feat(ops): deploy.sh — build, tag, replace, prune
One-shot deploy script that wraps the podman build + run dance: ./deploy.sh # build → replace container → prune (default) ./deploy.sh build # build + tag only ./deploy.sh run # restart from existing :latest, no rebuild ./deploy.sh prune # drop old timestamped images ./deploy.sh config # print resolved configuration Each build tags the image with both :latest AND a UTC timestamp (YYYYMMDD-HHMMSS), so rollback is a tag retag away. Prune keeps the N most recent timestamped images (KEEP_IMAGES, default 3); :latest is never touched. The matching regex is strict — only the exact YYYYMMDD-HHMMSS pattern — so a stray "dev" or hand-typed tag can't get caught. Settings come from an optional deploy.env (gitignored; example in deploy.env.example). Parser is allowlist-based: only recognised keys apply, malformed lines and command-substitution forms are ignored. Available overrides: IMAGE_NAME, CONTAINER_NAME, VOLUME_NAME, HOST_PORT, BIND_ADDR, KEEP_IMAGES, PUBLIC_BASE_URL, EXTRA_PODMAN_RUN_ARGS. HOST_PORT and KEEP_IMAGES are integer- validated before use. Uses podman run --replace per the global ops guidance (atomic, idempotent, no stop→rm→run race). BUILDAH_FORMAT=docker so the HEALTHCHECK directive in the Containerfile survives. shellcheck clean. README's Deployment section rewritten to lead with the script; manual podman snippet kept as fallback.
This commit is contained in:
parent
8ac1d8a0e6
commit
d29e1fd3d5
4 changed files with 273 additions and 11 deletions
28
deploy.env.example
Normal file
28
deploy.env.example
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
# Vinterliste deploy.sh overrides. Copy to `deploy.env` (gitignored) and
|
||||
# uncomment / edit any setting. The script falls back to sensible defaults
|
||||
# for everything you don't override.
|
||||
|
||||
# Host port mapping. Container always listens on 3000 internally.
|
||||
# HOST_PORT=3000
|
||||
|
||||
# Bind only to loopback when fronting with a reverse proxy on the same host.
|
||||
# BIND_ADDR=127.0.0.1
|
||||
|
||||
# Image, container, and volume names. Useful if you run multiple instances
|
||||
# on the same machine (e.g. staging + prod).
|
||||
# IMAGE_NAME=vinterliste
|
||||
# CONTAINER_NAME=vinterliste
|
||||
# VOLUME_NAME=vinterliste-data
|
||||
|
||||
# How many old timestamped images to keep on the local registry. :latest is
|
||||
# never pruned.
|
||||
# KEEP_IMAGES=3
|
||||
|
||||
# Canonical public URL for OpenGraph tags. Falls back to the request host
|
||||
# when unset, which works for single-origin deploys.
|
||||
# PUBLIC_BASE_URL=https://vinterliste.example.org
|
||||
|
||||
# Anything extra you want appended to `podman run`. Word-split, so use
|
||||
# proper shell quoting. Example: pin the user namespace, attach an extra
|
||||
# label, change the restart policy, etc.
|
||||
# EXTRA_PODMAN_RUN_ARGS=--userns=keep-id --label deploy.env=prod
|
||||
Loading…
Add table
Add a link
Reference in a new issue