
||||||
|
| base64 -d > ~/.ssh/known_hosts
|
||||||
chmod 644 ~/.ssh/known_hosts
|
chmod 644 ~/.ssh/known_hosts
|
||||||
|
|
||||||
|
# ── Install private key ────────────────────────────────────
|
||||||
gcloud secrets versions access latest \
|
gcloud secrets versions access latest \
|
||||||
--secret=STAGING_SSH_KEY --project=aptivaai-dev | base64 -d > ~/.ssh/id_ed25519
|
--secret=STAGING_SSH_KEY --project=aptivaai-dev \
|
||||||
|
| base64 -d > ~/.ssh/id_ed25519
|
||||||
chmod 600 ~/.ssh/id_ed25519
|
chmod 600 ~/.ssh/id_ed25519
|
||||||
|
|
||||||
echo "🔑 SSH material ready"
|
echo "🔑 SSH prerequisites installed"
|
||||||
|
|
||||||
# ── Tag comes from the commit that triggered Woodpecker ─────
|
# ── Tag = first 8 chars of the commit SHA that triggered CI ─
|
||||||
TAG=$(echo "$CI_COMMIT_SHA" | head -c 8)
|
TAG=$(echo "${CI_COMMIT_SHA:-$DRONE_COMMIT_SHA}" | head -c 8)
|
||||||
echo "🚀 Deploying tag ${TAG} to staging"
|
echo "🚀 Deploying tag ${TAG} to staging"
|
||||||
|
|
||||||
# ── SSH into the staging VM and re‑create the stack ─────────
|
# ── SSH into the staging VM and refresh the stack ──────────
|
||||||
ssh -o StrictHostKeyChecking=yes \
|
ssh -o StrictHostKeyChecking=yes \
|
||||||
-i ~/.ssh/id_ed25519 \
|
-i ~/.ssh/id_ed25519 \
|
||||||
jcoakley@10.128.0.12 <<EOF
|
jcoakley@10.128.0.12 \
|
||||||
#!/usr/bin/env bash
|
"set -euo pipefail; \
|
||||||
set -euo pipefail
|
cd /opt/aptiva-staging-app; \
|
||||||
cd /opt/aptiva-staging-app
|
echo 'Pulling containers'; \
|
||||||
echo "Pulling containers with IMG_TAG=${TAG}"
|
IMG_TAG=${TAG} docker compose pull; \
|
||||||
IMG_TAG=${TAG} docker compose pull
|
echo 'Re‑creating services'; \
|
||||||
echo "Recreating services"
|
IMG_TAG=${TAG} docker compose up -d --force-recreate --remove-orphans; \
|
||||||
IMG_TAG=${TAG} docker compose up -d --force-recreate --remove-orphans
|
echo '✅ Staging stack refreshed with tag ${TAG}'"
|
||||||
echo "✅ Staging stack refreshed"
|
|
||||||
EOF
|
|
||||||
|
|
||||||
environment:
|
|
||||||
- CI_COMMIT_SHA
|
|
||||||
|
|
||||||
when:
|
|
||||||
event:
|
|
||||||
- push
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user