rename stacks to separe host and user worlds

This commit is contained in:
Yann Autissier 2022-05-07 15:04:44 +02:00
parent 15e846e3a4
commit 87a194c446
26 changed files with 97 additions and 75 deletions

View File

@ -3,14 +3,14 @@ include make/include.mk
##
# APP
app-bootstrap: setup-docker-group setup-nfsd setup-sysctl
app-bootstrap: setup-binfmt setup-nfsd setup-sysctl
app-build: base install-build-config
app-build: user install-build-config
$(call make,docker-compose-build docker-compose-up)
$(foreach service,$(or $(SERVICE),$(SERVICES)),$(call make,app-build-$(service)))
$(call make,docker-commit)
app-install: ansible-run base node
app-install: ansible-run
app-tests: ansible-tests

View File

@ -27,7 +27,7 @@ aws-ecr-get-login:
# target aws-iam-create-role-%: Call aws iam create-role with role-name % and role-policy file aws/policies/%-trust.json
.PHONY: aws-iam-create-role-%
aws-iam-create-role-%: base docker-build-aws
aws-iam-create-role-%: user docker-build-aws
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/policies/$*-trust.json')))
$(eval IGNORE_DRYRUN := false)
@ -35,7 +35,7 @@ aws-iam-create-role-%: base docker-build-aws
# target aws-iam-put-role-policy-%: Call aws iam put-role-policy with policy-name % and policy-document file aws/policies/%.json
.PHONY: aws-iam-put-role-policy-%
aws-iam-put-role-policy-%: base docker-build-aws
aws-iam-put-role-policy-%: user docker-build-aws
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/policies/$*.json')))
$(eval IGNORE_DRYRUN := false)
@ -81,7 +81,7 @@ aws-s3api-get-head-object-lastmodified: docker-build-aws
# target aws-ec2-import-snapshot: Call aws ec2 import-snapshot with S3Bucket AWS_S3_BUCKET and S3Key AWS_S3_KEY
.PHONY: aws-ec2-import-snapshot
aws-ec2-import-snapshot: base docker-build-aws aws-s3api-get-head-object-etag aws-s3api-get-head-object-lastmodified
aws-ec2-import-snapshot: user docker-build-aws aws-s3api-get-head-object-etag aws-s3api-get-head-object-lastmodified
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/import-snapshot.json')))
$(eval IGNORE_DRYRUN := false)
@ -189,7 +189,7 @@ aws-ec2-wait-snapshot-completed-%: docker-build-aws
# target aws-ec2-register-image: Fire aws-ec2-get-import-snapshot-tasks-id, Eval AWS_AMI_ID with Name AWS_AMI_NAME, Echo 'ImageId: AWS_AMI_ID'
.PHONY: aws-ec2-register-image
aws-ec2-register-image: base docker-build-aws aws-ec2-get-import-snapshot-tasks-id
aws-ec2-register-image: user docker-build-aws aws-ec2-get-import-snapshot-tasks-id
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/register-image-device-mappings.json')))
$(eval IGNORE_DRYRUN := false)

View File

@ -32,6 +32,7 @@ RUN \
&& curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh \
&& dep ensure -vendor-only \
&& go mod init \
&& go mod tidy \
&& go mod vendor \
&& CGO_ENABLED=0 GOOS=linux go build \
-a -installsuffix cgo \

