jcoakley/dev1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ed1fdbbba6
dev1/deploy_all.sh
Josh ed1fdbbba6
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
Added password reset links and profile, Support email
2025-08-11 14:07:43 +00:00

73 lines
3.2 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# ───────────────────────── config ─────────────────────────
#!/usr/bin/env bash
set -euo pipefail # fail fast, surfacing missing vars
# Accept priority: 1) CLI arg 2) exported variable 3) default 'dev'
ENV="${1:-${ENV:-dev}}"
case "$ENV" in dev|staging|prod) ;; # sanity guard
*) echo "❌ Unknown ENV='$ENV'"; exit 1 ;;
esac
PROJECT="aptivaai-${ENV}" # adjust if prod lives elsewhere
REG="us-central1-docker.pkg.dev/${PROJECT}/aptiva-repo"
ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ENV_FILE="${ROOT}/.env"
echo "🔧 Deploying environment: $ENV (GCP: $PROJECT)"
SECRETS=(
JWT_SECRET OPENAI_API_KEY ONET_USERNAME ONET_PASSWORD
STRIPE_SECRET_KEY STRIPE_PUBLISHABLE_KEY STRIPE_WH_SECRET \
STRIPE_PRICE_PREMIUM_MONTH STRIPE_PRICE_PREMIUM_YEAR \
STRIPE_PRICE_PRO_MONTH STRIPE_PRICE_PRO_YEAR \
DB_HOST DB_NAME DB_PORT DB_USER DB_PASSWORD \
DB_SSL_CERT DB_SSL_KEY DB_SSL_CA \
SUPPORT_SENDGRID_API_KEY \
TWILIO_ACCOUNT_SID TWILIO_AUTH_TOKEN TWILIO_MESSAGING_SERVICE_SID \
KMS_KEY_NAME DEK_PATH
)
cd "$ROOT"
echo "🛠 Building frontend bundle"
npm ci --silent
npm run build
# ───────────────────── build & push images ─────────────────────
TAG="$(git rev-parse --short HEAD)-$(date -u +%Y%m%d%H%M)"
echo "🔨 Building & pushing containers (tag = ${TAG})"
for svc in server1 server2 server3 nginx; do
docker build -f "Dockerfile.${svc}" -t "${REG}/${svc}:${TAG}" .
docker push "${REG}/${svc}:${TAG}"
done
if grep -q '^IMG_TAG=' "$ENV_FILE"; then
sed -i "s/^IMG_TAG=.*/IMG_TAG=${TAG}/" "$ENV_FILE"
else
echo "IMG_TAG=${TAG}" >> "$ENV_FILE"
fi
echo "✅ .env updated with IMG_TAG=${TAG}"
# ─────────────────────────────────────────────────────────────
# 1a. Publish IMG_TAG to Secret Manager (single source of truth)
# ─────────────────────────────────────────────────────────────
printf "%s" "${TAG}" | gcloud secrets versions add IMG_TAG --data-file=- --project="$PROJECT"
echo "📦 IMG_TAG pushed to Secret Manager (no suffix)"
# ───────────────────── pull secrets (incl. KMS key path) ───────
echo "🔐 Pulling secrets from Secret Manager"
for S in "${SECRETS[@]}"; do
export "$S"="$(gcloud secrets versions access latest \
--secret="${S}_${ENV}" --project="$PROJECT")"
done
export FROM_SECRETS_MANAGER=true
# ───────────────────── compose up ───────────────────────────────
preserve=IMG_TAG,FROM_SECRETS_MANAGER,REACT_APP_API_URL,$(IFS=,; echo "${SECRETS[*]}")
echo "🚀 docker compose up -d (env: $preserve)"
sudo --preserve-env="$preserve" docker compose up -d --force-recreate \
2> >(grep -v 'WARN \[0000\]')
echo "✅ Deployment finished"
Reference in New Issue View Git Blame Copy Permalink