Placing code + assets directly into Docker image

This radically changes the way we deploy to the production server, as a Git checkout is no longer required there. All the necessary files are now inside the docker image. As a result, /data/git should no longer be mounted as a Docker volume. - Renamed docker/build.sh → docker/full_rebuild.sh This makes it clearer that it performs a full rebuild of the Docker images. - Full rebuilds should be done on a regular basis to pull in Ubuntu security updates. - Removed rsync_ui.sh, we no longer need it. Other projects can also remove their rsync_ui.sh. - Moved deploy.sh → deploy/2docker.sh and added deploy/2server.sh
2018-02-01 15:13:05 +01:00
parent ffc4f271e8
commit 94ef616593
10 changed files with 387 additions and 278 deletions
--- a/deploy/2docker.sh
+++ b/deploy/2docker.sh
@@ -0,0 +1,124 @@
+#!/bin/bash -e
+
+DEPLOY_BRANCH=${DEPLOY_BRANCH:-production}
+
+# macOS does not support readlink -f, so we use greadlink instead
+if [[ `uname` == 'Darwin' ]]; then
+    command -v greadlink 2>/dev/null 2>&1 || { echo >&2 "Install greadlink using brew."; exit 1; }
+    readlink='greadlink'
+else
+    readlink='readlink'
+fi
+
+ROOT="$(dirname "$(dirname "$($readlink -f "$0")")")"
+DEPLOYDIR="$ROOT/docker/4_run/deploy"
+PROJECT_NAME="$(basename $ROOT)"
+
+if [ -e $DEPLOYDIR ]; then
+    echo "$DEPLOYDIR already exists, press [ENTER] to DESTROY AND DEPLOY, Ctrl+C to abort."
+    read dummy
+    rm -rf $DEPLOYDIR
+else
+    echo -n "Deploying to $DEPLOYDIR… "
+    echo "press [ENTER] to continue, Ctrl+C to abort."
+    read dummy
+fi
+
+cd ${ROOT}
+mkdir -p $DEPLOYDIR
+REMOTE_ROOT="$DEPLOYDIR/$PROJECT_NAME"
+
+if [ -z "$SKIP_BRANCH_CHECK" ]; then
+    # Check that we're on production branch.
+    if [ $(git rev-parse --abbrev-ref HEAD) != "$DEPLOY_BRANCH" ]; then
+        echo "You are NOT on the $DEPLOY_BRANCH branch, refusing to deploy." >&2
+        exit 1
+    fi
+
+    # Check that production branch has been pushed.
+    if [ -n "$(git log origin/$DEPLOY_BRANCH..$DEPLOY_BRANCH --oneline)" ]; then
+        echo "WARNING: not all changes to the $DEPLOY_BRANCH branch have been pushed."
+        echo "Press [ENTER] to continue deploying current origin/$DEPLOY_BRANCH, CTRL+C to abort."
+        read dummy
+    fi
+fi
+
+function find_module()
+{
+    MODULE_NAME=$1
+    MODULE_DIR=$(python <<EOT
+from __future__ import print_function
+import os.path
+try:
+    import ${MODULE_NAME}
+except ImportError:
+    raise SystemExit('${MODULE_NAME} not found on Python path. Are you in the correct venv?')
+
+print(os.path.dirname(os.path.dirname(${MODULE_NAME}.__file__)))
+EOT
+)
+
+    if [ -z "$SKIP_BRANCH_CHECK" ]; then
+        if [ $(git -C $MODULE_DIR rev-parse --abbrev-ref HEAD) != "$DEPLOY_BRANCH" ]; then
+            echo "${MODULE_NAME}: ($MODULE_DIR) NOT on the $DEPLOY_BRANCH branch, refusing to deploy." >&2
+            exit 1
+        fi
+    fi
+
+    echo $MODULE_DIR
+}
+
+# Find our modules
+echo "==================================================================="
+echo "LOCAL MODULE LOCATIONS"
+PILLAR_DIR=$(find_module pillar)
+ATTRACT_DIR=$(find_module attract)
+FLAMENCO_DIR=$(find_module flamenco)
+SVNMAN_DIR=$(find_module svnman)
+SDK_DIR=$(find_module pillarsdk)
+
+echo "Pillar  : $PILLAR_DIR"
+echo "Attract : $ATTRACT_DIR"
+echo "Flamenco: $FLAMENCO_DIR"
+echo "SVNMan  : $SVNMAN_DIR"
+echo "SDK     : $SDK_DIR"
+
+if [ -z "$PILLAR_DIR" -o -z "$ATTRACT_DIR" -o -z "$FLAMENCO_DIR" -o -z "$SVNMAN_DIR" -o -z "$SDK_DIR" ];
+then
+    exit 1
+fi
+
+function git_clone() {
+    PROJECT_NAME="$1"
+    BRANCH="$2"
+    LOCAL_ROOT="$3"
+
+    echo "==================================================================="
+    echo "CLONING REPO ON $PROJECT_NAME @$BRANCH"
+    URL=$(git -C $LOCAL_ROOT remote get-url origin)
+    git -C $DEPLOYDIR clone --depth 1 --branch $BRANCH $URL $PROJECT_NAME
+}
+
+git_clone pillar-python-sdk master $SDK_DIR
+git_clone pillar $DEPLOY_BRANCH $PILLAR_DIR
+git_clone attract $DEPLOY_BRANCH $ATTRACT_DIR
+git_clone flamenco $DEPLOY_BRANCH $FLAMENCO_DIR
+git_clone pillar-svnman $DEPLOY_BRANCH $SVNMAN_DIR
+git_clone blender-cloud $DEPLOY_BRANCH $ROOT
+
+# Gulp everywhere
+GULP=$ROOT/node_modules/.bin/gulp
+if [ ! -e $GULP -o gulpfile.js -nt $GULP ]; then
+    npm install
+    touch $GULP  # installer doesn't always touch this after a build, so we do.
