forked from baron/baron-sso
테스트 개선 및 프로덕션 배포준비
This commit is contained in:
@@ -23,8 +23,8 @@ host_from_url() {
|
||||
|
||||
require_env IMAGE_TAG
|
||||
require_env IMAGE_DEPLOY_ENV
|
||||
require_env IMAGE_DEPLOY_PORT_PREFIX
|
||||
require_env IMAGE_DEPLOY_PUBLIC_URL
|
||||
require_env IMAGE_DEPLOY_BACKEND_PORT
|
||||
require_env ADMINFRONT_URL
|
||||
require_env DEVFRONT_URL
|
||||
require_env ORGFRONT_URL
|
||||
@@ -50,26 +50,43 @@ case "$IMAGE_DEPLOY_ENV" in
|
||||
esac
|
||||
|
||||
instance_name="${IMAGE_DEPLOY_INSTANCE_NAME:-$default_instance_name}"
|
||||
port_prefix="${IMAGE_DEPLOY_PORT_PREFIX:-${IMAGE_DEPLOY_BACKEND_PORT%???}}"
|
||||
[[ -n "$port_prefix" ]] || die "IMAGE_DEPLOY_PORT_PREFIX is empty and could not be derived from IMAGE_DEPLOY_BACKEND_PORT."
|
||||
bundle_dir="${IMAGE_DEPLOY_BUNDLE_DIR:-$PWD/${instance_name}-image-deploy-bundle}"
|
||||
bundle_file="${IMAGE_DEPLOY_BUNDLE_FILE:-$PWD/${instance_name}-image-deploy-bundle.tgz}"
|
||||
compose_template="${IMAGE_DEPLOY_COMPOSE_TEMPLATE:-$repo_root/deploy/templates/docker-compose.images.yaml}"
|
||||
|
||||
rm -rf "$bundle_dir"
|
||||
TARGET_DIR="$bundle_dir" bash "$repo_root/deploy/create-instance.sh" "$instance_name" "$IMAGE_DEPLOY_PORT_PREFIX"
|
||||
TARGET_DIR="$bundle_dir" bash "$repo_root/deploy/create-instance.sh" "$instance_name" "$port_prefix"
|
||||
cp "$compose_template" "$bundle_dir/docker-compose.yml"
|
||||
|
||||
sed "s/{{BACKEND_PORT}}/${IMAGE_DEPLOY_BACKEND_PORT}/g" \
|
||||
"$repo_root/deploy/templates/gateway/nginx.conf" >"$bundle_dir/gateway/nginx.conf"
|
||||
sed "s/{{BACKEND_PORT}}/${IMAGE_DEPLOY_BACKEND_PORT}/g" \
|
||||
"$repo_root/deploy/templates/ory/oathkeeper/rules.json" >"$bundle_dir/ory/templates/oathkeeper/rules.json"
|
||||
cp "$bundle_dir/ory/templates/oathkeeper/rules.json" "$bundle_dir/ory/templates/oathkeeper/rules.stage.json"
|
||||
cp "$bundle_dir/ory/templates/oathkeeper/rules.json" "$bundle_dir/ory/templates/oathkeeper/rules.prod.json"
|
||||
cp "$bundle_dir/ory/templates/oathkeeper/rules.json" "$bundle_dir/ory/templates/oathkeeper/rules.active.json"
|
||||
|
||||
public_host="$(host_from_url "$IMAGE_DEPLOY_PUBLIC_URL")"
|
||||
admin_host="$(host_from_url "$ADMINFRONT_URL")"
|
||||
dev_host="$(host_from_url "$DEVFRONT_URL")"
|
||||
org_host="$(host_from_url "$ORGFRONT_URL")"
|
||||
backend_log_level="${IMAGE_DEPLOY_BACKEND_LOG_LEVEL:-${BACKEND_LOG_LEVEL:-info}}"
|
||||
client_log_debug="${IMAGE_DEPLOY_CLIENT_LOG_DEBUG:-${CLIENT_LOG_DEBUG:-false}}"
|
||||
backend_public_url="${IMAGE_DEPLOY_BACKEND_PUBLIC_URL:-${BACKEND_PUBLIC_URL:-${BACKEND_URL:-$IMAGE_DEPLOY_PUBLIC_URL}}}"
|
||||
backend_url="${IMAGE_DEPLOY_BACKEND_URL:-${BACKEND_URL:-$backend_public_url}}"
|
||||
|
||||
cat >"$bundle_dir/.env" <<EOF
|
||||
INSTANCE_NAME=${instance_name}
|
||||
COMPOSE_PROJECT_NAME=baron-sso-${instance_name}
|
||||
APP_ENV=${app_env}
|
||||
BACKEND_LOG_LEVEL=${backend_log_level}
|
||||
CLIENT_LOG_DEBUG=${client_log_debug}
|
||||
VITE_CLIENT_LOG_DEBUG=${client_log_debug}
|
||||
TZ=Asia/Seoul
|
||||
SOURCE_ROOT=.