View File

@ -4,16 +4,26 @@
# target bootstrap: Update application files and start dockers
# on local host
.PHONY: bootstrap
bootstrap: bootstrap-git bootstrap-docker app-bootstrap ## Update application files and start dockers
bootstrap: bootstrap-app bootstrap-host bootstrap-user app-bootstrap ## Update application files and start dockers
# target bootstrap-docker: Build and start application dockers
# target bootstrap-app: Fire install-bin-git
.PHONY: bootstrap-app
bootstrap-app: install-bin-git
# target bootstrap-docker: Install and configure docker
# on local host
.PHONY: bootstrap-docker
bootstrap-docker: install-bin-docker setup-docker-group
# target bootstrap-git: Fire update-app
.PHONY: bootstrap-git
bootstrap-git: install-bin-git
# target bootstrap-host: Fire bootstrap-docker target and start node stack
# on local host
.PHONY: bootstrap-host
bootstrap-host: bootstrap-docker node
# target bootstrap-user: Fire bootstrap-docker target and start user stack
# on local host
.PHONY: bootstrap-user
bootstrap-user: bootstrap-docker user
# target build: Build application docker images to run
# on local host
@ -23,7 +33,7 @@ build: docker-compose-build ## Build application docker images
# target build@%: Build application docker images of % ENV
# on local host
.PHONY: build@% app-build
build@%: myos-base
build@%: myos-user
$(eval docker_images += $(foreach service,$(SERVICES),$(if $(shell docker images -q $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) 2>/dev/null),$(service))))
$(eval build_app := $(or $(filter $(DOCKER_BUILD_CACHE),false),$(filter-out $(docker_images),$(SERVICES))))
$(if $(build_app), \
@ -170,14 +180,14 @@ stack:
# target stack-%: Call docker-compose-% target on STACK
## it splits % on dashes and extracts stack from the beginning and command from
## the last part of %
## ex: stack-base-up will fire the docker-compose-up target in the base stack
## ex: stack-User-up will fire the docker-compose-up target in the User stack
.PHONY: stack-%
stack-%:
$(eval stack := $(subst -$(lastword $(subst -, ,$*)),,$*))
$(eval command := $(lastword $(subst -, ,$*)))
$(if $(findstring -,$*), \
$(if $(filter $(command),$(filter-out %-%,$(patsubst docker-compose-%,%,$(filter docker-compose-%,$(MAKE_TARGETS))))), \
$(call make,docker-compose-$(command) STACK="$(stack)" $(if $(filter node,$(stack)),COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME_NODE)),,ARGS COMPOSE_IGNORE_ORPHANS SERVICE)))
$(call make,docker-compose-$(command) STACK="$(stack)" $(if $(filter $(COMPOSE_PROJECT_NAME_NODE),$(stack)),COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME_NODE)),,ARGS COMPOSE_IGNORE_ORPHANS SERVICE)))
# target start app-start: Start application dockers
# on local host

View File

@ -10,7 +10,7 @@ else
COMPOSE_FILE_APP ?= true
endif
COMPOSE_IGNORE_ORPHANS ?= false
COMPOSE_PROJECT_NAME ?= $(APP_ENV)$(subst /,,$(subst -,,$(APP_PATH)))
COMPOSE_PROJECT_NAME ?= $(PROJECT_ENV)$(subst /,,$(subst -,,$(APP_PATH)))
COMPOSE_SERVICE_NAME ?= $(subst _,-,$(COMPOSE_PROJECT_NAME))
COMPOSE_VERSION ?= 1.29.2
CONTEXT += COMPOSE_FILE DOCKER_REPOSITORY

View File

@ -1,6 +1,5 @@
APP_DIR ?= $(CURDIR)
APP_DOMAIN ?= $(ENV)$(addprefix .,$(DOMAIN))
APP_ENV ?= $(USER_ENV)_$(APP)
APP_HOST ?= $(APP)$(addprefix .,$(APP_DOMAIN))
APP_INSTALLED ?= $(APPS)
APP_PARENT ?= $(MONOREPO)
@ -24,7 +23,7 @@ ENV_VARS += APP_DIR APP_DOMAIN APP_HOST APP_PATH APP_URL
MOUNT_NFS ?= false
NFS_CONFIG ?= addr=$(NFS_HOST),actimeo=3,intr,noacl,noatime,nocto,nodiratime,nolock,soft,rsize=32768,wsize=32768,tcp,rw,vers=3
NFS_HOST ?= host.docker.internal
SERVICE_ENV ?= $(subst _,-,$(APP_ENV))
PROJECT_ENV ?= $(USER)_$(APP)_$(ENV)
SERVICE_NAME ?= $(COMPOSE_SERVICE_NAME)
SERVICE_VERSION ?= $(BUILD_DATE)-$(VERSION)
SERVICES ?= $(DOCKER_SERVICES)

