213 lines
6.6 KiB
Bash
213 lines
6.6 KiB
Bash
#!/usr/bin/env bash
|
|
set -Eeuo pipefail
|
|
|
|
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
ENV_FILE="${ENV_FILE:-$ROOT_DIR/.env.azure}"
|
|
|
|
log() {
|
|
echo "==> $*"
|
|
}
|
|
|
|
fail() {
|
|
echo "Chyba: $*" >&2
|
|
exit 1
|
|
}
|
|
|
|
if [[ ! -f "$ENV_FILE" ]]; then
|
|
echo "Chýba $ENV_FILE"
|
|
echo "uprav ACR_NAME, PG_SERVER a PG_PASSWORD."
|
|
exit 1
|
|
fi
|
|
|
|
set -a
|
|
# shellcheck disable=SC1090
|
|
source "$ENV_FILE"
|
|
set +a
|
|
|
|
: "${RG_NAME:?Missing RG_NAME}"
|
|
: "${LOCATION:?Missing LOCATION}"
|
|
: "${CONTAINERAPPS_ENV:?Missing CONTAINERAPPS_ENV}"
|
|
: "${ACR_NAME:?Missing ACR_NAME}"
|
|
: "${FRONTEND_APP:?Missing FRONTEND_APP}"
|
|
: "${BACKEND_APP:?Missing BACKEND_APP}"
|
|
: "${PG_SERVER:?Missing PG_SERVER}"
|
|
: "${PG_DB:?Missing PG_DB}"
|
|
: "${PG_ADMIN:?Missing PG_ADMIN}"
|
|
: "${PG_PASSWORD:?Missing PG_PASSWORD}"
|
|
: "${FRONTEND_IMAGE:=zkt-frontend:latest}"
|
|
: "${BACKEND_IMAGE:=zkt-backend:latest}"
|
|
|
|
|
|
log "Kontrola Azure Container Apps rozsirenia a resource providerov"
|
|
az extension add --name containerapp --upgrade --yes >/dev/null
|
|
az provider register --namespace Microsoft.App --wait >/dev/null
|
|
az provider register --namespace Microsoft.ContainerRegistry --wait >/dev/null
|
|
az provider register --namespace Microsoft.DBforPostgreSQL --wait >/dev/null
|
|
az provider register --namespace Microsoft.OperationalInsights --wait >/dev/null
|
|
|
|
log "Vytvaram alebo kontrolujem resource group: $RG_NAME ($LOCATION)"
|
|
az group create --name "$RG_NAME" --location "$LOCATION" >/dev/null
|
|
|
|
if ! az acr show --name "$ACR_NAME" --resource-group "$RG_NAME" >/dev/null 2>&1; then
|
|
log "Vytvaram Azure Container Registry: $ACR_NAME"
|
|
az acr create \
|
|
--resource-group "$RG_NAME" \
|
|
--name "$ACR_NAME" \
|
|
--sku Basic \
|
|
--admin-enabled true >/dev/null
|
|
else
|
|
log "ACR uz existuje: $ACR_NAME"
|
|
az acr update \
|
|
--name "$ACR_NAME" \
|
|
--resource-group "$RG_NAME" \
|
|
--admin-enabled true >/dev/null
|
|
fi
|
|
|
|
ACR_LOGIN_SERVER="$(az acr show --name "$ACR_NAME" --resource-group "$RG_NAME" --query loginServer -o tsv)"
|
|
ACR_PASSWORD="$(az acr credential show --name "$ACR_NAME" --resource-group "$RG_NAME" --query 'passwords[0].value' -o tsv)"
|
|
|
|
log "Build a push backend image do ACR"
|
|
az acr build --registry "$ACR_NAME" --image "$BACKEND_IMAGE" "$ROOT_DIR/backend"
|
|
|
|
log "Build a push frontend image do ACR"
|
|
az acr build --registry "$ACR_NAME" --image "$FRONTEND_IMAGE" "$ROOT_DIR/frontend"
|
|
|
|
if ! az postgres flexible-server show --resource-group "$RG_NAME" --name "$PG_SERVER" >/dev/null 2>&1; then
|
|
log "Vytvaram Azure Database for PostgreSQL Flexible Server: $PG_SERVER"
|
|
az postgres flexible-server create \
|
|
--resource-group "$RG_NAME" \
|
|
--name "$PG_SERVER" \
|
|
--location "$LOCATION" \
|
|
--admin-user "$PG_ADMIN" \
|
|
--admin-password "$PG_PASSWORD" \
|
|
--sku-name Standard_B1ms \
|
|
--tier Burstable \
|
|
--storage-size 32 \
|
|
--version 16 \
|
|
--public-access 0.0.0.0 \
|
|
--backup-retention 7 \
|
|
--yes >/dev/null
|
|
else
|
|
log "PostgreSQL server už existuje: $PG_SERVER"
|
|
fi
|
|
|
|
log "Nastavujem firewall pravidlo pre Azure služby k PostgreSQL"
|
|
az postgres flexible-server firewall-rule create \
|
|
--resource-group "$RG_NAME" \
|
|
--name "$PG_SERVER" \
|
|
--rule-name allowazureservices \
|
|
--start-ip-address 0.0.0.0 \
|
|
--end-ip-address 0.0.0.0 >/dev/null 2>&1 || true
|
|
|
|
log "Kontrolujem alebo vytvaram databazu: $PG_DB"
|
|
DB_READY="false"
|
|
for i in {1..18}; do
|
|
if az postgres flexible-server db show \
|
|
--resource-group "$RG_NAME" \
|
|
--server-name "$PG_SERVER" \
|
|
--database-name "$PG_DB" >/dev/null 2>&1; then
|
|
log "Databaza uz existuje: $PG_DB"
|
|
DB_READY="true"
|
|
break
|
|
fi
|
|
|
|
if az postgres flexible-server db create \
|
|
--resource-group "$RG_NAME" \
|
|
--server-name "$PG_SERVER" \
|
|
--database-name "$PG_DB" >/dev/null 2>&1; then
|
|
log "Databaza vytvorena: $PG_DB"
|
|
DB_READY="true"
|
|
break
|
|
fi
|
|
|
|
log "PostgreSQL ešte nemusi byt pripraveny, cakam a skusam znova ($i/18)..."
