Merge branch 'main' into allow-bastion-server

This commit is contained in:
David Heinemeier Hansson
2023-02-04 10:06:15 +01:00
committed by GitHub
44 changed files with 429 additions and 297 deletions

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/base"
class Mrsk::Commands::Accessory < Mrsk::Commands::Base
attr_reader :accessory_config
delegate :service_name, :image, :host, :port, :files, :directories, :env_args, :volume_args, :label_args, to: :accessory_config
@@ -10,7 +8,7 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
end
def run
docker :run,
docker :run,
"--name", service_name,
"-d",
"--restart", "unless-stopped",
@@ -33,6 +31,7 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
docker :ps, *service_filter
end
def logs(since: nil, lines: nil, grep: nil)
pipe \
docker(:logs, service_name, (" --since #{since}" if since), (" -n #{lines}" if lines), "-t", "2>&1"),
@@ -46,14 +45,15 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
).join(" ")
end
def exec(*command, interactive: false)
def execute_in_existing_container(*command, interactive: false)
docker :exec,
("-it" if interactive),
service_name,
*command
end
def run_exec(*command, interactive: false)
def execute_in_new_container(*command, interactive: false)
docker :run,
("-it" if interactive),
"--rm",
@@ -63,17 +63,18 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
*command
end
def execute_in_existing_container_over_ssh(*command)
run_over_ssh execute_in_existing_container(*command, interactive: true).join(" ")
end
def execute_in_new_container_over_ssh(*command)
run_over_ssh execute_in_new_container(*command, interactive: true).join(" ")
end
def run_over_ssh(command)
super command, host: host
end
def exec_over_ssh(*command)
run_over_ssh run_exec(*command, interactive: true).join(" ")
end
def bash
exec_over_ssh "bash"
end
def ensure_local_file_present(local_file)
if !local_file.is_a?(StringIO) && !Pathname.new(local_file).exist?

View File

@@ -1,9 +1,4 @@
require "mrsk/commands/base"
require "mrsk/commands/concerns/repository"
class Mrsk::Commands::App < Mrsk::Commands::Base
include Mrsk::Commands::Concerns::Repository
def run(role: :web)
role = config.role(role)
@@ -23,18 +18,15 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
docker :start, service_with_version
end
def current_container_id
docker :ps, "-q", *service_filter
end
def stop
pipe current_container_id, "xargs docker stop"
pipe current_container_id, xargs(docker(:stop))
end
def info
docker :ps, *service_filter
end
def logs(since: nil, lines: nil, grep: nil)
pipe \
current_container_id,
@@ -42,28 +34,6 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
("grep '#{grep}'" if grep)
end
def exec(*command, interactive: false)
docker :exec,
("-it" if interactive),
config.service_with_version,
*command
end
def run_exec(*command, interactive: false)
docker :run,
("-it" if interactive),
"--rm",
*rails_master_key_arg,
*config.env_args,
*config.volume_args,
config.absolute_image,
*command
end
def exec_over_ssh(*command, host:)
run_over_ssh run_exec(*command, interactive: true).join(" "), host: host
end
def follow_logs(host:, grep: nil)
run_over_ssh pipe(
current_container_id,
@@ -72,14 +42,57 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
).join(" "), host: host
end
def console(host:)
exec_over_ssh "bin/rails", "c", host: host
def execute_in_existing_container(*command, interactive: false)
docker :exec,
("-it" if interactive),
config.service_with_version,
*command
end
def bash(host:)
exec_over_ssh "bash", host: host
def execute_in_new_container(*command, interactive: false)
docker :run,
("-it" if interactive),
"--rm",
*rails_master_key_arg,
*config.env_args,
*config.volume_args,
config.absolute_image,
*command
end
def execute_in_existing_container_over_ssh(*command, host:)
run_over_ssh execute_in_existing_container(*command, interactive: true).join(" "), host: host
end
def execute_in_new_container_over_ssh(*command, host:)
run_over_ssh execute_in_new_container(*command, interactive: true).join(" "), host: host
end
def current_container_id
docker :ps, "-q", *service_filter
end
def container_id_for(container_name:)
docker :container, :ls, "-a", "-f", "name=#{container_name}", "-q"
end
def current_running_version
# FIXME: Find more graceful way to extract the version from "app-version" than using sed and tail!
pipe \
docker(:ps, "--filter", "label=service=#{config.service}", "--format", '"{{.Names}}"'),
%(sed 's/-/\\n/g'),
"tail -n 1"
end
def most_recent_version_from_available_images
pipe \
docker(:image, :ls, "--format", '"{{.Tag}}"', config.repository),
"head -n 1"
end
def list_containers
docker :container, :ls, "-a", *service_filter
end
@@ -87,7 +100,7 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
def remove_container(version:)
pipe \
container_id_for(container_name: service_with_version(version)),
docker(:container, :rm)
xargs(docker(:container, :rm))
end
def remove_containers
@@ -102,6 +115,7 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
docker :image, :prune, "-a", "-f", *service_filter
end
private
def service_with_version(version = nil)
if version