View File

@ -6,7 +6,7 @@
## it runs ansible-pull on hosts to pull docker images from the registry
## it tags and pushes docker images as latest to docker registry
.PHONY: deploy@%
deploy@%: myos-base build@% ## Deploy application docker images
deploy@%: myos-user build@% ## Deploy application docker images
$(call make,docker-login docker-tag docker-push)
$(call make,myos-ansible-pull@$(ENV) ANSIBLE_DOCKER_IMAGE_TAG=$(VERSION) ANSIBLE_TAGS=deploy AWS_ACCESS_KEY_ID=$(AWS_ACCESS_KEY_ID) AWS_SECRET_ACCESS_KEY=$(AWS_SECRET_ACCESS_KEY),,APP)
$(call make,docker-tag-latest docker-push-latest)
@ -33,7 +33,7 @@ deploy-hook-ping-curl:
## it runs ansible-pull on localhost to pull docker images from the registry
## it tags and pushes docker images as latest to docker registry
.PHONY: deploy-localhost
deploy-localhost: myos-base build@$(ENV) ## Deploy application docker images
deploy-localhost: myos-user build@$(ENV) ## Deploy application docker images
$(call make,docker-login docker-tag docker-push)
$(call make,myos-ansible-pull ANSIBLE_DOCKER_IMAGE_TAG=$(VERSION) ANSIBLE_TAGS=deploy,,APP MYOS_TAGS_JSON)
$(call make,docker-tag-latest docker-push-latest)

View File

@ -124,7 +124,7 @@ docker-images-rm-%:
# target docker-login: Run 'docker login'
.PHONY: docker-login
docker-login: myos-base
docker-login: myos-user
$(RUN) docker login
# target docker-network-create: Fire docker-network-create-% for DOCKER_NETWORK

View File

@ -3,7 +3,7 @@
# target git-branch-create-upstream-%: Create git BRANCH from upstream/% branch
.PHONY: git-branch-create-upstream-%
git-branch-create-upstream-%: $(if $(DOCKER_RUN),myos-base) update-upstream
git-branch-create-upstream-%: myos-user update-upstream
$(RUN) git fetch --prune upstream
git rev-parse --verify $(BRANCH) >/dev/null 2>&1 \
&& $(or $(call WARNING,present branch,$(BRANCH)), true) \
@ -15,7 +15,7 @@ git-branch-create-upstream-%: $(if $(DOCKER_RUN),myos-base) update-upstream
# target git-branch-delete: Delete git BRANCH
.PHONY: git-branch-delete
git-branch-delete: $(if $(DOCKER_RUN),myos-base) update-upstream
git-branch-delete: myos-user update-upstream
git rev-parse --verify $(BRANCH) >/dev/null 2>&1 \
&& $(RUN) git branch -d $(BRANCH) \
|| $(or $(call WARNING,no branch,$(BRANCH)), true)
@ -26,7 +26,7 @@ git-branch-delete: $(if $(DOCKER_RUN),myos-base) update-upstream
# target git-branch-merge-upstream-%: Merge git BRANCH into upstream/% branch
.PHONY: git-branch-merge-upstream-%
git-branch-merge-upstream-%: $(if $(DOCKER_RUN),myos-base) update-upstream
git-branch-merge-upstream-%: myos-user update-upstream
git rev-parse --verify $(BRANCH) >/dev/null 2>&1
$(RUN) git checkout $(BRANCH)
$(RUN) git pull --ff-only upstream $(BRANCH)
@ -38,12 +38,12 @@ git-branch-merge-upstream-%: $(if $(DOCKER_RUN),myos-base) update-upstream
# target git-stash: git stash
.PHONY: git-stash
git-stash: $(if $(DOCKER_RUN),myos-base)
git-stash: myos-user
$(if $(filter-out 0,$(STATUS)),$(RUN) git stash)
# target git-tag-create-upstream-%: Create git TAG to reference upstream/% branch
.PHONY: git-tag-create-upstream-%
git-tag-create-upstream-%: $(if $(DOCKER_RUN),myos-base) update-upstream
git-tag-create-upstream-%: myos-user update-upstream
ifneq ($(words $(TAG)),0)
$(RUN) git checkout $*
$(RUN) git pull --tags --prune upstream $*
@ -60,7 +60,7 @@ endif
# target git-tag-merge-upstream-%: Merge git TAG into upstream/% branch
.PHONY: git-tag-merge-upstream-%
git-tag-merge-upstream-%: $(if $(DOCKER_RUN),myos-base) update-upstream
git-tag-merge-upstream-%: myos-user update-upstream
ifneq ($(words $(TAG)),0)
$(RUN) git fetch --tags -u --prune upstream $*:$*
$(RUN) git checkout $*
@ -70,5 +70,5 @@ endif
# target git-unstash: git stash pop
.PHONY: git-unstash
git-unstash: $(if $(DOCKER_RUN),myos-base)
git-unstash: myos-user
$(if $(filter-out 0,$(STATUS)),$(RUN) git stash pop)

