disinto-admin/disinto
1
0
Fork 0
Code Issues 17 Pull requests Projects Releases Packages Wiki Activity Actions

fix: [nomad-step-3] S3.4 — wire --with woodpecker + deploy ordering + OAuth seed (#937)
Some checks failed
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/push/nomad-validate Pipeline failed
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
ci/woodpecker/pr/nomad-validate Pipeline failed
Details
ci/woodpecker/pr/smoke-init Pipeline was successful
Details

Browse source
This commit is contained in:
Agent 2026-04-17 06:14:30 +00:00
parent 3409c1b43c
commit a17cf5ec41
1 changed files with 69 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

85
bin/disinto
View file

@ -82,7 +82,7 @@ Init options:
--ci-id <n> Woodpecker CI repo ID (default: 0 = no CI)
--forge-url <url> Forge base URL (default: http://localhost:3000)
--backend <value> Orchestration backend: docker (default) | nomad
--with <services> (nomad) Deploy services: forgejo[,...] (S1.3)
--with <services> (nomad) Deploy services: forgejo,woodpecker-server,woodpecker-agent[,...] (S1.3, S3.4)
--empty (nomad) Bring up cluster only, no jobs (S0.4)
--bare Skip compose generation (bare-metal setup)
--build Use local docker build instead of registry images (dev mode)
@ -783,6 +783,27 @@ _disinto_init_nomad() {
fi
if [ -n "$with_services" ]; then
# Normalize services: auto-include forgejo when woodpecker is requested
# (woodpecker without forgejo is nonsensical)
local normalized_services="$with_services"
if echo "$with_services" | grep -q "woodpecker" && ! echo "$with_services" | grep -q "forgejo"; then
echo "Note: --with woodpecker implies --with forgejo (OAuth dependency)"
normalized_services="forgejo,${with_services}"
fi
# Define deployment order: forgejo -> woodpecker-server -> woodpecker-agent
# Only include services that are requested (after normalization)
local DEPLOY_ORDER=""
for ordered_svc in forgejo woodpecker-server woodpecker-agent; do
if echo ",$normalized_services," | grep -q ",$ordered_svc,"; then
if [ -z "$DEPLOY_ORDER" ]; then
DEPLOY_ORDER="$ordered_svc"
else
DEPLOY_ORDER="$DEPLOY_ORDER $ordered_svc"
fi
fi
done
# Vault seed plan (S2.6, #928): one line per service whose
# tools/vault-seed-<svc>.sh ships. Services without a seeder are
# silently skipped — the real-run loop below mirrors this,
@ -791,7 +812,7 @@ _disinto_init_nomad() {
# any further change to bin/disinto.
local seed_hdr_printed=false
local IFS=','
for svc in $with_services; do
for svc in $normalized_services; do
svc=$(echo "$svc" | xargs) # trim whitespace
local seed_script="${FACTORY_ROOT}/tools/vault-seed-${svc}.sh"
if [ -x "$seed_script" ]; then
@ -805,14 +826,14 @@ _disinto_init_nomad() {
[ "$seed_hdr_printed" = true ] && echo ""
echo "── Deploy services dry-run ────────────────────────────"
echo "[deploy] services to deploy: ${with_services}"
for svc in $with_services; do
svc=$(echo "$svc" | xargs) # trim whitespace
echo "[deploy] services to deploy: ${normalized_services}"
echo "[deploy] deployment order: ${DEPLOY_ORDER}"
for svc in $DEPLOY_ORDER; do
# Validate known services first
case "$svc" in
forgejo) ;;
forgejo|woodpecker-server|woodpecker-agent) ;;
*)
echo "Error: unknown service '${svc}' — known: forgejo" >&2
echo "Error: unknown service '${svc}' — known: forgejo, woodpecker-server, woodpecker-agent" >&2
exit 1
;;
esac
@ -936,9 +957,15 @@ _disinto_init_nomad() {
# `env_keep` (VAULT_ADDR is not). Using `env` as the actual command
# sets VAULT_ADDR in the child process regardless of sudoers policy.
if [ -n "$with_services" ]; then
# Normalize services: auto-include forgejo when woodpecker is requested
local normalized_services="$with_services"
if echo "$with_services" | grep -q "woodpecker" && ! echo "$with_services" | grep -q "forgejo"; then
normalized_services="forgejo,${with_services}"
fi
local vault_addr="${VAULT_ADDR:-http://127.0.0.1:8200}"
local IFS=','
for svc in $with_services; do
for svc in $normalized_services; do
svc=$(echo "$svc" | xargs) # trim whitespace
local seed_script="${FACTORY_ROOT}/tools/vault-seed-${svc}.sh"
if [ -x "$seed_script" ]; then
@ -959,22 +986,42 @@ _disinto_init_nomad() {
# Deploy services if requested
if [ -n "$with_services" ]; then
# Normalize services: auto-include forgejo when woodpecker is requested
# (woodpecker without forgejo is nonsensical)
local normalized_services="$with_services"
if echo "$with_services" | grep -q "woodpecker" && ! echo "$with_services" | grep -q "forgejo"; then
echo "Note: --with woodpecker implies --with forgejo (OAuth dependency)"
normalized_services="forgejo,${with_services}"
fi
# Define deployment order: forgejo -> woodpecker-server -> woodpecker-agent
# Only include services that are requested (after normalization)
local DEPLOY_ORDER=""
for ordered_svc in forgejo woodpecker-server woodpecker-agent; do
if echo ",$normalized_services," | grep -q ",$ordered_svc,"; then
if [ -z "$DEPLOY_ORDER" ]; then
DEPLOY_ORDER="$ordered_svc"
else
DEPLOY_ORDER="$DEPLOY_ORDER $ordered_svc"
fi
fi
done
echo ""
echo "── Deploying services ─────────────────────────────────"
local -a deploy_cmd=("$deploy_sh")
# Split comma-separated service list into positional args
local IFS=','
for svc in $with_services; do
svc=$(echo "$svc" | xargs) # trim whitespace
# Split comma-separated service list into positional args (in deploy order)
local IFS=' '
for svc in $DEPLOY_ORDER; do
if ! echo "$svc" | grep -qE '^[a-zA-Z0-9_-]+$'; then
echo "Error: invalid service name '${svc}' — must match ^[a-zA-Z0-9_-]+$" >&2
exit 1
fi
# Validate known services FIRST (before jobspec check)
case "$svc" in
forgejo) ;;
forgejo|woodpecker-server|woodpecker-agent) ;;
*)
echo "Error: unknown service '${svc}' — known: forgejo" >&2
echo "Error: unknown service '${svc}' — known: forgejo, woodpecker-server, woodpecker-agent" >&2
exit 1
;;
esac
@ -1011,10 +1058,16 @@ _disinto_init_nomad() {
else
echo "Imported: (none — seed kv/disinto/* manually before deploying secret-dependent services)"
fi
echo "Deployed: ${with_services}"
if echo "$with_services" | grep -q "forgejo"; then
echo "Deployed: ${normalized_services}"
if echo "$normalized_services" | grep -q "forgejo"; then
echo "Ports: forgejo: 3000"
fi
if echo "$normalized_services" | grep -q "woodpecker-server"; then
echo " woodpecker-server: 8000"
fi
if echo "$normalized_services" | grep -q "woodpecker-agent"; then
echo " woodpecker-agent: (agent connected)"
fi
echo "────────────────────────────────────────────────────────"
fi