Intial commit for deployment script p2
This commit is contained in:
+162
@@ -0,0 +1,162 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
if [[ "$(uname -s)" != "Linux" ]]; then
|
||||
echo "ERROR: This script is for Linux only."
|
||||
echo "Windows users: run GCR/run-all.ps1"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
ENV_FILE="$SCRIPT_DIR/.env"
|
||||
AUTO_YES="${1:-}"
|
||||
|
||||
confirm_run() {
|
||||
local label="$1"
|
||||
local script_path="$2"
|
||||
|
||||
if [[ "$AUTO_YES" == "--yes" ]]; then
|
||||
echo "[x] $label not done yet. Running $script_path (--yes enabled)..."
|
||||
bash "$script_path"
|
||||
return
|
||||
fi
|
||||
|
||||
local answer
|
||||
read -rp "[x] $label not done yet. Run now? [y/N]: " answer
|
||||
if [[ "$answer" =~ ^[Yy]$ ]]; then
|
||||
bash "$script_path"
|
||||
fi
|
||||
}
|
||||
|
||||
load_env() {
|
||||
# shellcheck disable=SC1090
|
||||
source "$ENV_FILE"
|
||||
: "${GCP_PROJECT_ID:?GCP_PROJECT_ID is not set in .env}"
|
||||
: "${GCP_REGION:?GCP_REGION is not set in .env}"
|
||||
: "${GCP_REPOSITORY:?GCP_REPOSITORY is not set in .env}"
|
||||
: "${SERVICE_NAME:?SERVICE_NAME is not set in .env}"
|
||||
}
|
||||
|
||||
check_env() {
|
||||
[[ -f "$ENV_FILE" ]]
|
||||
}
|
||||
|
||||
check_gcloud_installed() {
|
||||
command -v gcloud >/dev/null 2>&1
|
||||
}
|
||||
|
||||
check_login() {
|
||||
local active_account
|
||||
local current_project
|
||||
local current_region
|
||||
local docker_cfg
|
||||
|
||||
active_account="$(gcloud auth list --filter=status:ACTIVE --format="value(account)" 2>/dev/null | head -n1 || true)"
|
||||
current_project="$(gcloud config get-value project 2>/dev/null || true)"
|
||||
current_region="$(gcloud config get-value run/region 2>/dev/null || true)"
|
||||
|
||||
docker_cfg="${DOCKER_CONFIG:-$HOME/.docker}/config.json"
|
||||
[[ -n "$active_account" ]] &&
|
||||
[[ "$current_project" == "$GCP_PROJECT_ID" ]] &&
|
||||
[[ "$current_region" == "$GCP_REGION" ]] &&
|
||||
[[ -f "$docker_cfg" ]] &&
|
||||
grep -q "\"${GCP_REGION}-docker.pkg.dev\"" "$docker_cfg"
|
||||
}
|
||||
|
||||
check_project_setup() {
|
||||
local billing_enabled
|
||||
billing_enabled="$(gcloud billing projects describe "$GCP_PROJECT_ID" --format="value(billingEnabled)" 2>/dev/null || true)"
|
||||
[[ "$billing_enabled" == "True" ]] || return 1
|
||||
|
||||
gcloud artifacts repositories describe "$GCP_REPOSITORY" \
|
||||
--location="$GCP_REGION" \
|
||||
--project="$GCP_PROJECT_ID" >/dev/null 2>&1 || return 1
|
||||
|
||||
local api
|
||||
for api in run.googleapis.com artifactregistry.googleapis.com secretmanager.googleapis.com cloudresourcemanager.googleapis.com; do
|
||||
gcloud services list --enabled --project="$GCP_PROJECT_ID" --format="value(config.name)" 2>/dev/null \
|
||||
| grep -Fxq "$api" || return 1
|
||||
done
|
||||
}
|
||||
|
||||
check_secrets_setup() {
|
||||
local service_account
|
||||
service_account="serviceAccount:${GCP_PROJECT_ID}@appspot.gserviceaccount.com"
|
||||
|
||||
gcloud secrets describe mongodb-connection-string --project="$GCP_PROJECT_ID" >/dev/null 2>&1 || return 1
|
||||
|
||||
gcloud secrets get-iam-policy mongodb-connection-string \
|
||||
--project="$GCP_PROJECT_ID" \
|
||||
--flatten="bindings[].members" \
|
||||
--filter="bindings.role=roles/secretmanager.secretAccessor AND bindings.members=${service_account}" \
|
||||
--format="value(bindings.members)" 2>/dev/null \
|
||||
| grep -Fxq "$service_account"
|
||||
}
|
||||
|
||||
check_deploy_done() {
|
||||
gcloud run services describe "$SERVICE_NAME" \
|
||||
--region="$GCP_REGION" \
|
||||
--project="$GCP_PROJECT_ID" >/dev/null 2>&1
|
||||
}
|
||||
|
||||
print_done() {
|
||||
echo "[v] $1"
|
||||
}
|
||||
|
||||
echo "================================================================"
|
||||
echo " Htmx deployment flow runner (Linux)"
|
||||
echo "================================================================"
|
||||
|
||||
if check_env; then
|
||||
print_done "Step 0: .env exists"
|
||||
else
|
||||
echo "[x] Step 0: GCR/.env is missing"
|
||||
echo " Copy GCR/.env.example to GCR/.env and fill required values."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
load_env
|
||||
|
||||
if check_gcloud_installed; then
|
||||
print_done "Step 1: gcloud installed"
|
||||
else
|
||||
confirm_run "Step 1: gcloud install" "$SCRIPT_DIR/scripts/00-install-gcloud.sh"
|
||||
fi
|
||||
|
||||
if check_login; then
|
||||
print_done "Step 2: login + docker auth configured"
|
||||
else
|
||||
confirm_run "Step 2: login" "$SCRIPT_DIR/scripts/01-login.sh"
|
||||
fi
|
||||
|
||||
if check_project_setup; then
|
||||
print_done "Step 3: project setup complete"
|
||||
else
|
||||
confirm_run "Step 3: project setup" "$SCRIPT_DIR/scripts/02-setup-project.sh"
|
||||
fi
|
||||
|
||||
if check_secrets_setup; then
|
||||
print_done "Step 4: secrets created and access granted"
|
||||
else
|
||||
confirm_run "Step 4: secrets setup" "$SCRIPT_DIR/scripts/03-create-secrets.sh"
|
||||
fi
|
||||
|
||||
if check_deploy_done; then
|
||||
print_done "Step 5: service is already deployed"
|
||||
else
|
||||
confirm_run "Step 5: deploy" "$SCRIPT_DIR/scripts/04-deploy.sh"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "================================================================"
|
||||
echo " Final verification"
|
||||
echo "================================================================"
|
||||
|
||||
if check_gcloud_installed; then print_done "Step 1"; else echo "[x] Step 1"; fi
|
||||
if check_login; then print_done "Step 2"; else echo "[x] Step 2"; fi
|
||||
if check_project_setup; then print_done "Step 3"; else echo "[x] Step 3"; fi
|
||||
if check_secrets_setup; then print_done "Step 4"; else echo "[x] Step 4"; fi
|
||||
if check_deploy_done; then print_done "Step 5"; else echo "[x] Step 5"; fi
|
||||
|
||||
echo ""
|
||||
echo "Tip: run 'bash GCR/run-all.sh --yes' to auto-run missing steps without prompts."
|
||||
Reference in New Issue
Block a user