View File

@ -22,7 +22,7 @@ install-config-%:
## it creates user % with password % and all privileges on database %
## it imports %.mysql.gz file in database %
.PHONY: install-mysql-database-%
install-mysql-database-%: $(if $(DOCKER_RUN),myos-base)
install-mysql-database-%: myos-user
$(call exec,mysql -h mysql -u root -proot $* -e "use $*" >/dev/null 2>&1) \
|| $(call exec,$(RUN) mysql -h mysql -u root -proot mysql -e "create database $* character set utf8 collate utf8_unicode_ci;")
$(call exec,mysql -h mysql -u $* -p$* $* -e "use $*" >/dev/null 2>&1) \
@ -37,7 +37,7 @@ install-mysql-database-%: $(if $(DOCKER_RUN),myos-base)
## it creates user % with password % and all privileges on database %
## it imports %.pgsql.gz file in database %
.PHONY: install-pgsql-database-%
install-pgsql-database-%: myos-base
install-pgsql-database-%: myos-user
$(call exec,PGPASSWORD=$* psql -h postgres -U $* template1 -c "\q" >/dev/null 2>&1) \
|| $(call exec,$(RUN) PGPASSWORD=postgres psql -h postgres -U postgres -c "create user $* with createdb password '$*';")
$(call exec,PGPASSWORD=$* psql -h postgres -U $* -d $* -c "" >/dev/null 2>&1) \

View File

@ -9,7 +9,7 @@ NFS_DISK ?= $(NFS_HOST):/$(notdir $(SHARED))
NFS_OPTIONS ?= rw,rsize=8192,wsize=8192,bg,hard,intr,nfsvers=3,noatime,nodiratime,actimeo=3
NFS_PATH ?= /dns/$(subst $(space),/,$(strip $(call reverse,$(subst ., ,$(NFS_HOST)))))$(subst ..,,$(SHARED))
SHELL ?= /bin/sh
STACK ?= base
STACK ?= User
env ?= $(ENV)
user ?= $(USER)

View File

@ -1,3 +1,5 @@
SETUP_BINFMT ?= false
SETUP_BINFMT_ARCH ?= all
SETUP_NFSD ?= false
SETUP_NFSD_OSX_CONFIG ?= nfs.server.bonjour=0 nfs.server.mount.regular_files=1 nfs.server.mount.require_resv_port=0 nfs.server.nfsd_threads=16 nfs.server.async=1
SETUP_SYSCTL ?= false

16
make/apps/myos/node.mk Normal file
View File

@ -0,0 +1,16 @@
##
# NODE
# target node-ssl-certs: Create ${DOMAIN}.key.pem and ${DOMAIN}.crt.pem files
.PHONY: node-ssl-certs
node-ssl-certs:
docker run --rm --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|| $(RUN) docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine sh -c "\
apk --no-cache add openssl \
&& { [ -f /certs/${DOMAIN}.key.pem ] || openssl genrsa -out /certs/${DOMAIN}.key.pem 2048; } \
&& openssl req -key /certs/${DOMAIN}.key.pem -out /certs/${DOMAIN}.crt.pem \
-addext extendedKeyUsage=serverAuth \
-addext subjectAltName=DNS:${DOMAIN} \
-subj \"/C=/ST=/L=/O=/CN=${DOMAIN}\" \
-x509 -days 365"

View File

@ -29,3 +29,10 @@ setup-sysctl:
ifeq ($(SETUP_SYSCTL),true)
$(foreach config,$(SETUP_SYSCTL_CONFIG),$(call docker-run,sysctl -q -w $(config),--privileged alpine) &&) true
endif
# target setup-binfmt: Install binfmt abstraction layer
.PHONY: setup-binfmt
setup-binfmt:
ifeq ($(SETUP_BINFMT),true)
$(call docker-run,--install $(SETUP_BINFMT_ARCH),--privileged tonistiigi/binfmt)
endif

