AJR/dependency-track
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(ci): suppression consul_token + KV Fabio — routing gere par Registrator via labels
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source
This commit is contained in:
syoul
2026-03-19 14:51:52 +01:00
parent aa022ae18e
commit 47593d5001
1 changed files with 2 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
.woodpecker.yml
View File

@@ -12,14 +12,10 @@ steps:
environment:
DTRACK_DOMAIN:
from_secret: dtrack_domain
CONSUL_TOKEN:
from_secret: consul_token
commands:
- env | grep -E "^(DTRACK_DOMAIN)=" > .env.deploy
# COMPOSE_PROJECT_NAME : convention user-project-branch, genere depuis les vars CI
- OWNER=$(echo "$CI_REPO_OWNER" | tr 'A-Z' 'a-z') && REPO=$(echo "$CI_REPO_NAME" | tr 'A-Z' 'a-z') && BRANCH=$(echo "$CI_COMMIT_BRANCH" | tr 'A-Z/' 'a-z-') && echo "COMPOSE_PROJECT_NAME=$OWNER-$REPO-$BRANCH" >> .env.deploy
# consul_token ecrit seul (depuis from_secret, sans volumes)
- env | grep '^CONSUL_TOKEN=' | cut -d= -f2 > .consul_token
- echo "Fichier .env.deploy cree ($(wc -c < .env.deploy) octets)"
# TEST write-env : valide le contenu du .env.deploy
@@ -49,8 +45,7 @@ steps:
- /opt/dtrack:/opt/dtrack
commands:
- cp .env.deploy /opt/dtrack/.env
- cp .consul_token /opt/dtrack/.consul_token
- chmod 600 /opt/dtrack/.env /opt/dtrack/.consul_token
- chmod 600 /opt/dtrack/.env
- cp docker-compose.yml /opt/dtrack/docker-compose.yml
- echo "=== config resolue ==="
- cd /opt/dtrack && docker compose config
@@ -80,19 +75,7 @@ steps:
docker exec sonic-acme-1 cp /etc/acme.sh/$DOMAIN/$DOMAIN.key /host/certs/$DOMAIN-key.pem
echo "Cert TLS: /host/certs/$DOMAIN-cert.pem OK (acme exit $ACME_EXIT)"
# --- Routes Fabio KV (HTTP + HTTPS) ---
# DTrack a deux services : apiserver (/api/*) et frontend (/*)
CTOK=$(cat /opt/dtrack/.consul_token)
API_IP=$(docker inspect "$PROJECT-apiserver" --format '{{(index .NetworkSettings.Networks "sonic").IPAddress}}')
FRONTEND_IP=$(docker inspect "$PROJECT-frontend" --format '{{(index .NetworkSettings.Networks "sonic").IPAddress}}')
ROUTES=$(printf \
'route add %s-api %s/api/* http://%s:8080/api/\nroute add %s-api %s:443/api/* http://%s:8080/api/\nroute add %s-ui %s/* http://%s:8080/\nroute add %s-ui %s:443/* http://%s:8080/' \
"$PROJECT" "$DOMAIN" "$API_IP" \
"$PROJECT" "$DOMAIN" "$API_IP" \
"$PROJECT" "$DOMAIN" "$FRONTEND_IP" \
"$PROJECT" "$DOMAIN" "$FRONTEND_IP")
docker exec sonic-consul env CONSUL_HTTP_TOKEN="$CTOK" consul kv put "fabio/config/$PROJECT" "$ROUTES"
echo "KV Fabio: fabio/config/$PROJECT -> apiserver=$API_IP frontend=$FRONTEND_IP"
# Fabio routing gere automatiquement par Registrator via les labels SERVICE_* du compose
# TEST deploy : verifie que les conteneurs sont running
# NOTE: pas de ${VAR} (substitue par Woodpecker) — utiliser $VAR sans accolades