View File

@@ -0,0 +1,34 @@
require "active_support/core_ext/time/conversions"
class Mrsk::Commands::Auditor < Mrsk::Commands::Base
def record(line)
append \
[ :echo, tagged_line(line) ],
audit_log_file
end
def reveal
[ :tail, "-n", 50, audit_log_file ]
end
private
def audit_log_file
"mrsk-#{config.service}-audit.log"
end
def tagged_line(line)
"'#{tags} #{line}'"
end
def tags
"[#{timestamp}] [#{performer}]"
end
def performer
`whoami`.strip
end
def timestamp
Time.now.to_fs(:db)
end
end

View File

@@ -34,6 +34,14 @@ module Mrsk::Commands
combine *commands, by: "|"
end
def append(*commands)
combine *commands, by: ">>"
end
def xargs(command)
[ :xargs, command ].flatten
end
def docker(*args)
args.compact.unshift :docker
end

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/base"
class Mrsk::Commands::Builder < Mrsk::Commands::Base
delegate :create, :remove, :push, :pull, :info, to: :target
@@ -36,8 +34,3 @@ class Mrsk::Commands::Builder < Mrsk::Commands::Base
@multiarch_remote ||= Mrsk::Commands::Builder::Multiarch::Remote.new(config)
end
end
require "mrsk/commands/builder/native"
require "mrsk/commands/builder/native/remote"
require "mrsk/commands/builder/multiarch"
require "mrsk/commands/builder/multiarch/remote"

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/base"
class Mrsk::Commands::Builder::Base < Mrsk::Commands::Base
delegate :argumentize, to: Mrsk::Utils

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/builder/base"
class Mrsk::Commands::Builder::Multiarch < Mrsk::Commands::Builder::Base
def create
docker :buildx, :create, "--use", "--name", builder_name

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/builder/multiarch"
class Mrsk::Commands::Builder::Multiarch::Remote < Mrsk::Commands::Builder::Multiarch
def create
combine \

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/builder/base"
class Mrsk::Commands::Builder::Native < Mrsk::Commands::Builder::Base
def create
# No-op on native

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/builder/native"
class Mrsk::Commands::Builder::Native::Remote < Mrsk::Commands::Builder::Native
def create
chain \

View File

@@ -1,21 +0,0 @@
module Mrsk::Commands::Concerns
module Repository
def container_id_for(container_name:)
docker :container, :ls, "-a", "-f", "name=#{container_name}", "-q"
end
def current_running_version
# FIXME: Find more graceful way to extract the version from "app-version" than using sed and tail!
pipe \
docker(:ps, "--filter", "label=service=#{config.service}", "--format", '"{{.Names}}"'),
"sed 's/-/\n/g'",
"tail -n 1"
end
def most_recent_version_from_available_images
pipe \
docker(:image, :ls, "--format", '"{{.Tag}}"', config.repository),
"head -n 1"
end
end
end

View File

@@ -1,4 +1,3 @@
require "mrsk/commands/base"
require "active_support/duration"
require "active_support/core_ext/numeric/time"

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/base"
class Mrsk::Commands::Registry < Mrsk::Commands::Base
delegate :registry, to: :config

View File

@@ -1,5 +1,3 @@
require "mrsk/commands/base"
class Mrsk::Commands::Traefik < Mrsk::Commands::Base
def run
docker :run, "--name traefik",