syoul/prestashop-test
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: mise a jour KV Fabio automatique apres chaque deploy
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source 
- Ajoute consul_token dans write-env (from_secret, sans volumes)
- Ecrit le token dans .consul_token (lu par deploy)
- Apres docker compose up, relit l'IP du container et met a jour
  fabio/config/$PROJECT avec les routes correctes
- Sous-cle par projet pour coexister avec les autres stacks

Corrige les 502 dus au KV stale quand le container change d'IP.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
syoul
2026-03-18 00:29:03 +01:00
parent 6a37cb541e
commit 47f09e9a7e
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.woodpecker.yml
View File

@@ -37,6 +37,8 @@ steps:
# Etape 3a : Ecriture du .env depuis les secrets # Etape 3a : Ecriture du .env depuis les secrets
# NOTE: ne pas utiliser ${VAR} dans commands (bug Woodpecker next), utiliser env | grep # NOTE: ne pas utiliser ${VAR} dans commands (bug Woodpecker next), utiliser env | grep
# NOTE: from_secret et volumes: incompatibles dans le meme step (bug Woodpecker next)
# -> consul_token ecrit dans .consul_token ici, lu dans deploy
- name: write-env - name: write-env
image: alpine:3.20 image: alpine:3.20
environment: environment:
@@ -52,10 +54,14 @@ steps:
from_secret: db_root_password from_secret: db_root_password
DB_PASSWORD: DB_PASSWORD:
from_secret: db_password from_secret: db_password
CONSUL_TOKEN:
from_secret: consul_token
commands: commands:
- env | grep -E "^(PS_DOMAIN|PS_ADMIN_FOLDER|PRESTASHOP_ADMIN_EMAIL|PRESTASHOP_ADMIN_PASSWORD|DB_ROOT_PASSWORD|DB_PASSWORD)=" > .env.deploy - env | grep -E "^(PS_DOMAIN|PS_ADMIN_FOLDER|PRESTASHOP_ADMIN_EMAIL|PRESTASHOP_ADMIN_PASSWORD|DB_ROOT_PASSWORD|DB_PASSWORD)=" > .env.deploy
# COMPOSE_PROJECT_NAME : convention user-project-branch, genere depuis les vars CI # COMPOSE_PROJECT_NAME : convention user-project-branch, genere depuis les vars CI
- OWNER=$(echo "$CI_REPO_OWNER" | tr 'A-Z' 'a-z') && REPO=$(echo "$CI_REPO_NAME" | tr 'A-Z' 'a-z') && BRANCH=$(echo "$CI_COMMIT_BRANCH" | tr 'A-Z/' 'a-z-') && echo "COMPOSE_PROJECT_NAME=$OWNER-$REPO-$BRANCH" >> .env.deploy - OWNER=$(echo "$CI_REPO_OWNER" | tr 'A-Z' 'a-z') && REPO=$(echo "$CI_REPO_NAME" | tr 'A-Z' 'a-z') && BRANCH=$(echo "$CI_COMMIT_BRANCH" | tr 'A-Z/' 'a-z-') && echo "COMPOSE_PROJECT_NAME=$OWNER-$REPO-$BRANCH" >> .env.deploy
# consul_token ecrit seul (depuis from_secret, sans volumes)
- env | grep '^CONSUL_TOKEN=' | cut -d= -f2 > .consul_token
- echo "Fichier .env.deploy cree ($(wc -c < .env.deploy) octets)" - echo "Fichier .env.deploy cree ($(wc -c < .env.deploy) octets)"
# Etape 3b : Deploiement sur sonic via Docker socket # Etape 3b : Deploiement sur sonic via Docker socket
@@ -98,6 +104,16 @@ steps:
docker exec sonic-acme-1 cp /etc/acme.sh/$DOMAIN/$DOMAIN.key /host/certs/$DOMAIN-key.pem docker exec sonic-acme-1 cp /etc/acme.sh/$DOMAIN/$DOMAIN.key /host/certs/$DOMAIN-key.pem
echo "Cert TLS: /host/certs/$DOMAIN-cert.pem OK (acme exit $ACME_EXIT)" echo "Cert TLS: /host/certs/$DOMAIN-cert.pem OK (acme exit $ACME_EXIT)"
# --- Mise a jour KV Fabio ---
# Sous-cle fabio/config/$PROJECT pour coexister avec les autres projets sans les ecraser
# IP relue apres docker compose up (nouvelle stack = nouvelle IP Docker)
CTOK=$(cat .consul_token)
IP=$(docker inspect "$PROJECT-app" --format '{{(index .NetworkSettings.Networks "sonic").IPAddress}}')
ROUTES=$(printf 'route add %s %s/* http://%s:80/\nroute add %s %s:443/* http://%s:80/' \
"$PROJECT" "$DOMAIN" "$IP" "$PROJECT" "$DOMAIN" "$IP")
docker exec sonic-consul env CONSUL_HTTP_TOKEN="$CTOK" consul kv put "fabio/config/$PROJECT" "$ROUTES"
echo "KV Fabio: fabio/config/$PROJECT -> $IP:80"
# Etape 4 : Configuration post-deploiement (SSL, cache) # Etape 4 : Configuration post-deploiement (SSL, cache)
# Attend la fin de l'installation PrestaShop (ps_configuration initialisee), # Attend la fin de l'installation PrestaShop (ps_configuration initialisee),
# puis active SSL dans la DB (PrestaShop genere des URLs https:// grace a X-Forwarded-Proto:https de Fabio) # puis active SSL dans la DB (PrestaShop genere des URLs https:// grace a X-Forwarded-Proto:https de Fabio)