From f8f8218537eda2b67abe890a33c6a098988983d5 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sat, 3 Feb 2024 10:07:29 -0600 Subject: [PATCH] ci: Auto deploy latest build of master After building and publishing a new "latest" container image, we can automatically deploy it to production by restarting the *sshca* Deployment. We use `curl` here to patch the Deployment manually, since `kubectl` is not available in the container image. This is a simple enough operation that it's not worth the effort of trying to install it. --- .editorconfig | 5 +++++ ci/Jenkinsfile | 9 +++++++++ ci/deploy.sh | 24 ++++++++++++++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 ci/deploy.sh diff --git a/.editorconfig b/.editorconfig index c6d39a8..93f4e5f 100644 --- a/.editorconfig +++ b/.editorconfig @@ -8,3 +8,8 @@ trim_trailing_whitespace = true [**.rs] max_line_length = 79 + +[Jenkinsfile] +max_line_length = 79 +indent_style = space +indent_size = 4 diff --git a/ci/Jenkinsfile b/ci/Jenkinsfile index dadef3d..0911e16 100644 --- a/ci/Jenkinsfile +++ b/ci/Jenkinsfile @@ -40,6 +40,15 @@ pipeline { } } } + + stage('Deploy') { + when { + branch 'master' + } + steps { + sh '. ci/deploy.sh' + } + } } } } diff --git a/ci/deploy.sh b/ci/deploy.sh new file mode 100644 index 0000000..455fd25 --- /dev/null +++ b/ci/deploy.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +namespace=sshca +name=sshca + +now=$(date +%Y-%m-%dT%H:%M:%S%:z) + +curl https://${KUBERNETES_SERVICE_HOST}:${KUBERNETES_SERVICE_PORT}/apis/apps/v1/namespaces/${namespace}/deployments/${name} \ + --cacert /run/secrets/kubernetes.io/serviceaccount/ca.crt \ + -X PATCH \ + -H "Authorization: Bearer $(cat /run/secrets/kubernetes.io/serviceaccount/token)" \ + -H 'Content-Type: application/merge-patch+json' \ + -H 'Accept: application/json' \ + -d '{ + "spec": { + "template": { + "metadata": { + "annotations": { + "kubectl.kubernetes.io/restartedAt": "'"${now}"'" + } + } + } + } +}'