+fi
+$GULP --cwd $DEPLOYDIR/pillar --production
+$GULP --cwd $DEPLOYDIR/attract --production
+$GULP --cwd $DEPLOYDIR/flamenco --production
+$GULP --cwd $DEPLOYDIR/pillar-svnman --production
+$GULP --cwd $DEPLOYDIR/blender-cloud --production
+
+echo
+echo "==================================================================="
+echo "Deploy of ${PROJECT_NAME} is ready for dockerisation."
+echo "==================================================================="
--- a/deploy/2server.sh
+++ b/deploy/2server.sh
@@ -0,0 +1,79 @@
+#!/bin/bash -e
+
+# macOS does not support readlink -f, so we use greadlink instead
+if [[ `uname` == 'Darwin' ]]; then
+    command -v greadlink 2>/dev/null 2>&1 || { echo >&2 "Install greadlink using brew."; exit 1; }
+    readlink='greadlink'
+else
+    readlink='readlink'
+fi
+ROOT="$(dirname "$(dirname "$($readlink -f "$0")")")"
+PROJECT_NAME="$(basename $ROOT)"
+DOCKER_DEPLOYDIR="$ROOT/docker/4_run/deploy"
+DOCKER_IMAGE="armadillica/blender_cloud:latest"
+REMOTE_SECRET_CONFIG_DIR="/data/config"
+REMOTE_DOCKER_COMPOSE_DIR="/root/docker"
+
+#################################################################################
+case $1 in
+    cloud*)
+        DEPLOYHOST="$1"
+        ;;
+    *)
+        echo "Use $0 cloud{nr}|cloud.blender.org" >&2
+        exit 1
+esac
+SSH_OPTS="-o ClearAllForwardings=yes -o PermitLocalCommand=no"
+SSH="ssh $SSH_OPTS $DEPLOYHOST"
+SCP="scp $SSH_OPTS"
+
+echo -n "Deploying to $DEPLOYHOST… "
+
+if ! ping $DEPLOYHOST -q -c 1 -W 2 >/dev/null; then
+    echo "host $DEPLOYHOST cannot be pinged, refusing to deploy." >&2
+    exit 2
+fi
+
+cat <<EOT
+[ping OK]
+
+Make sure that you have pushed the $DOCKER_IMAGE
+docker image to Docker Hub.
+
+press [ENTER] to continue, Ctrl+C to abort.
+EOT
+read dummy
+
+#################################################################################
+echo "==================================================================="
+echo "Bringing remote Docker up to date…"
+$SSH mkdir -p $REMOTE_DOCKER_COMPOSE_DIR
+$SCP $DOCKER_DEPLOYDIR/$PROJECT_NAME/docker/docker-compose.yml $DEPLOYHOST:$REMOTE_DOCKER_COMPOSE_DIR
+$SSH -T <<EOT
+set -e
+cd $REMOTE_DOCKER_COMPOSE_DIR
+docker pull $DOCKER_IMAGE
+docker-compose up -d
+
+echo
+echo "==================================================================="
+echo "Clearing front page from Redis cache."
+docker exec redis redis-cli DEL pwview//
+EOT
+
+# Notify Sentry of this new deploy.
+# See https://sentry.io/blender-institute/blender-cloud/settings/release-tracking/
+# and https://docs.sentry.io/api/releases/post-organization-releases/
+# and https://sentry.io/api/
+echo
+echo "==================================================================="
+REVISION=$(date +'%Y%m%d.%H%M%S.%Z')
+echo "Notifying Sentry of this new deploy of revision $REVISION."
+SENTRY_RELEASE_URL="$($SSH env PYTHONPATH="$REMOTE_SECRET_CONFIG_DIR" python3 -c "\"import config_secrets; print(config_secrets.SENTRY_RELEASE_URL)\"")"
+curl -s "$SENTRY_RELEASE_URL" -XPOST -H 'Content-Type: application/json' -d "{\"version\": \"$REVISION\"}" | json_pp
+echo
+
+echo
+echo "==================================================================="
+echo "Deploy to $DEPLOYHOST done."
+echo "==================================================================="