root
/
unki
1
0
Fork 0
Code Issues 7 Pull Requests 1 Packages Projects Releases Wiki Activity

deployable

Browse Source
pull/1/head
plazmoid 3 years ago
parent a7b4b333a5
commit b247c8640d
10 changed files with 90 additions and 62 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 29
      Makefile.toml
  2. 2
      bin/u_agent/build.rs
  3. 2
      bin/u_server/src/u_server.rs
  4. 3
      images/integration-tests/u_db_entrypoint.sh
  5. 46
      integration/docker-compose.yml
  6. 33
      integration/docker_compose.py
  7. 0
      sample.env.private
  8. 19
      scripts/deploy.sh
  9. 11
      scripts/gen_certs.sh
  10. 5
      scripts/start_server.sh

29
Makefile.toml
Unescape View File

@ -17,11 +17,26 @@ script = "./scripts/build_musl_libs.sh"
command = "${CARGO}" command = "${CARGO}"
args = ["clean"] args = ["clean"]
[tasks.build] [tasks.cargo_build]
dependencies = ["build_static_libs"] dependencies = ["build_static_libs"]
command = "${CARGO}" command = "${CARGO}"
args = ["build", "--target", "${TARGET}", "${@}"] args = ["build", "--target", "${TARGET}", "${@}"]
[tasks.release_tasks]
script = '''
if [[ "${@}" =~ "release" ]]; then
echo "Stripping binaries..."
strip $(ls ./target/${TARGET}/release/u_* -1 | grep -v ".d")
echo "Creating symlink to release dir..."
ln -s ./target/${TARGET}/release ./release || true
fi
'''
[tasks.build]
dependencies = ["cargo_build", "release_tasks"]
command = "true"
args = []
[tasks.run] [tasks.run]
script = ''' script = '''
echo "Only integration tests are supported." echo "Only integration tests are supported."
@ -40,11 +55,13 @@ bash integration_tests.sh
[tasks.gen_schema] [tasks.gen_schema]
script = ''' script = '''
cd ./integration docker run --rm \
docker-compose up -d u_db_gen_schema --env-file=$PWD/.env \
echo "Waiting 10 sec..." --env-file=$PWD/.env.private \
sleep 10 -v $PWD:/unki \
docker-compose down -w /unki \
unki/u_db \
/unki/images/integration-tests/u_db_entrypoint.sh || true
''' '''
[tasks.test] [tasks.test]

2
bin/u_agent/build.rs
Unescape View File

@ -3,6 +3,6 @@ use std::path::PathBuf;
fn main() { fn main() {
let server_cert = PathBuf::from("../../certs/ca.crt"); let server_cert = PathBuf::from("../../certs/ca.crt");
if !server_cert.exists() { if !server_cert.exists() {
panic!("CA certificate doesn't exist. Create it first with certs/gen_certs.sh"); panic!("CA certificate doesn't exist. Create it first with scripts/gen_certs.sh");
} }
} }

2
bin/u_server/src/u_server.rs
Unescape View File

@ -43,7 +43,7 @@ fn init_logger() {
let logfile = OpenOptions::new() let logfile = OpenOptions::new()
.append(true) .append(true)
.create(true) .create(true)
.open(LOGFILE) .open(PathBuf::from("logs").join(LOGFILE))
.unwrap(); .unwrap();
let level = LevelFilter::Info; let level = LevelFilter::Info;
let loggers = vec![ let loggers = vec![

3
images/integration-tests/u_db_entrypoint.sh
Unescape View File

@ -3,4 +3,5 @@ set -m
export DATABASE_URL=postgres://${DB_USER}:${DB_PASSWORD}@127.0.0.1/${DB_NAME} export DATABASE_URL=postgres://${DB_USER}:${DB_PASSWORD}@127.0.0.1/${DB_NAME}
touch /unki/Cargo.toml touch /unki/Cargo.toml
/usr/local/bin/docker-entrypoint.sh postgres & /usr/local/bin/docker-entrypoint.sh postgres &
sleep 10 && diesel setup && diesel migration run && fg %1 sleep 10 && diesel setup && diesel migration run
[[ $1 == "svc" ]] && fg %1

