Auto update

internetstandards · Oct 11, 2024 · 618f47f · 618f47f
1 parent 10b7dbe
commit 618f47f
Show file tree

Hide file tree

Showing 6 changed files with 87 additions and 1 deletion.
diff --git a/docker/cron/periodic/15min/auto_update b/docker/cron/periodic/15min/auto_update
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+set -e
+
+if [ -z "$AUTO_UPDATE_BRANCH" ];then
+  # auto update not configured
+  exit 0
+fi
+
+cd /opt/Internet.nl/
+
+# shellcheck disable=SC1091
+. docker/local.env
+
+CURRENT_SHA="$RELEASE"
+UPSTREAM_SHA="$(curl -sSLf "https://api.github.com/repos/internetstandards/Internet.nl/branches/$AUTO_UPDATE_BRANCH"| jq -r .commit.sha)"
+
+if [ "$CURRENT_SHA" = "$UPSTREAM_SHA" ];then
+  # no update available
+  exit 0
+fi
+
+env -i RELEASE="$UPSTREAM_SHA" docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env --profile update up --no-build update
diff --git a/docker/cron/update.sh b/docker/cron/update.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env sh
+
+set -e
+
+cd /opt/Internet.nl/
+
+echo "Updating to release: $RELEASE"
+
+curl --silent --show-error --fail --remote-name --location --max-redirs 0 --output-dir docker \
+  "https://raw.githubusercontent.com/internetstandards/Internet.nl/${RELEASE}/docker/defaults.env"
+curl --silent --show-error --fail --remote-name --location --max-redirs 0 --output-dir docker \
+  "https://raw.githubusercontent.com/internetstandards/Internet.nl/${RELEASE}/docker/docker-compose.yml"
+env -i RELEASE="$RELEASE" docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull
+env -i RELEASE="$RELEASE" docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
+
+echo "RELEASE=$RELEASE # auto-update: '$AUTO_UPDATE_BRANCH' $(date)" >> docker/local.env
+
+echo "Update completed"
diff --git a/docker/defaults.env b/docker/defaults.env
@@ -273,3 +273,7 @@ NGINX_PROXY_CACHE=default_cache
 
 # used to disable autoreload in CI
 DEVSERVER_ARGS=
+DEVSERVER_ARGS=
+
+# if configured will pull updates from this branch and automatically deploy them
+AUTO_UPDATE_BRANCH=
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
@@ -746,6 +746,33 @@ services:
 
     profiles:
       - cron
+  update:
+    image: ${DOCKER_IMAGE_CRON:-ghcr.io/internetstandards/cron:${INTERNETNL_VERSION}}
+    build:
+      context: ..
+      dockerfile: docker/cron.Dockerfile
+    environment:
+      - AUTO_UPDATE_BRANCH
+      - INTERNETNL_VERSION
+    command: /update.sh
+    # this container runs to completion and exits with 0
+    restart: on-failure
+    networks:
+      internal: {}
+      public-internet: {}
+
+    # configure internal Unbound service for resolving as Docker internal DNS server can be unreliable
+    dns: $IPV4_IP_RESOLVER_INTERNAL_PERMISSIVE
+    # also disable search domains and force default resolv settings
+    dns_search: [.]
+    dns_opt: ["ndots:0", "timeout:5", "attempts:2"]
+
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /opt/Internet.nl:/opt/Internet.nl
+
+    profiles:
+      - update
 
   grafana:
     image: ${DOCKER_IMAGE_GRAFANA:-${DOCKER_REGISTRY:-ghcr.io/internetstandards}/grafana:${RELEASE}}

diff --git a/docker/util.Dockerfile b/docker/util.Dockerfile
@@ -1,8 +1,9 @@
 FROM alpine:3.20
 
-RUN apk add --no-cache curl postgresql15 python3 py3-prometheus-client py3-requests jq docker-cli docker-cli-compose
+RUN apk add --no-cache curl postgresql15 python3 py3-prometheus-client py3-requests docker-cli docker-cli-compose
 
 COPY docker/cron/periodic /etc/periodic/
+COPY docker/cron/update.sh /update.sh
 
 COPY docker/deploy.sh /deploy.sh
 

diff --git a/documentation/Docker-deployment.md b/documentation/Docker-deployment.md
@@ -286,6 +286,19 @@ To update to the latest build of the Pull Request branch use:
 
 The `pull` command might sometimes fail with a timeout error. In that case just retry until it's working. Or check [Github Status](https://www.githubstatus.com) to see if Github is down again.
 
+### Auto update
+
+By setting the variable `AUTO_UPDATE_BRANCH` in the `/opt/Internet.nl/docker/local.env` to a branch, eg: `main`, auto upgrading will be enabled. The application will check every 15 minutes if there is a update available and deploy it automatically. This is useful for development/acceptance environments that want to stay up to date with a feature or the `main` branch. It is not recommended for production environments!
+
+Auto upgrades are performed by the `cron` container/service. Which triggers a container/service named `update` which will perform the update itself. Progress/errors can be viewed by inspecting the container's logs:
+
+    docker logs --follow internetnl-prod-update-1
+
+To manually kick off the update process use the following command:
+
+    docker compose --project-name=internetnl-prod exec cron /etc/periodic/15min/auto_update
+
+**notice**: the update logging will be cut-off at the end because the `cron` container/service will be restarted in the process. For the full logs see the `update` container/service logs, see above.
 ## Downgrading/rollback
 
 In essence downgrading is the same procedure as upgrading: determine the branch and release version, download those versions of the configuration files and pull in those versions of the images, after which everything is restarted to that version. For example, to roll back to version `1.7.0` run: