8000 CUSTOM_UP_COMMAND and SERVICE_UP_ONLY by grepler · Pull Request #178 · sksat/compose-cd · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

CUSTOM_UP_COMMAND and SERVICE_UP_ONLY #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

CUSTOM_UP_COMMAND and SERVICE_UP_ONLY #178

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
251a4af
added CUSTOM_UP_COMMAND for secret injection
grepler Nov 5, 2023
90fa6bf
variable cleanup
grepler Dec 12, 2023
fa014fd
added SERVICE_UP_ONLY
grepler Dec 16, 2023
d14a569
work on CUSTOM_UP_COMMAND and SERVICE_UP_ONLY
grepler Jan 6, 2024
d3047ad
Merge branch 'main' into alternate-up
grepler Jan 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,54 @@ At first glance, updating this configuration may seem to be very tedious, but it
Example:
- https://github.com/sksat/mc.yohane.su/pull/232


### How to to not bring down containers, only run docker compose up

Sometimes you don't want to bring the stack down before running docker-compose up. This allows docker-compose to decide which containers actually require restarts.

If this is what you want, then add `SERVICE_UP_ONLY` to your `.compose-cd` file, like this:

```
SERVICE_UP_ONLY=true
```

### How to inject secrets from a password manager

If you are using a password manager like 1Password, you can instruct compose-cd to use an alternate command to bring up the docker-compose stack.

For 1Password Connect Server, install the application, then add the environment variables to the service configuration.
Add the following to the installed service, by running `systemctl edit compose-cd`:

```
[Service]
# Set environment variables related to your custom_up_command(s)
Environment="OP_CONNECT_HOST=https://op.your.domain"
Environment="OP_CONNECT_TOKEN=yourconnecttoken"
```


Then within each docker-compose stack you can create op.env file with your configuration values.

```
POSTGRES_SERVER="op://vault-name/coder/database/server"
POSTGRES_DB="op://vault-name/coder/database/db"
POSTGRES_USER="op://vault-name/coder/database/user"
POSTGRES_USER_PW="op://vault-name/coder/database/password"
```

Following the [secrets-reference-syntax](https://developer.1password.com/docs/cli/secrets-reference-syntax/), these configuration items and secrets will be supplies whenever the docker compose stack is recreated, and the secrets never have to hit the filesystem or your monorepo (except of course in the container definition files...).

Finally, inside of your `.compose-cd` file, specify a custom up command. When using `op`, it should look like this:

```
CUSTOM_UP_COMMAND=op run --env-file=op.env -- docker compose up -d
```

This will use op to fetch the secret references and feed it to Docker Compose. Note that the secrets are still being baked into their respective container configurations, but they will not otherwise touch the filesystem.

Finally, if the secrets change, the same command will cause the containers to be rebuilt - but otherwise running `op run --env-file=op.env -- docker compose up -d` when the stack is already running will not cause any container restarts.


## Blog
- [マイクラサーバをGitHubで運用する](https://sksat.hatenablog.com/entry/2021/08/26/015620)

Expand Down
36 changes: 28 additions & 8 deletions compose-cd
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,10 +133,15 @@ function load_config() {
compose_log echo "config file not found"
return
fi

# Clear the CUSTOM_UP_COMMAND variable at the beginning of each iteration
unset CUSTOM_UP_COMMAND

# shellcheck disable=SC1091
source ./.compose-cd # super config system
if [ -z ${UPDATE_REPO_ONLY+x} ]; then UPDATE_REPO_ONLY=false; fi
if [ -z ${UPDATE_IMAGE_ONLY+x} ]; then UPDATE_IMAGE_ONLY=false; fi
if [ -z ${SERVICE_UP_ONLY+x} ]; then SERVICE_UP_ONLY=false; fi

if [ -z ${UPDATE_IMAGE_BY_REPO+x} ]; then UPDATE_IMAGE_BY_REPO=false; fi

Expand All @@ -162,18 +167,28 @@ function load_config() {
exit 1
fi

if [ -z "${CUSTOM_UP_COMMAND+x}" ] && [ -z "${RESTART_WITH_BUILD+x}" ]; then
compose_log echo "CUSTOM_UP_COMMAND and RESTART_WITH_BUILD are both populated. CUSTOM_UP_COMMAND overrides all other build options."
exit 1
fi

compose_log echo "ok"
return $ret
}

function service_up() {
compose_log notify "starting service..."
if ! "$RESTART_WITH_BUILD"; then
compose up -d 2>/dev/null
else
compose_log notify "start build..."
compose up -d --build 2>/dev/null
compose_log notify "finish build"

if [ -n "${CUSTOM_UP_COMMAND}" ]; then
eval "$CUSTOM_UP_COMMAND"
else
if ! "$RESTART_WITH_BUILD"; then
compose up -d 2>/dev/null
else
compose_log notify "start build..."
compose up -d --build 2>/dev/null
compose_log notify "finish build"
fi
fi
compose_log notify "service is up!"
}
Expand Down Expand Up @@ -448,7 +463,12 @@ function project_update() {
# todo: running check

compose_log echo "restart service..."
service_down

if ! "$SERVICE_UP_ONLY"; then
compose_log echo "restart service..."
service_down
fi

service_up

# after script
Expand Down Expand Up @@ -502,7 +522,7 @@ function foreach_project() {

(
cd "$proj" || {
compose_log echo "[$proj] error: project not fouund"
compose_log echo "[$proj] error: project not found"
exit 1
}
eval "$1 $proj"
Expand Down
0