46
integration/docker-compose.yml
Unescape View File

@ -10,15 +10,16 @@ services:
networks: networks:
- u_net - u_net
volumes: volumes:
- ../target/x86_64-unknown-linux-musl/release/u_server:/u_server - ../release/u_server:/unki/u_server
- ../certs:/unki/certs - ../certs:/unki/certs
- ../logs:/unki/logs
working_dir: /unki working_dir: /unki
command: /u_server command: /unki/u_server
depends_on: depends_on:
u_db: u_db:
condition: service_healthy condition: service_healthy
expose: ports:
- '63714' - 63714:63714
env_file: env_file:
- ../.env - ../.env
- ../.env.private - ../.env.private
@ -42,7 +43,7 @@ services:
working_dir: /unki working_dir: /unki
volumes: volumes:
- ../migrations:/unki/migrations - ../migrations:/unki/migrations
command: /unki/u_db_entrypoint.sh command: /unki/u_db_entrypoint.sh svc
healthcheck: healthcheck:
# test if db's port is open and db is created # test if db's port is open and db is created
test: ss -tlpn | grep 5432 && psql -lqt -U $${DB_USER} | grep -qw $${DB_NAME} test: ss -tlpn | grep 5432 && psql -lqt -U $${DB_USER} | grep -qw $${DB_NAME}
@ -50,37 +51,12 @@ services:
timeout: 5s timeout: 5s
retries: 3 retries: 3
u_db_gen_schema: u_agent:
image: unki/u_db
env_file:
- ../.env
- ../.env.private
working_dir: /unki
volumes:
- ../:/unki/
command: /unki/images/integration-tests/u_db_entrypoint.sh
u_agent_1:
image: unki/u_agent
networks:
- u_net
volumes:
- ../target/x86_64-unknown-linux-musl/release/u_agent:/u_agent
command: /u_agent u_server
env_file:
- ../.env
environment:
RUST_LOG: u_agent=debug
depends_on:
u_server:
condition: service_healthy
u_agent_2:
image: unki/u_agent image: unki/u_agent
networks: networks:
- u_net - u_net
volumes: volumes:
- ../target/x86_64-unknown-linux-musl/release/u_agent:/u_agent - ../release/u_agent:/u_agent
command: /u_agent u_server command: /u_agent u_server
env_file: env_file:
- ../.env - ../.env
@ -98,15 +74,13 @@ services:
- ~/.cargo/registry:/root/.cargo/registry - ~/.cargo/registry:/root/.cargo/registry
- ./:/tests/ - ./:/tests/
- ../certs:/certs - ../certs:/certs
- ../target/x86_64-unknown-linux-musl/release/u_panel:/u_panel - ../release/u_panel:/u_panel
- ../lib/u_lib:/lib/u_lib - ../lib/u_lib:/lib/u_lib
- ../lib/u_api_proc_macro:/lib/u_api_proc_macro - ../lib/u_api_proc_macro:/lib/u_api_proc_macro
working_dir: working_dir:
/tests/ /tests/
depends_on: depends_on:
u_agent_1: u_agent:
condition: service_started
u_agent_2:
condition: service_started condition: service_started
u_server: u_server:
condition: service_healthy condition: service_healthy

33
integration/docker_compose.py
Unescape View File

@ -6,58 +6,63 @@ from docker import docker, check_state, print_errors
class Compose: class Compose:
ALL_CONTAINERS = [ ALL_CONTAINERS = [
'u_agent_1', 'u_agent',
'u_agent_2',
'u_server', 'u_server',
'u_db', 'u_db',
'tests_runner', 'tests_runner',
] ]
def __init__(self): def __init__(self):
self.container_tpl = 'integration_%s_1' self.container_tpl = 'integration_%s_%d'
self.cmd_container = self.container_tpl % 'tests_runner' self.cmd_container = self.container_tpl % ('tests_runner', 1)
self.ALL_CONTAINERS = [self.container_tpl % c for c in self.ALL_CONTAINERS] self.ALL_CONTAINERS = [self.container_tpl % (c, 1) for c in self.ALL_CONTAINERS]
self.scaled_svc = {}
self.scale("u_agent", 2)
def scale(self, svc, count):
for c in range(1, count):
new_container = self.container_tpl % (svc, c + 1)
self.ALL_CONTAINERS.append(new_container)
self.scaled_svc[svc] = count
def _call(self, *args): def _call(self, *args):
subprocess.check_call([ cmd = [
'docker-compose', 'docker-compose',
'--no-ansi', '--no-ansi',
] + list(args) ] + list(args)
) log(f'Running docker-compose command: {cmd}')
subprocess.check_call(cmd)
def up(self): def up(self):
log('Instanciating cluster') log('Instanciating cluster')
self._call('up', '-d') scaled = [f"{k}={v}" for k, v in self.scaled_svc.items()]
log('Ok') if len(scaled) > 0:
scaled.insert(0, '--scale')
self._call('up', '-d', *scaled)
def down(self): def down(self):
log('Shutting down cluster') log('Shutting down cluster')
self._call('down') self._call('down')
log('Ok')
def stop(self): def stop(self):
log('Stopping cluster') log('Stopping cluster')
self._call('stop') self._call('stop')
log('Ok')
def run(self, cmd): def run(self, cmd):
container = self.cmd_container container = self.cmd_container
if isinstance(cmd, str): if isinstance(cmd, str):
cmd = shlex.split(cmd) cmd = shlex.split(cmd)
log(f'Running command "{cmd}" in container {container}')
result = docker([ result = docker([
'exec', 'exec',
'-ti', '-ti',
container container
] + cmd) ] + cmd)
log('Ok')
return result return result
def is_alive(self): def is_alive(self):
log('Check if all containers are alive') log('Check if all containers are alive')
errors = check_state(self.ALL_CONTAINERS) errors = check_state(self.ALL_CONTAINERS)
log('Check done')
if errors: if errors:
print_errors(errors) print_errors(errors)

