fix(deploy): scope code queue image preflight

This commit is contained in:
Codex
2026-05-19 04:17:15 +00:00
parent 69c406ed30
commit fe0daf4a3e
+36 -31
View File
@@ -1589,6 +1589,41 @@ function importK3sImageScript(service: UniDeskMicroserviceConfig): string {
const image = buildImageTag(service);
const archive = `/tmp/unidesk-${safeId(service.id)}-k3s-image.tar`;
const manifest = `${targetWorkDir(service)}/${k8sManifestPath(service)}`;
const codeQueueManifestPreflight = service.id === "code-queue"
? [
"if [ -f \"$manifest\" ]; then",
" bad_manifest_images=$(python3 - \"$manifest\" \"$image\" <<'PY'",
"import re, sys",
"path, expected = sys.argv[1], sys.argv[2]",
"required = {'code-queue','code-queue-read','code-queue-write','d601-provider-egress-proxy','d601-tcp-egress-gateway'}",
"text = open(path, encoding='utf-8').read()",
"bad = []",
"seen = set()",
"for doc in re.split(r'(?m)^---\\s*$', text):",
" if not re.search(r'(?m)^kind:\\s*Deployment\\s*$', doc):",
" continue",
" match = re.search(r'(?ms)^metadata:\\s*$.*?^ name:\\s*([A-Za-z0-9_.-]+)\\s*$', doc)",
" name = match.group(1) if match else ''",
" if name not in required:",
" continue",
" seen.add(name)",
" images = re.findall(r'(?m)^\\s*image:\\s*\"?([^\"\\s#]+)\"?', doc)",
" if not images or any(image != expected for image in images):",
" found = ','.join(images) if images else '<none>'",
" bad.append(f'{name}:{found}')",
"missing = sorted(required - seen)",
"bad.extend(f'{name}:<missing>' for name in missing)",
"print('\\n'.join(bad))",
"PY",
" )",
" if [ -n \"$bad_manifest_images\" ]; then",
" printf 'code_queue_manifest_image_preflight_failed image=%s\\n%s\\n' \"$image\" \"$bad_manifest_images\" >&2",
" exit 1",
" fi",
" echo code_queue_manifest_image_preflight=ok image=$image",
"fi",
]
: [];
return [
"set -euo pipefail",
...rootAccessPrelude(),
@@ -1596,37 +1631,7 @@ function importK3sImageScript(service: UniDeskMicroserviceConfig): string {
`archive=${shellQuote(archive)}`,
`manifest=${shellQuote(manifest)}`,
"docker image inspect \"$image\" >/dev/null",
"if [ -f \"$manifest\" ]; then",
" bad_manifest_images=$(python3 - \"$manifest\" \"$image\" <<'PY'",
"import re, sys",
"path, expected = sys.argv[1], sys.argv[2]",
"required = {'code-queue','code-queue-read','code-queue-write','d601-provider-egress-proxy','d601-tcp-egress-gateway'}",
"text = open(path, encoding='utf-8').read()",
"bad = []",
"seen = set()",
"for doc in re.split(r'(?m)^---\\s*$', text):",
" if not re.search(r'(?m)^kind:\\s*Deployment\\s*$', doc):",
" continue",
" match = re.search(r'(?ms)^metadata:\\s*$.*?^ name:\\s*([A-Za-z0-9_.-]+)\\s*$', doc)",
" name = match.group(1) if match else ''",
" if name not in required:",
" continue",
" seen.add(name)",
" images = re.findall(r'(?m)^\\s*image:\\s*\"?([^\"\\s#]+)\"?', doc)",
" if not images or any(image != expected for image in images):",
" found = ','.join(images) if images else '<none>'",
" bad.append(f'{name}:{found}')",
"missing = sorted(required - seen)",
"bad.extend(f'{name}:<missing>' for name in missing)",
"print('\\n'.join(bad))",
"PY",
" )",
" if [ -n \"$bad_manifest_images\" ]; then",
" printf 'code_queue_manifest_image_preflight_failed image=%s\\n%s\\n' \"$image\" \"$bad_manifest_images\" >&2",
" exit 1",
" fi",
" echo code_queue_manifest_image_preflight=ok image=$image",
"fi",
...codeQueueManifestPreflight,
"rm -f \"$archive\"",
"docker save \"$image\" -o \"$archive\"",
`root_exec ctr --address ${shellQuote(nativeK3sCtrAddress)} -n k8s.io images import "$archive"`,