163 lines
5.0 KiB
Bash
163 lines
5.0 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
if [[ "$(uname -s)" != "Linux" ]]; then
|
|
echo "ERROR: This script is for Linux only."
|
|
echo "Windows users: run GCR/run-all.ps1"
|
|
exit 1
|
|
fi
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
ENV_FILE="$SCRIPT_DIR/.env"
|
|
AUTO_YES="${1:-}"
|
|
|
|
confirm_run() {
|
|
local label="$1"
|
|
local script_path="$2"
|
|
|
|
if [[ "$AUTO_YES" == "--yes" ]]; then
|
|
echo "[x] $label not done yet. Running $script_path (--yes enabled)..."
|
|
bash "$script_path"
|
|
return
|
|
fi
|
|
|
|
local answer
|
|
read -rp "[x] $label not done yet. Run now? [y/N]: " answer
|
|
if [[ "$answer" =~ ^[Yy]$ ]]; then
|
|
bash "$script_path"
|
|
fi
|
|
}
|
|
|
|
load_env() {
|
|
# shellcheck disable=SC1090
|
|
source "$ENV_FILE"
|
|
: "${GCP_PROJECT_ID:?GCP_PROJECT_ID is not set in .env}"
|
|
: "${GCP_REGION:?GCP_REGION is not set in .env}"
|
|
: "${GCP_REPOSITORY:?GCP_REPOSITORY is not set in .env}"
|
|
: "${SERVICE_NAME:?SERVICE_NAME is not set in .env}"
|
|
}
|
|
|
|
check_env() {
|
|
[[ -f "$ENV_FILE" ]]
|
|
}
|
|
|
|
check_gcloud_installed() {
|
|
command -v gcloud >/dev/null 2>&1
|
|
}
|
|
|
|
check_login() {
|
|
local active_account
|
|
local current_project
|
|
local current_region
|
|
local docker_cfg
|
|
|
|
active_account="$(gcloud auth list --filter=status:ACTIVE --format="value(account)" 2>/dev/null | head -n1 || true)"
|
|
current_project="$(gcloud config get-value project 2>/dev/null || true)"
|
|
current_region="$(gcloud config get-value run/region 2>/dev/null || true)"
|
|
|
|
docker_cfg="${DOCKER_CONFIG:-$HOME/.docker}/config.json"
|
|
[[ -n "$active_account" ]] &&
|
|
[[ "$current_project" == "$GCP_PROJECT_ID" ]] &&
|
|
[[ "$current_region" == "$GCP_REGION" ]] &&
|
|
[[ -f "$docker_cfg" ]] &&
|
|
grep -q "\"${GCP_REGION}-docker.pkg.dev\"" "$docker_cfg"
|
|
}
|
|
|
|
check_project_setup() {
|
|
local billing_enabled
|
|
billing_enabled="$(gcloud billing projects describe "$GCP_PROJECT_ID" --format="value(billingEnabled)" 2>/dev/null || true)"
|
|
[[ "$billing_enabled" == "True" ]] || return 1
|
|
|
|
gcloud artifacts repositories describe "$GCP_REPOSITORY" \
|
|
--location="$GCP_REGION" \
|
|
--project="$GCP_PROJECT_ID" >/dev/null 2>&1 || return 1
|
|
|
|
local api
|
|
for api in run.googleapis.com artifactregistry.googleapis.com secretmanager.googleapis.com cloudresourcemanager.googleapis.com; do
|
|
gcloud services list --enabled --project="$GCP_PROJECT_ID" --format="value(config.name)" 2>/dev/null \
|
|
| grep -Fxq "$api" || return 1
|
|
done
|
|
}
|
|
|
|
check_secrets_setup() {
|
|
local service_account
|
|
service_account="serviceAccount:${GCP_PROJECT_ID}@appspot.gserviceaccount.com"
|
|
|
|
gcloud secrets describe mongodb-connection-string --project="$GCP_PROJECT_ID" >/dev/null 2>&1 || return 1
|
|
|
|
gcloud secrets get-iam-policy mongodb-connection-string \
|
|
--project="$GCP_PROJECT_ID" \
|
|
--flatten="bindings[].members" \
|
|
--filter="bindings.role=roles/secretmanager.secretAccessor AND bindings.members=${service_account}" \
|
|
--format="value(bindings.members)" 2>/dev/null \
|
|
| grep -Fxq "$service_account"
|
|
}
|
|
|
|
check_deploy_done() {
|
|
gcloud run services describe "$SERVICE_NAME" \
|
|
--region="$GCP_REGION" \
|
|
--project="$GCP_PROJECT_ID" >/dev/null 2>&1
|
|
}
|
|
|
|
print_done() {
|
|
echo "[v] $1"
|
|
}
|
|
|
|
echo "================================================================"
|
|
echo " Htmx deployment flow runner (Linux)"
|
|
echo "================================================================"
|
|
|
|
if check_env; then
|
|
print_done "Step 0: .env exists"
|
|
else
|
|
echo "[x] Step 0: GCR/.env is missing"
|
|
echo " Copy GCR/.env.example to GCR/.env and fill required values."
|
|
exit 1
|
|
fi
|
|
|
|
load_env
|
|
|
|
if check_gcloud_installed; then
|
|
print_done "Step 1: gcloud installed"
|
|
else
|
|
confirm_run "Step 1: gcloud install" "$SCRIPT_DIR/scripts/00-install-gcloud.sh"
|
|
fi
|
|
|
|
if check_login; then
|
|
print_done "Step 2: login + docker auth configured"
|
|
else
|
|
confirm_run "Step 2: login" "$SCRIPT_DIR/scripts/01-login.sh"
|
|
fi
|
|
|
|
if check_project_setup; then
|
|
print_done "Step 3: project setup complete"
|
|
else
|
|
confirm_run "Step 3: project setup" "$SCRIPT_DIR/scripts/02-setup-project.sh"
|
|
fi
|
|
|
|
if check_secrets_setup; then
|
|
print_done "Step 4: secrets created and access granted"
|
|
else
|
|
confirm_run "Step 4: secrets setup" "$SCRIPT_DIR/scripts/03-create-secrets.sh"
|
|
fi
|
|
|
|
if check_deploy_done; then
|
|
print_done "Step 5: service is already deployed"
|
|
else
|
|
confirm_run "Step 5: deploy" "$SCRIPT_DIR/scripts/04-deploy.sh"
|
|
fi
|
|
|
|
echo ""
|
|
echo "================================================================"
|
|
echo " Final verification"
|
|
echo "================================================================"
|
|
|
|
if check_gcloud_installed; then print_done "Step 1"; else echo "[x] Step 1"; fi
|
|
if check_login; then print_done "Step 2"; else echo "[x] Step 2"; fi
|
|
if check_project_setup; then print_done "Step 3"; else echo "[x] Step 3"; fi
|
|
if check_secrets_setup; then print_done "Step 4"; else echo "[x] Step 4"; fi
|
|
if check_deploy_done; then print_done "Step 5"; else echo "[x] Step 5"; fi
|
|
|
|
echo ""
|
|
echo "Tip: run 'bash GCR/run-all.sh --yes' to auto-run missing steps without prompts."
|