View File

@ -34,7 +34,7 @@ ssh-get-PrivateIpAddress-%: aws-ec2-get-instances-PrivateIpAddress-%;
# target ssh-key: Add ssh private key SSH_KEY to SSH_DIR
.PHONY: ssh-key
ssh-key: $(if $(DOCKER_RUN),stack-base-up)
ssh-key: $(if $(DOCKER_RUN),stack-User-up)
ifneq (,$(filter true,$(DRONE)))
$(call exec,sh -c '[ ! -d $(SSH_DIR) ] && mkdir -p $(SSH_DIR) && chown $(UID) $(SSH_DIR) && chmod 0700 $(SSH_DIR) ||:')
endif
@ -44,16 +44,3 @@ endif
.PHONY: ssh-run
ssh-run: ssh-get-PrivateIpAddress-$(SERVER_NAME)
$(call ssh-exec,$(AWS_INSTANCE_IP),make run $(if $(SERVICE),SERVICE=$(SERVICE)) $(if $(ARGS),ARGS='\''"$(ARGS)"'\''))
# target ssl-certs: Create ${DOMAIN}.key.pem and ${DOMAIN}.crt.pem files
.PHONY: ssl-certs
ssl-certs:
docker run --rm --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|| $(RUN) docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine sh -c "\
apk --no-cache add openssl \
&& { [ -f /certs/${DOMAIN}.key.pem ] || openssl genrsa -out /certs/${DOMAIN}.key.pem 2048; } \
&& openssl req -key /certs/${DOMAIN}.key.pem -out /certs/${DOMAIN}.crt.pem \
-addext extendedKeyUsage=serverAuth \
-addext subjectAltName=DNS:${DOMAIN} \
-subj \"/C=/ST=/L=/O=/CN=${DOMAIN}\" \
-x509 -days 365"

View File

@ -16,6 +16,6 @@ subrepo-push subrepos-push:
subrepo-tag-create-% subrepos-tag-create-%:
$(call make,subrepo-tag-create-$*,..,SUBREPO TAG)
# target subrepo-update subrepos-update: Fire bootstrap-git git-stash subrepo-push git-unstash
# target subrepo-update subrepos-update: Fire bootstrap-app git-stash subrepo-push git-unstash
.PHONY: subrepo-update subrepos-update
subrepo-update subrepos-update: bootstrap-git git-stash subrepo-push git-unstash
subrepo-update subrepos-update: bootstrap-app git-stash subrepo-push git-unstash

View File

@ -4,17 +4,17 @@
# target $(APP): Call update-app
.PHONY: $(APP)
$(APP): APP_DIR := $(RELATIVE)$(APP)
$(APP): myos-base
$(APP): myos-user
$(call update-app)
# target install-app install-apps: Call install-app for each ARGS
.PHONY: install-app install-apps
install-app install-apps: myos-base install-app-required
install-app install-apps: myos-user install-app-required
$(foreach url,$(ARGS),$(call install-app,$(url)))
# target install-app-required: Call install-app for each APP_REQUIRED
.PHONY: install-app-required
install-app-required: myos-base
install-app-required: myos-user
$(foreach url,$(APP_REQUIRED),$(call install-app,$(url)))
# target install-bin-%; Call ansible-run-localhost when bin % is not available
@ -41,7 +41,7 @@ update-app-%: % ;
# target update-config: Update config files
.PHONY: update-config
update-config: myos-base
update-config: myos-user
$(call update-app,$(CONFIG_REPOSITORY),$(CONFIG))
# target update-hosts: Update /etc/hosts
@ -60,17 +60,17 @@ endif
# target update-remote-%: fetch git remote %
.PHONY: update-remote-%
update-remote-%: myos-base
update-remote-%: myos-user
$(RUN) git fetch --prune --tags $*
# target update-remotes: fetch all git remotes
.PHONY: update-remotes
update-remotes: myos-base
update-remotes: myos-user
$(RUN) git fetch --all --prune --tags
# target update-upstream: fetch git remote upstream
.PHONY: update-upstream
update-upstream: myos-base .git/refs/remotes/upstream/master
update-upstream: myos-user .git/refs/remotes/upstream/master
$(RUN) git fetch --prune --tags upstream
# target .git/refs/remotes/upstream/master: add git upstream APP_UPSTREAM_REPOSITORY

