fix(swarm): Remove build directives and unsupported options for swarm
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Docker Swarm doesn't support build directives or security_opt. Images must be pre-built before deployment. Changes: - Created build-images.sh script to build all images - Updated deploy-swarm.sh to check for images and offer to build - Removed build: sections from docker-compose.swarm.yml - Removed security_opt: (not supported in swarm) - Services now reference pre-built images only Deployment workflow: 1. ./build-images.sh (build all images) 2. ./deploy-swarm.sh mosaic (deploy to swarm)
This commit is contained in:
43
build-images.sh
Executable file
43
build-images.sh
Executable file
@@ -0,0 +1,43 @@
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
# Mosaic Stack - Build Images for Swarm Deployment
|
||||
# This script builds all Docker images needed for the stack
|
||||
|
||||
echo "🔨 Building Mosaic Stack images for swarm deployment..."
|
||||
echo ""
|
||||
|
||||
# Build postgres with pgvector
|
||||
echo "📦 Building postgres..."
|
||||
docker build -t mosaic-stack-postgres:latest -f docker/postgres/Dockerfile docker/postgres/
|
||||
|
||||
# Build openbao
|
||||
echo "📦 Building openbao..."
|
||||
docker build -t mosaic-stack-openbao:latest -f docker/openbao/Dockerfile docker/openbao/
|
||||
|
||||
# Build API
|
||||
echo "📦 Building API..."
|
||||
docker build -t mosaic-stack-api:latest -f apps/api/Dockerfile . --build-arg NODE_ENV=production
|
||||
|
||||
# Build orchestrator
|
||||
echo "📦 Building orchestrator..."
|
||||
docker build -t mosaic-stack-orchestrator:latest -f apps/orchestrator/Dockerfile .
|
||||
|
||||
# Build web (using NEXT_PUBLIC_API_URL from .env if available)
|
||||
echo "📦 Building web..."
|
||||
if [ -f .env ]; then
|
||||
NEXT_PUBLIC_API_URL=$(grep "^NEXT_PUBLIC_API_URL=" .env | cut -d= -f2 || echo "https://api.mosaicstack.dev")
|
||||
else
|
||||
NEXT_PUBLIC_API_URL="https://api.mosaicstack.dev"
|
||||
fi
|
||||
docker build -t mosaic-stack-web:latest -f apps/web/Dockerfile . --build-arg NEXT_PUBLIC_API_URL="$NEXT_PUBLIC_API_URL"
|
||||
|
||||
echo ""
|
||||
echo "✅ All images built successfully!"
|
||||
echo ""
|
||||
echo "Built images:"
|
||||
docker images | grep mosaic-stack
|
||||
|
||||
echo ""
|
||||
echo "Next step:"
|
||||
echo " Deploy to swarm: ./deploy-swarm.sh mosaic"
|
||||
@@ -72,10 +72,33 @@ else
|
||||
echo "✅ traefik-public network already exists"
|
||||
fi
|
||||
|
||||
# Build images (optional - uncomment if you want to build before deploying)
|
||||
# echo ""
|
||||
# echo "🔨 Building images..."
|
||||
# docker compose -f $COMPOSE_FILE build
|
||||
# Check if images exist, offer to build if not
|
||||
echo ""
|
||||
echo "🔍 Checking if images are built..."
|
||||
IMAGES_MISSING=0
|
||||
for img in mosaic-stack-postgres mosaic-stack-openbao mosaic-stack-api mosaic-stack-orchestrator mosaic-stack-web; do
|
||||
if ! docker images --format "{{.Repository}}" | grep -q "^${img}$"; then
|
||||
echo " ⚠️ Missing: $img"
|
||||
IMAGES_MISSING=1
|
||||
fi
|
||||
done
|
||||
|
||||
if [ $IMAGES_MISSING -eq 1 ]; then
|
||||
echo ""
|
||||
echo "❌ Some images are missing. Build them first:"
|
||||
echo " ./build-images.sh"
|
||||
echo ""
|
||||
read -p "Build images now? [Y/n]: " BUILD_NOW
|
||||
BUILD_NOW=${BUILD_NOW:-Y}
|
||||
if [[ $BUILD_NOW =~ ^[Yy]$ ]]; then
|
||||
./build-images.sh || exit 1
|
||||
else
|
||||
echo "Aborting deployment. Build images first."
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "✅ All images are built"
|
||||
fi
|
||||
|
||||
# Deploy the stack
|
||||
echo ""
|
||||
|
||||
@@ -3,9 +3,7 @@ services:
|
||||
# PostgreSQL Database
|
||||
# ======================
|
||||
postgres:
|
||||
build:
|
||||
context: ./docker/postgres
|
||||
dockerfile: Dockerfile
|
||||
image: mosaic-stack-postgres:latest
|
||||
env_file: .env
|
||||
environment:
|
||||
POSTGRES_USER: ${POSTGRES_USER:-mosaic}
|
||||
@@ -58,9 +56,7 @@ services:
|
||||
# OpenBao Secrets Vault
|
||||
# ======================
|
||||
openbao:
|
||||
build:
|
||||
context: ./docker/openbao
|
||||
dockerfile: Dockerfile
|
||||
image: mosaic-stack-openbao:latest
|
||||
env_file: .env
|
||||
environment:
|
||||
OPENBAO_ADDR: ${OPENBAO_ADDR:-http://0.0.0.0:8200}
|
||||
@@ -230,11 +226,6 @@ services:
|
||||
# ======================
|
||||
api:
|
||||
image: mosaic-stack-api:latest
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./apps/api/Dockerfile
|
||||
args:
|
||||
- NODE_ENV=production
|
||||
env_file: .env
|
||||
environment:
|
||||
NODE_ENV: production
|
||||
@@ -278,9 +269,6 @@ services:
|
||||
# ======================
|
||||
orchestrator:
|
||||
image: mosaic-stack-orchestrator:latest
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./apps/orchestrator/Dockerfile
|
||||
env_file: .env
|
||||
user: "1000:1000"
|
||||
environment:
|
||||
@@ -305,8 +293,8 @@ services:
|
||||
start_period: 40s
|
||||
networks:
|
||||
- internal
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
# Note: security_opt not supported in swarm mode
|
||||
# Security hardening done via cap_drop/cap_add
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
@@ -322,11 +310,6 @@ services:
|
||||
# ======================
|
||||
web:
|
||||
image: mosaic-stack-web:latest
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./apps/web/Dockerfile
|
||||
args:
|
||||
- NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL:-http://localhost:3001}
|
||||
env_file: .env
|
||||
environment:
|
||||
NODE_ENV: production
|
||||
|
||||
Reference in New Issue
Block a user