mirror of https://github.com/coder/coder.git
chore: add continuous deployment for workspace proxies (#7364)
This commit is contained in:
parent
4b9621f9ae
commit
3b15234660
|
@ -487,14 +487,27 @@ jobs:
|
|||
|
||||
- name: Install Release
|
||||
run: |
|
||||
gcloud config set project coder-dogfood
|
||||
gcloud config set compute/zone us-central1-a
|
||||
gcloud compute scp ./build/coder_*_linux_amd64.deb coder:/tmp/coder.deb
|
||||
gcloud compute ssh coder -- sudo dpkg -i --force-confdef /tmp/coder.deb
|
||||
gcloud compute ssh coder -- sudo systemctl daemon-reload
|
||||
set -euo pipefail
|
||||
|
||||
- name: Start
|
||||
run: gcloud compute ssh coder -- sudo service coder restart
|
||||
regions=(
|
||||
# gcp-region-id instance-name systemd-service-name
|
||||
"us-central1-a coder coder"
|
||||
"australia-southeast1-b coder-sydney coder-proxy"
|
||||
"europe-west3-c coder-europe coder-proxy"
|
||||
"southamerica-east1-b coder-brazil coder-proxy"
|
||||
)
|
||||
|
||||
gcloud config set project coder-dogfood
|
||||
for region in "${regions[@]}"; do
|
||||
echo "::group::$region"
|
||||
set -- $region
|
||||
|
||||
gcloud config set compute/zone "$1"
|
||||
gcloud compute scp ./build/coder_*_linux_amd64.deb "$2":/tmp/coder.deb
|
||||
gcloud compute ssh "$2" -- /bin/sh -c "set -eux; sudo dpkg -i --force-confdef /tmp/coder.deb; sudo systemctl daemon-reload; sudo service '$3' restart"
|
||||
|
||||
echo "::endgroup::"
|
||||
done
|
||||
|
||||
- uses: actions/upload-artifact@v3
|
||||
with:
|
||||
|
|
|
@ -39,10 +39,10 @@ type WorkspaceProxyStatus struct {
|
|||
// A healthy report will have no errors. Warnings are not fatal.
|
||||
type ProxyHealthReport struct {
|
||||
// Errors are problems that prevent the workspace proxy from being healthy
|
||||
Errors []string
|
||||
Errors []string `json:"errors"`
|
||||
// Warnings do not prevent the workspace proxy from being healthy, but
|
||||
// should be addressed.
|
||||
Warnings []string
|
||||
Warnings []string `json:"warnings"`
|
||||
}
|
||||
|
||||
type WorkspaceProxy struct {
|
||||
|
|
|
@ -229,7 +229,7 @@ func New(ctx context.Context, opts *Options) (*Server, error) {
|
|||
s.AppServer.Attach(r)
|
||||
})
|
||||
|
||||
r.Get("/buildinfo", s.buildInfo)
|
||||
r.Get("/api/v2/buildinfo", s.buildInfo)
|
||||
r.Get("/healthz", func(w http.ResponseWriter, r *http.Request) { _, _ = w.Write([]byte("OK")) })
|
||||
// TODO: @emyrk should this be authenticated or debounced?
|
||||
r.Get("/healthz-report", s.healthReport)
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
[Unit]
|
||||
Description="Coder - external workspace proxy server"
|
||||
Documentation=https://coder.com/docs/coder-oss
|
||||
Requires=network-online.target
|
||||
After=network-online.target
|
||||
ConditionFileNotEmpty=/etc/coder.d/coder-proxy.env
|
||||
StartLimitIntervalSec=60
|
||||
StartLimitBurst=3
|
||||
|
||||
[Service]
|
||||
Type=notify
|
||||
EnvironmentFile=/etc/coder.d/coder-proxy.env
|
||||
User=coder
|
||||
Group=coder
|
||||
ProtectSystem=full
|
||||
PrivateTmp=yes
|
||||
PrivateDevices=yes
|
||||
SecureBits=keep-caps
|
||||
AmbientCapabilities=CAP_IPC_LOCK CAP_NET_BIND_SERVICE
|
||||
CacheDirectory=coder
|
||||
CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK CAP_NET_BIND_SERVICE
|
||||
KillSignal=SIGINT
|
||||
KillMode=mixed
|
||||
NoNewPrivileges=yes
|
||||
ExecStart=/usr/bin/coder proxy server
|
||||
Restart=on-failure
|
||||
RestartSec=5
|
||||
TimeoutStopSec=90
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -25,3 +25,5 @@ contents:
|
|||
type: "config|noreplace"
|
||||
- src: coder.service
|
||||
dst: /usr/lib/systemd/system/coder.service
|
||||
- src: coder-proxy.service
|
||||
dst: /usr/lib/systemd/system/coder-proxy.service
|
|
@ -84,9 +84,10 @@ cdroot
|
|||
temp_dir="$(TMPDIR="$(dirname "$input_file")" mktemp -d)"
|
||||
ln "$input_file" "$temp_dir/coder"
|
||||
ln "$(realpath coder.env)" "$temp_dir/"
|
||||
ln "$(realpath coder.service)" "$temp_dir/"
|
||||
ln "$(realpath preinstall.sh)" "$temp_dir/"
|
||||
ln "$(realpath scripts/nfpm.yaml)" "$temp_dir/"
|
||||
ln "$(realpath scripts/linux-pkg/coder-workspace-proxy.service)" "$temp_dir/"
|
||||
ln "$(realpath scripts/linux-pkg/coder.service)" "$temp_dir/"
|
||||
ln "$(realpath scripts/linux-pkg/nfpm.yaml)" "$temp_dir/"
|
||||
ln "$(realpath scripts/linux-pkg/preinstall.sh)" "$temp_dir/"
|
||||
|
||||
pushd "$temp_dir"
|
||||
GOARCH="$arch" CODER_VERSION="$version" nfpm package \
|
||||
|
|
|
@ -692,8 +692,8 @@ export interface ProvisionerJobLog {
|
|||
|
||||
// From codersdk/workspaceproxy.go
|
||||
export interface ProxyHealthReport {
|
||||
readonly Errors: string[]
|
||||
readonly Warnings: string[]
|
||||
readonly errors: string[]
|
||||
readonly warnings: string[]
|
||||
}
|
||||
|
||||
// From codersdk/workspaces.go
|
||||
|
|
Loading…
Reference in New Issue