View File

@ -1,5 +1,5 @@
COMPOSE_PROJECT_NAME_MYOS ?= $(USER_ENV)_myos
COMPOSE_PROJECT_NAME_NODE ?= node
COMPOSE_PROJECT_NAME_USER ?= $(USER)_myos_$(ENV)
DOCKER_ENV_ARGS ?= $(docker_env_args)
DOCKER_EXEC_OPTIONS ?=
DOCKER_GID ?= $(call gid,docker)
@ -7,12 +7,12 @@ DOCKER_IMAGE ?= $(DOCKER_IMAGE_CLI)
DOCKER_IMAGE_CLI ?= $(DOCKER_REPOSITORY_MYOS)/cli
DOCKER_IMAGE_SSH ?= $(DOCKER_REPOSITORY_MYOS)/ssh
DOCKER_NAME ?= $(DOCKER_NAME_CLI)
DOCKER_NAME_CLI ?= $(COMPOSE_PROJECT_NAME_MYOS)_cli
DOCKER_NAME_SSH ?= $(COMPOSE_PROJECT_NAME_MYOS)_ssh
DOCKER_NAME_CLI ?= $(COMPOSE_PROJECT_NAME_USER)_cli
DOCKER_NAME_SSH ?= $(COMPOSE_PROJECT_NAME_USER)_ssh
DOCKER_NETWORK ?= $(DOCKER_NETWORK_PRIVATE)
DOCKER_NETWORK_PRIVATE ?= $(USER_ENV)
DOCKER_NETWORK_PUBLIC ?= node
DOCKER_REPOSITORY_MYOS ?= $(subst _,/,$(COMPOSE_PROJECT_NAME_MYOS))
DOCKER_NETWORK_PUBLIC ?= $(COMPOSE_PROJECT_NAME_NODE)
DOCKER_REPOSITORY_MYOS ?= $(subst _,/,$(COMPOSE_PROJECT_NAME_USER))
DOCKER_REPOSITORY_NODE ?= $(subst _,/,$(COMPOSE_PROJECT_NAME_NODE))
# DOCKER_RUN: if empty, run system command, else run it in a docker
DOCKER_RUN ?= $(if $(filter-out false False FALSE,$(DOCKER)),$(DOCKER))
@ -21,7 +21,7 @@ DOCKER_RUN_OPTIONS += --rm -it
# DOCKER_RUN_VOLUME: options -v of `docker run` command to mount additionnal volumes
DOCKER_RUN_VOLUME += -v /var/run/docker.sock:/var/run/docker.sock
DOCKER_RUN_WORKDIR ?= -w $(PWD)
DOCKER_VOLUME_SSH ?= $(COMPOSE_PROJECT_NAME_MYOS)_ssh
DOCKER_VOLUME_SSH ?= $(COMPOSE_PROJECT_NAME_USER)_ssh
ENV_VARS += DOCKER_IMAGE_CLI DOCKER_IMAGE_SSH DOCKER_NAME_CLI DOCKER_NAME_SSH DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC DOCKER_REPOSITORY_MYOS DOCKER_REPOSITORY_NODE DOCKER_VOLUME_SSH
ifeq ($(DRONE), true)

View File

@ -82,7 +82,7 @@ MAKE_ENV_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLE
MAKE_FILE_ARGS ?= $(foreach var,$(filter $(ENV_VARS),$(MAKE_FILE_VARS)),$(var)='$($(var))')
MAKE_FILE_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLES,$(.VARIABLES)), $(if $(filter file,$(origin $(var))),$(var))))
MAKE_OLDFILE ?= $@
MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -qp 2>/dev/null |awk -F':' '/^[a-zA-Z0-9][^$$\#\/\t=]*:([^=]|$$)/ {print $$1}' |sort -u))
MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -qp 2>/dev/null |awk -F':' '/^[a-zA-Z0-9][^$$#\/\t=]*:([^=]|$$)/ {print $$1}' |sort -u))
MAKE_UNIXTIME_START := $(shell date -u +'%s' 2>/dev/null)
MAKE_UNIXTIME_CURRENT = $(shell date -u "+%s" 2>/dev/null)
MAKE_VARS ?= ENV

View File

@ -9,7 +9,7 @@
# target .env-clean: Remove .env
.PHONY: .env-clean
.env-clean:
rm -f .env || true
rm -i .env || true
# include .env file
-include .env

