fix(deploy): scope code queue image preflight
This commit is contained in:
+36
-31
@@ -1589,6 +1589,41 @@ function importK3sImageScript(service: UniDeskMicroserviceConfig): string {
|
||||
const image = buildImageTag(service);
|
||||
const archive = `/tmp/unidesk-${safeId(service.id)}-k3s-image.tar`;
|
||||
const manifest = `${targetWorkDir(service)}/${k8sManifestPath(service)}`;
|
||||
const codeQueueManifestPreflight = service.id === "code-queue"
|
||||
? [
|
||||
"if [ -f \"$manifest\" ]; then",
|
||||
" bad_manifest_images=$(python3 - \"$manifest\" \"$image\" <<'PY'",
|
||||
"import re, sys",
|
||||
"path, expected = sys.argv[1], sys.argv[2]",
|
||||
"required = {'code-queue','code-queue-read','code-queue-write','d601-provider-egress-proxy','d601-tcp-egress-gateway'}",
|
||||
"text = open(path, encoding='utf-8').read()",
|
||||
"bad = []",
|
||||
"seen = set()",
|
||||
"for doc in re.split(r'(?m)^---\\s*$', text):",
|
||||
" if not re.search(r'(?m)^kind:\\s*Deployment\\s*$', doc):",
|
||||
" continue",
|
||||
" match = re.search(r'(?ms)^metadata:\\s*$.*?^ name:\\s*([A-Za-z0-9_.-]+)\\s*$', doc)",
|
||||
" name = match.group(1) if match else ''",
|
||||
" if name not in required:",
|
||||
" continue",
|
||||
" seen.add(name)",
|
||||
" images = re.findall(r'(?m)^\\s*image:\\s*\"?([^\"\\s#]+)\"?', doc)",
|
||||
" if not images or any(image != expected for image in images):",
|
||||
" found = ','.join(images) if images else '<none>'",
|
||||
" bad.append(f'{name}:{found}')",
|
||||
"missing = sorted(required - seen)",
|
||||
"bad.extend(f'{name}:<missing>' for name in missing)",
|
||||
"print('\\n'.join(bad))",
|
||||
"PY",
|
||||
" )",
|
||||
" if [ -n \"$bad_manifest_images\" ]; then",
|
||||
" printf 'code_queue_manifest_image_preflight_failed image=%s\\n%s\\n' \"$image\" \"$bad_manifest_images\" >&2",
|
||||
" exit 1",
|
||||
" fi",
|
||||
" echo code_queue_manifest_image_preflight=ok image=$image",
|
||||
"fi",
|
||||
]
|
||||
: [];
|
||||
return [
|
||||
"set -euo pipefail",
|
||||
...rootAccessPrelude(),
|
||||
@@ -1596,37 +1631,7 @@ function importK3sImageScript(service: UniDeskMicroserviceConfig): string {
|
||||
`archive=${shellQuote(archive)}`,
|
||||
`manifest=${shellQuote(manifest)}`,
|
||||
"docker image inspect \"$image\" >/dev/null",
|
||||
"if [ -f \"$manifest\" ]; then",
|
||||
" bad_manifest_images=$(python3 - \"$manifest\" \"$image\" <<'PY'",
|
||||
"import re, sys",
|
||||
"path, expected = sys.argv[1], sys.argv[2]",
|
||||
"required = {'code-queue','code-queue-read','code-queue-write','d601-provider-egress-proxy','d601-tcp-egress-gateway'}",
|
||||
"text = open(path, encoding='utf-8').read()",
|
||||
"bad = []",
|
||||
"seen = set()",
|
||||
"for doc in re.split(r'(?m)^---\\s*$', text):",
|
||||
" if not re.search(r'(?m)^kind:\\s*Deployment\\s*$', doc):",
|
||||
" continue",
|
||||
" match = re.search(r'(?ms)^metadata:\\s*$.*?^ name:\\s*([A-Za-z0-9_.-]+)\\s*$', doc)",
|
||||
" name = match.group(1) if match else ''",
|
||||
" if name not in required:",
|
||||
" continue",
|
||||
" seen.add(name)",
|
||||
" images = re.findall(r'(?m)^\\s*image:\\s*\"?([^\"\\s#]+)\"?', doc)",
|
||||
" if not images or any(image != expected for image in images):",
|
||||
" found = ','.join(images) if images else '<none>'",
|
||||
" bad.append(f'{name}:{found}')",
|
||||
"missing = sorted(required - seen)",
|
||||
"bad.extend(f'{name}:<missing>' for name in missing)",
|
||||
"print('\\n'.join(bad))",
|
||||
"PY",
|
||||
" )",
|
||||
" if [ -n \"$bad_manifest_images\" ]; then",
|
||||
" printf 'code_queue_manifest_image_preflight_failed image=%s\\n%s\\n' \"$image\" \"$bad_manifest_images\" >&2",
|
||||
" exit 1",
|
||||
" fi",
|
||||
" echo code_queue_manifest_image_preflight=ok image=$image",
|
||||
"fi",
|
||||
...codeQueueManifestPreflight,
|
||||
"rm -f \"$archive\"",
|
||||
"docker save \"$image\" -o \"$archive\"",
|
||||
`root_exec ctr --address ${shellQuote(nativeK3sCtrAddress)} -n k8s.io images import "$archive"`,
|
||||
|
||||
Reference in New Issue
Block a user