|
|
sleep 10
|
|
done
|
|
|
|
if [[ "$DB_READY" != "true" ]]; then
|
|
fail "Nepodarilo sa vytvorit alebo overit databazu $PG_DB. Skontroluj PostgreSQL server a firewall."
|
|
fi
|
|
|
|
if ! az containerapp env show --name "$CONTAINERAPPS_ENV" --resource-group "$RG_NAME" >/dev/null 2>&1; then
|
|
log "Vytvaram Container Apps environment: $CONTAINERAPPS_ENV"
|
|
az containerapp env create \
|
|
--name "$CONTAINERAPPS_ENV" \
|
|
--resource-group "$RG_NAME" \
|
|
--location "$LOCATION" >/dev/null
|
|
else
|
|
log "Container Apps environment už existuje: $CONTAINERAPPS_ENV"
|
|
fi
|
|
|
|
delete_containerapp_if_exists() {
|
|
local app_name="$1"
|
|
|
|
if az containerapp show --name "$app_name" --resource-group "$RG_NAME" >/dev/null 2>&1; then
|
|
log "Mažem existujúcu Container App: $app_name"
|
|
az containerapp delete --name "$app_name" --resource-group "$RG_NAME" --yes >/dev/null
|
|
fi
|
|
}
|
|
|
|
log "Nasadzujem backend ako internu Container App"
|
|
delete_containerapp_if_exists "$BACKEND_APP"
|
|
az containerapp create \
|
|
--name "$BACKEND_APP" \
|
|
--resource-group "$RG_NAME" \
|
|
--environment "$CONTAINERAPPS_ENV" \
|
|
--image "$ACR_LOGIN_SERVER/$BACKEND_IMAGE" \
|
|
--target-port 5000 \
|
|
--ingress internal \
|
|
--transport auto \
|
|
--registry-server "$ACR_LOGIN_SERVER" \
|
|
--registry-username "$ACR_NAME" \
|
|
--registry-password "$ACR_PASSWORD" \
|
|
--min-replicas 1 \
|
|
--max-replicas 1 \
|
|
--cpu 0.25 \
|
|
--memory 0.5Gi \
|
|
--secrets db-password="$PG_PASSWORD" \
|
|
--env-vars \
|
|
DB_HOST="$PG_SERVER.postgres.database.azure.com" \
|
|
DB_PORT=5432 \
|
|
DB_NAME="$PG_DB" \
|
|
DB_USER="$PG_ADMIN" \
|
|
DB_PASSWORD=secretref:db-password \
|
|
DB_SSLMODE=require \
|
|
APP_PORT=5000 >/dev/null
|
|
|
|
log "Nasadzujem frontend ako verejnú Container App"
|
|
delete_containerapp_if_exists "$FRONTEND_APP"
|
|
az containerapp create \
|
|
--name "$FRONTEND_APP" \
|
|
--resource-group "$RG_NAME" \
|
|
--environment "$CONTAINERAPPS_ENV" \
|
|
--image "$ACR_LOGIN_SERVER/$FRONTEND_IMAGE" \
|
|
--target-port 80 \
|
|
--ingress external \
|
|
--transport auto \
|
|
--registry-server "$ACR_LOGIN_SERVER" \
|
|
--registry-username "$ACR_NAME" \
|
|
--registry-password "$ACR_PASSWORD" \
|
|
--min-replicas 1 \
|
|
--max-replicas 1 \
|
|
--cpu 0.25 \
|
|
--memory 0.5Gi \
|
|
--env-vars BACKEND_URL="http://$BACKEND_APP" >/dev/null
|
|
|
|
FRONTEND_FQDN="$(az containerapp show --name "$FRONTEND_APP" --resource-group "$RG_NAME" --query 'properties.configuration.ingress.fqdn' -o tsv)"
|
|
|
|
cat <<MSG
|
|
|
|
Hotovo. Aplikacia je dostupna cez HTTPS:
|
|
https://$FRONTEND_FQDN
|
|
|
|
Health check:
|
|
https://$FRONTEND_FQDN/api/health
|
|
|
|
Test v terminali:
|
|
curl -i https://$FRONTEND_FQDN/api/health
|
|
|
|
Ak frontend stale hlasi problem s backendom, teba skontrolovat logy:
|
|
az containerapp logs show --name $BACKEND_APP --resource-group $RG_NAME --follow
|
|
az containerapp logs show --name $FRONTEND_APP --resource-group $RG_NAME --follow
|
|
MSG
|