0
.env.private.sample → sample.env.private
Unescape View File

19
scripts/deploy.sh
Unescape View File

@ -0,0 +1,19 @@
#!/bin/bash
set -xe
source $(dirname $0)/rootdir.sh #set ROOTDIR
SERVER="ortem"
REMOTE_DIR=/srv/usrv
REMOTE_PATH=$SERVER:$REMOTE_DIR
RSYNC="rsync -arzh --progress"
ssh $SERVER mkdir -p $REMOTE_DIR/{release,deploy}
$RSYNC $ROOTDIR/release/u_server $REMOTE_PATH/release/u_server
$RSYNC --exclude="*.sh" $ROOTDIR/certs/ $REMOTE_PATH/certs
$RSYNC $ROOTDIR/migrations/ $REMOTE_PATH/migrations
$RSYNC $ROOTDIR/.env* $REMOTE_PATH/
$RSYNC $ROOTDIR/integration/docker-compose.yml $REMOTE_PATH/deploy/
$RSYNC $ROOTDIR/images/integration-tests/u_db* $REMOTE_PATH/deploy/
$RSYNC $ROOTDIR/images/integration-tests/u_server.Dockerfile $REMOTE_PATH/deploy/
$RSYNC $ROOTDIR/scripts/start_server.sh $REMOTE_PATH/start_server.sh
ssh $SERVER "cd $REMOTE_DIR/deploy && ./start_server.sh"

11
certs/gen_certs.sh → scripts/gen_certs.sh
Unescape View File

@ -1,16 +1,23 @@
set -ex set -ex
DIR=. source $(dirname $0)/rootdir.sh #set ROOTDIR
DIR=$ROOTDIR/certs
V3_CFG=$DIR/v3.ext V3_CFG=$DIR/v3.ext
mkdir -p $DIR
cat > $V3_CFG << EOF cat > $V3_CFG << EOF
authorityKeyIdentifier=keyid,issuer authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign
subjectAltName = @alt_names
[alt_names]
DNS.1 = ortem.xyz
DNS.2 = u_server
EOF EOF
openssl req -x509 -newkey rsa:4096 -keyout $DIR/ca.key -out $DIR/ca.crt -nodes -days 365 -subj "/CN=root" openssl req -x509 -newkey rsa:4096 -keyout $DIR/ca.key -out $DIR/ca.crt -nodes -days 365 -subj "/CN=root"
openssl req -newkey rsa:4096 -keyout $DIR/alice.key -out $DIR/alice.csr -nodes -days 365 -subj "/CN=alice" openssl req -newkey rsa:4096 -keyout $DIR/alice.key -out $DIR/alice.csr -nodes -days 365 -subj "/CN=alice"
openssl req -newkey rsa:4096 -keyout $DIR/server.key -out $DIR/server.csr -nodes -days 365 -subj "/CN=u_server" openssl req -newkey rsa:4096 -keyout $DIR/server.key -out $DIR/server.csr -nodes -days 365 -subj "/CN=ortem.xyz"
openssl x509 -req -in $DIR/alice.csr -CA $DIR/ca.crt -CAkey $DIR/ca.key -out $DIR/alice.crt -set_serial 01 -days 365 -extfile $V3_CFG openssl x509 -req -in $DIR/alice.csr -CA $DIR/ca.crt -CAkey $DIR/ca.key -out $DIR/alice.crt -set_serial 01 -days 365 -extfile $V3_CFG
openssl x509 -req -in $DIR/server.csr -CA $DIR/ca.crt -CAkey $DIR/ca.key -out $DIR/server.crt -set_serial 01 -days 365 -extfile $V3_CFG openssl x509 -req -in $DIR/server.csr -CA $DIR/ca.crt -CAkey $DIR/ca.key -out $DIR/server.crt -set_serial 01 -days 365 -extfile $V3_CFG
openssl pkcs12 -export -out $DIR/alice.p12 -inkey $DIR/alice.key -in $DIR/alice.crt -passin pass: -passout pass: openssl pkcs12 -export -out $DIR/alice.p12 -inkey $DIR/alice.key -in $DIR/alice.crt -passin pass: -passout pass:

5
scripts/start_server.sh
Unescape View File

@ -0,0 +1,5 @@
#!/bin/bash
docker build -t unki/u_db -f u_db.Dockerfile .
docker build -t unki/u_server -f u_server.Dockerfile .
docker-compose down
docker-compose up -d u_server
Write Preview
Loading…
Cancel
Save