View File

@ -3,7 +3,7 @@
# target subrepo-branch-delete: Delete branch $(BRANCH) on remote $(SUBREPO)
.PHONY: subrepo-branch-delete
subrepo-branch-delete: myos-base subrepo-check
subrepo-branch-delete: myos-user subrepo-check
ifneq ($(words $(BRANCH)),0)
[ $$(git ls-remote --heads $(REMOTE) $(BRANCH) 2>/dev/null |wc -l) -eq 1 ] \
&& $(RUN) git push $(REMOTE) :$(BRANCH)
@ -26,19 +26,19 @@ endif
## it gets child of parent commit : git rev-list --ancestry-path parent..HEAD |tail -n 1
## it compares child commit with our tree : git diff --quiet child -- subrepo
.PHONY: subrepo-git-diff
subrepo-git-diff: myos-base subrepo-check
subrepo-git-diff: myos-user subrepo-check
$(eval IGNORE_DRYRUN := true)
$(eval DIFF = $(shell git diff --quiet $(shell git rev-list --ancestry-path $(shell awk '$$1 == "parent" {print $$3}' $(SUBREPO)/.gitrepo)..HEAD |tail -n 1) -- $(SUBREPO); printf '$$?\n') )
$(eval IGNORE_DRYRUN := false)
# target subrepo-git-fetch: Fetch git remote
.PHONY: subrepo-git-fetch
subrepo-git-fetch: myos-base subrepo-check
subrepo-git-fetch: myos-user subrepo-check
$(RUN) git fetch --prune $(REMOTE)
# target subrepo-tag-create-%: Create tag TAG to reference branch REMOTE/%
.PHONY: subrepo-tag-create-%
subrepo-tag-create-%: myos-base subrepo-check subrepo-git-fetch
subrepo-tag-create-%: myos-user subrepo-check subrepo-git-fetch
ifneq ($(words $(TAG)),0)
[ $$(git ls-remote --tags $(REMOTE) $(TAG) |wc -l) -eq 0 ] \
|| $(call exec,$(RUN) git push $(REMOTE) :refs/tags/$(TAG))
@ -47,7 +47,7 @@ endif
# target subrepo-push: Push to subrepo
.PHONY: subrepo-push
subrepo-push: myos-base subrepo-check subrepo-git-fetch subrepo-git-diff
subrepo-push: myos-user subrepo-check subrepo-git-fetch subrepo-git-diff
# update .gitrepo only on master branch
ifeq ($(BRANCH),master)
$(eval UPDATE_SUBREPO_OPTIONS += -u)
@ -82,7 +82,7 @@ subrepos-tag-create-%: $(APPS) ;
# target subrepos-update: Fire APPS target and push updates to upstream
.PHONY: subrepos-update
subrepos-update: myos-base git-stash $(APPS) git-unstash ## Update subrepos
subrepos-update: myos-user git-stash $(APPS) git-unstash ## Update subrepos
$(RUN) git push upstream $(BRANCH)
# target subrepo-update-%: Call subrepo-update target in folder %

3
stack/User.mk Normal file
View File

@ -0,0 +1,3 @@
# target user: Fire ssh-add
.PHONY: User user
User user: bootstrap-docker docker-network-create $(if $(DOCKER_RUN),stack-User-up) ssh-add

View File

@ -1,3 +0,0 @@
# target base: Fire ssh-add
.PHONY: base
base: $(if $(DOCKER_RUN),bootstrap-docker docker-network-create stack-base-up) ssh-add

View File

@ -1,5 +1,5 @@
ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET
# target node: Fire docker-network-create-% for DOCKER_NETWORK_PUBLIC ssl-certs stack-node-up
# target node: Fire docker-network-create-% for DOCKER_NETWORK_PUBLIC node-ssl-certs stack-node-up
.PHONY: node
node: bootstrap-docker docker-network-create-$(DOCKER_NETWORK_PUBLIC) ssl-certs stack-node-up
node: bootstrap-docker docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs stack-node-up

View File

@ -88,7 +88,7 @@ services:
context: ../..
dockerfile: docker/registrator/Dockerfile
image: ${DOCKER_REPOSITORY_NODE}/registrator:${DOCKER_IMAGE_TAG}
command: -internal -cleanup -deregister always -resync=30 -useIpFromNetwork node -useIpFromLabel SERVICE_ADDRESS consul://consul:8500
command: -internal -cleanup -deregister always -resync=30 -useIpFromNetwork "${DOCKER_NETWORK_PUBLIC}" -useIpFromLabel SERVICE_ADDRESS consul://consul:8500
depends_on:
- consul
environment: