coulomb/railiance-apps
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c7d49d3102e7cd6ab33f7c8c966a717cd27679d6
railiance-apps/Makefile

185 lines
8.9 KiB
Makefile
Raw Blame History

SHELL := /usr/bin/env bash
.DEFAULT_GOAL := help
VERGABE_RELEASE ?= vergabe-teilnahme
VERGABE_NAMESPACE ?= vergabe-teilnahme
VERGABE_CHART ?= charts/vergabe-teilnahme
VERGABE_VALUES ?= helm/vergabe-teilnahme-values.yaml
VERGABE_INGRESS ?= manifests/vergabe-teilnahme-ingress.yaml
VERGABE_DB_SECRET ?= vergabe-app-credentials
VERGABE_ENV_SECRET ?= vergabe-teilnahme-env
VERGABE_DB_USER ?= vergabe
VERGABE_DB_HOST ?= apps-pg-rw.databases
VERGABE_DB_PORT ?= 5432
VERGABE_DB_NAME ?= vergabe_db
INTER_HUB_RELEASE ?= inter-hub
INTER_HUB_NAMESPACE ?= inter-hub
INTER_HUB_CHART ?= charts/inter-hub
INTER_HUB_VALUES ?= helm/inter-hub-values.yaml
INTER_HUB_IMAGE_TAG ?=
INTER_HUB_BASE_URL ?= https://hub.coulomb.social
REUSE_RELEASE ?= reuse
REUSE_NAMESPACE ?= reuse
REUSE_CHART ?= charts/reuse-surface
REUSE_VALUES ?= helm/reuse-surface-values.yaml
REUSE_URL ?= https://reuse.coulomb.social
REUSE_CERTIFICATE ?= reuse-surface-tls
RAILIANCE01_KUBECONFIG ?= $(HOME)/.kube/config-hosteurope
INTER_HUB_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG)
REUSE_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG)
INTER_HUB_IMAGE_SET_ARG = $(if $(strip $(INTER_HUB_IMAGE_TAG)),--set image.tag=$(INTER_HUB_IMAGE_TAG),)
SOPS_SENTINEL ?=
DRY_RUN_CREATE_NAMESPACES ?= false
##@ Operator checks
check-tools: ## Check required operator tools and warn about optional diagnostics
tools/check-tools.sh
check-sops: ## Verify the local SOPS age key can decrypt SOPS_SENTINEL
SOPS_SENTINEL="$(SOPS_SENTINEL)" tools/check-sops.sh
k8s-server-dry-run: ## Server-side dry-run rendered Helm and committed manifests
DRY_RUN_CREATE_NAMESPACES=$(DRY_RUN_CREATE_NAMESPACES) tools/k8s-server-dry-run.sh
apps-pg-status: ## Check the shared apps-pg cnpg cluster
@if kubectl cnpg status apps-pg -n databases >/dev/null 2>&1; then \
kubectl cnpg status apps-pg -n databases; \
else \
echo "kubectl cnpg plugin not available; falling back to cnpg resources"; \
kubectl get cluster apps-pg -n databases; \
kubectl get pods -n databases -l cnpg.io/cluster=apps-pg; \
fi
check-railiance01-kubeconfig: ## Verify Railiance01 production kubeconfig exists
@test -r "$(RAILIANCE01_KUBECONFIG)" || { \
echo "Missing Railiance01 kubeconfig: $(RAILIANCE01_KUBECONFIG)" >&2; \
echo "Restore it with:" >&2; \
echo " ssh tegwick@92.205.62.239 'sudo cat /etc/rancher/k3s/k3s.yaml' | sed 's|127.0.0.1|92.205.62.239|' > $(RAILIANCE01_KUBECONFIG)" >&2; \
exit 1; \
}
check-inter-hub-image-tag: ## Require an explicit inter-hub image tag for production deploys
@test -n "$(INTER_HUB_IMAGE_TAG)" || { \
echo "Set INTER_HUB_IMAGE_TAG=<sha> for inter-hub production deploys." >&2; \
echo "Example: INTER_HUB_IMAGE_TAG=91037a4 make inter-hub-deploy" >&2; \
exit 1; \
}
##@ Vergabe Teilnahme
vergabe-dry-run: ## helm template render (no apply) for inspection
helm template $(VERGABE_RELEASE) $(VERGABE_CHART) \
--namespace $(VERGABE_NAMESPACE) \
-f $(VERGABE_VALUES)
vergabe-deploy: ## Deploy / upgrade vergabe-teilnahme Helm release
helm upgrade --install $(VERGABE_RELEASE) $(VERGABE_CHART) \
--namespace $(VERGABE_NAMESPACE) --create-namespace \
-f $(VERGABE_VALUES) --wait --timeout 3m
vergabe-ingress-deploy: ## Apply the vergabe-teilnahme ingress (whywhynot.de)
kubectl apply -f $(VERGABE_INGRESS)
vergabe-status: ## Show vergabe-teilnahme pod / svc / ingress / cert state
kubectl get pods,svc,ingress,certificate -n $(VERGABE_NAMESPACE) -l app.kubernetes.io/instance=$(VERGABE_RELEASE) --ignore-not-found
vergabe-migrate: ## Run Django migrations against the live deployment
kubectl exec -n $(VERGABE_NAMESPACE) deploy/$(VERGABE_RELEASE) -- python manage.py migrate --noinput
vergabe-seed: ## Run the idempotent seed command
kubectl exec -n $(VERGABE_NAMESPACE) deploy/$(VERGABE_RELEASE) -- python manage.py seed_dev
vergabe-superuser: ## Open an interactive shell for createsuperuser
kubectl exec -it -n $(VERGABE_NAMESPACE) deploy/$(VERGABE_RELEASE) -- python manage.py createsuperuser
vergabe-logs: ## Tail vergabe-teilnahme app logs
kubectl logs -n $(VERGABE_NAMESPACE) -l app.kubernetes.io/instance=$(VERGABE_RELEASE) -f --tail=50
vergabe-db-url-secret: ## Rebuild DATABASE_URL with a URL-encoded cnpg password
APP_NAMESPACE=$(VERGABE_NAMESPACE) \
APP_ENV_SECRET=$(VERGABE_ENV_SECRET) \
APP_DB_SECRET=$(VERGABE_DB_SECRET) \
APP_DB_USER=$(VERGABE_DB_USER) \
APP_DB_HOST=$(VERGABE_DB_HOST) \
APP_DB_PORT=$(VERGABE_DB_PORT) \
APP_DB_NAME=$(VERGABE_DB_NAME) \
tools/build-database-url-secret.sh
##@ Inter-Hub
inter-hub-dry-run: check-railiance01-kubeconfig ## helm template render (no apply) for inter-hub
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" helm template $(INTER_HUB_RELEASE) $(INTER_HUB_CHART) \
--namespace $(INTER_HUB_NAMESPACE) \
-f $(INTER_HUB_VALUES) $(INTER_HUB_IMAGE_SET_ARG)
inter-hub-deploy: check-railiance01-kubeconfig check-inter-hub-image-tag ## Deploy / upgrade inter-hub Helm release on Railiance01
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" helm upgrade --install $(INTER_HUB_RELEASE) $(INTER_HUB_CHART) \
--namespace $(INTER_HUB_NAMESPACE) --create-namespace \
-f $(INTER_HUB_VALUES) $(INTER_HUB_IMAGE_SET_ARG) --wait --timeout 5m
inter-hub-status: check-railiance01-kubeconfig ## Show inter-hub pod / svc / ingress / cert state on Railiance01
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" kubectl get pods,svc,ingress,certificate -n $(INTER_HUB_NAMESPACE) -l app=$(INTER_HUB_RELEASE) --ignore-not-found
inter-hub-release-info: check-railiance01-kubeconfig ## Show inter-hub Helm history, values, deployment, and pods
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" helm history $(INTER_HUB_RELEASE) -n $(INTER_HUB_NAMESPACE)
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" helm get values $(INTER_HUB_RELEASE) -n $(INTER_HUB_NAMESPACE)
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" kubectl describe deploy/$(INTER_HUB_RELEASE) -n $(INTER_HUB_NAMESPACE)
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" kubectl get pods -n $(INTER_HUB_NAMESPACE) -o wide
inter-hub-smoke: ## Verify public inter-hub v2 route and OpenAPI surface after rollout
@status="$$(curl -sS -o /tmp/inter-hub-api-v2-hubs.body -w "%{http_code}" "$(INTER_HUB_BASE_URL)/api/v2/hubs")"; \
if [ "$$status" != "401" ]; then \
echo "expected $(INTER_HUB_BASE_URL)/api/v2/hubs to return 401, got $$status" >&2; \
cat /tmp/inter-hub-api-v2-hubs.body >&2; \
exit 1; \
fi; \
echo "ok: /api/v2/hubs returned 401"
@tmp="$$(mktemp)"; \
trap 'rm -f "$$tmp"' EXIT; \
curl -fsS "$(INTER_HUB_BASE_URL)/openapi.json" > "$$tmp"; \
for route in /hubs /hub-capability-manifests /api-consumers /policy-scopes; do \
grep -q "$$route" "$$tmp" || { echo "missing OpenAPI route: $$route" >&2; exit 1; }; \
done; \
echo "ok: OpenAPI lists expected v2 resources"
inter-hub-logs: check-railiance01-kubeconfig ## Tail inter-hub app logs from Railiance01
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" kubectl logs -n $(INTER_HUB_NAMESPACE) -l app=$(INTER_HUB_RELEASE) -f --tail=50
##@ reuse-surface (reuse.coulomb.social)
reuse-dry-run: check-railiance01-kubeconfig ## helm template render (no apply) for reuse-surface
KUBECONFIG="$(REUSE_KUBECONFIG)" helm template $(REUSE_RELEASE) $(REUSE_CHART) \
--namespace $(REUSE_NAMESPACE) \
-f $(REUSE_VALUES)
reuse-deploy: check-railiance01-kubeconfig ## Deploy / upgrade reuse-surface Helm release on Railiance01
KUBECONFIG="$(REUSE_KUBECONFIG)" helm upgrade --install $(REUSE_RELEASE) $(REUSE_CHART) \
--namespace $(REUSE_NAMESPACE) --create-namespace \
-f $(REUSE_VALUES) --wait --timeout 5m
reuse-status: check-railiance01-kubeconfig ## Show reuse-surface pod / svc / ingress / cert state on Railiance01
KUBECONFIG="$(REUSE_KUBECONFIG)" kubectl get pods,svc,ingress,pvc,certificate -n $(REUSE_NAMESPACE) -l app.kubernetes.io/instance=$(REUSE_RELEASE) --ignore-not-found
reuse-smoke: check-railiance01-kubeconfig ## Verify reuse public health, repo list, and TLS certificate readiness
curl -fsS "$(REUSE_URL)/health"
curl -fsS "$(REUSE_URL)/v1/repos"
KUBECONFIG="$(REUSE_KUBECONFIG)" kubectl wait -n $(REUSE_NAMESPACE) --for=condition=Ready certificate/$(REUSE_CERTIFICATE) --timeout=30s
reuse-logs: check-railiance01-kubeconfig ## Tail reuse-surface service logs from Railiance01
KUBECONFIG="$(REUSE_KUBECONFIG)" kubectl logs -n $(REUSE_NAMESPACE) -l app.kubernetes.io/instance=$(REUSE_RELEASE) -f --tail=50
##@ Help
help: ## Show this help
@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m<target>\033[0m\n"} \
/^[a-zA-Z0-9_-]+:.*?##/ { printf " \033[36m%-20s\033[0m %s\n", $$1, $$2 } \
/^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) }' $(MAKEFILE_LIST)
.PHONY: check-tools check-sops k8s-server-dry-run apps-pg-status check-railiance01-kubeconfig check-inter-hub-image-tag vergabe-dry-run vergabe-deploy vergabe-ingress-deploy vergabe-status vergabe-migrate vergabe-seed vergabe-superuser vergabe-logs vergabe-db-url-secret inter-hub-dry-run inter-hub-deploy inter-hub-status inter-hub-release-info inter-hub-smoke inter-hub-logs reuse-dry-run reuse-deploy reuse-status reuse-smoke reuse-logs help
Reference in New Issue View Git Blame Copy Permalink