|
||||
P=${IMAGE_DEPLOY_PORT_PREFIX}
|
||||
P=${port_prefix}
|
||||
DB_PORT=${IMAGE_DEPLOY_DB_PORT}
|
||||
REDIS_PORT=${IMAGE_DEPLOY_REDIS_PORT}
|
||||
CLICKHOUSE_PORT_HTTP=${IMAGE_DEPLOY_CLICKHOUSE_PORT_HTTP}
|
||||
@@ -85,6 +102,8 @@ USERFRONT_URL=${IMAGE_DEPLOY_PUBLIC_URL}
|
||||
ADMINFRONT_URL=${ADMINFRONT_URL}
|
||||
DEVFRONT_URL=${DEVFRONT_URL}
|
||||
ORGFRONT_URL=${ORGFRONT_URL}
|
||||
BACKEND_PUBLIC_URL=${backend_public_url}
|
||||
BACKEND_URL=${backend_url}
|
||||
PUBLIC_HOST=${public_host}
|
||||
ADMINFRONT_HOST=${admin_host}
|
||||
DEVFRONT_HOST=${dev_host}
|
||||
@@ -106,9 +125,22 @@ HYDRA_CONSENT_URL=${IMAGE_DEPLOY_PUBLIC_URL}/consent
|
||||
HYDRA_ERROR_URL=${IMAGE_DEPLOY_PUBLIC_URL}/error
|
||||
HYDRA_REFRESH_TOKEN_TTL=${HYDRA_REFRESH_TOKEN_TTL}
|
||||
OATHKEEPER_PUBLIC_URL=${IMAGE_DEPLOY_PUBLIC_URL}
|
||||
OATHKEEPER_API_URL=${OATHKEEPER_API_URL:-}
|
||||
KETO_READ_URL=http://keto:4466
|
||||
KETO_WRITE_URL=http://keto:4467
|
||||
IDP_PROVIDER=ory
|
||||
WORKS_ADMIN_API_BASE_URL=${WORKS_ADMIN_API_BASE_URL:-}
|
||||
WORKS_ADMIN_OAUTH_TOKEN_URL=${WORKS_ADMIN_OAUTH_TOKEN_URL:-}
|
||||
PROFILE_CACHE_TTL=${PROFILE_CACHE_TTL:-}
|
||||
NAVER_CLOUD_ACCESS_KEY=${NAVER_CLOUD_ACCESS_KEY:-}
|
||||
NAVER_CLOUD_SECRET_KEY=${NAVER_CLOUD_SECRET_KEY:-}
|
||||
NAVER_CLOUD_SERVICE_ID=${NAVER_CLOUD_SERVICE_ID:-}
|
||||
NAVER_SENDER_PHONE_NUMBER=${NAVER_SENDER_PHONE_NUMBER:-}
|
||||
AWS_REGION=${AWS_REGION:-}
|
||||
AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-}
|
||||
AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-}
|
||||
AWS_SES_SENDER=${AWS_SES_SENDER:-}
|
||||
CORS_ALLOWED_ORIGINS=${CORS_ALLOWED_ORIGINS:-}
|
||||
DB_PASSWORD=${IMAGE_DEPLOY_DB_PASSWORD}
|
||||
ORY_POSTGRES_USER=${ORY_POSTGRES_USER}
|
||||
ORY_POSTGRES_PASSWORD=${IMAGE_DEPLOY_ORY_POSTGRES_PASSWORD}
|
||||
@@ -125,6 +157,8 @@ OATHKEEPER_UID=${OATHKEEPER_UID}
|
||||
OATHKEEPER_GID=${OATHKEEPER_GID}
|
||||
OATHKEEPER_INTROSPECT_CLIENT_ID=${OATHKEEPER_INTROSPECT_CLIENT_ID}
|
||||
OATHKEEPER_INTROSPECT_CLIENT_SECRET=${IMAGE_DEPLOY_OATHKEEPER_INTROSPECT_CLIENT_SECRET}
|
||||
CLICKHOUSE_HOST=${CLICKHOUSE_HOST:-clickhouse}
|
||||
CLICKHOUSE_USER=${CLICKHOUSE_USER:-baron}
|
||||
CLICKHOUSE_PASSWORD=${IMAGE_DEPLOY_CLICKHOUSE_PASSWORD}
|
||||
REDIS_ADDR=redis:6379
|
||||
COOKIE_SECRET=${IMAGE_DEPLOY_COOKIE_SECRET}
|
||||
@@ -146,6 +180,7 @@ required_dotenv_keys="
|
||||
APP_ENV IMAGE_TAG BACKEND_IMAGE_NAME USERFRONT_IMAGE_NAME ADMINFRONT_IMAGE_NAME DEVFRONT_IMAGE_NAME ORGFRONT_IMAGE_NAME
|
||||
USERFRONT_URL PUBLIC_HOST HYDRA_PUBLIC_URL VITE_OIDC_AUTHORITY TRAEFIK_PUBLIC_NETWORK
|
||||
DB_PASSWORD ORY_POSTGRES_PASSWORD COOKIE_SECRET JWT_SECRET CSRF_COOKIE_SECRET
|
||||
BACKEND_LOG_LEVEL CLIENT_LOG_DEBUG BACKEND_PUBLIC_URL BACKEND_URL CLICKHOUSE_HOST CLICKHOUSE_USER
|
||||
"
|
||||
for key in $required_dotenv_keys; do
|
||||
if ! grep -Eq "^${key}=.+" "$bundle_dir/.env"; then
|
||||
|
||||
Reference in New Issue
Block a user