e7886261bd
Pins all the build dependencies required by poetry, otherwise poetry installs arbitrary versions of them, which leads to a wrong version of cryptography being installed and the build failing. Note that Cloud dependencies (pillar and the like) has to have their build dependencies pinned in the same exact manner, for the same reason. Pins all the runtime dependencies as well, because Cloud can only use poetry==1.0 due to its source dependencies, so there's no "poetry lock --no-update" and each "poetry lock" updates arbitrary packages.
Deploying to Production
workon blender-cloud # activate your virtualenv
cd $projectdir/deploy
./full-pull.sh
The Details
Deployment consists of a few steps:
- Populate a staging directory with the files from the production branches of the various projects.
- Create Docker images.
- Push the docker images to Docker Hub.
- Pull the docker images on the production server and rebuild+restart the containers.
The scripts involved are:
2docker.sh: performs step 1. above.build-{xxx}.sh: performs steps 2. and 3. above.2server.sh: performs step 4. above.
The full-{xxx}.sh scripts perform all the steps, and call into build-{xxx}.sh.
For xxx there are:
all: Rebuild all Docker images from scratch. This is good for getting the latest updates to the base image.pull: Pull the base and intermediate images from Docker Hub so that they are the same as the last time someone pushed to production, then rebuilds the final Docker image.quick: Just rebuild the final Docker image. Only use this if the last time a deployment to the production server was done was by you, on the machine you're working on now.
Hacking Stuff
To deploy another branch than production, do export STAGING_BRANCH=otherbranch before starting
the above commands.