fbec36cb67
Scaffold the course repo and author the full curriculum in dependency-chain order, following the settled build decisions in handoff.md. - Scaffold: course README, vendor-neutral AGENTS.md (dogfoods Module 5), _TEMPLATE.md (the fixed 9-section module shape), root .gitignore, ship config. - Modules 1-2: reference exemplars (locked for tone/depth/lab style). - Modules 3-27: full lessons + runnable labs, each following the template, respecting the chain, vendor/model-agnostic, with "feel the pain" labs. - Module 8 hosting comparison web-researched and date-stamped (as of 2026-06-22), not written from memory; expansion-zone modules carry Verify-before-publish. - Capstone: the full loop end to end on the running tasks-app example. Lab code syntax-checked (Python/shell/YAML); every module has the 7 core template sections. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01TfzV5QvtPDz8LJS3Pu5VLT
96 lines
3.5 KiB
Bash
96 lines
3.5 KiB
Bash
#!/usr/bin/env bash
|
|
#
|
|
# deploy.sh — the deploy step of CD, simulated with a local container run.
|
|
#
|
|
# The five steps of any deploy, provider-neutral (see the module README):
|
|
# 1. build/pull the specific image tag 4. health-check before trusting it
|
|
# 2. inject runtime config + secrets 5. cut over if healthy, ROLL BACK if not
|
|
# 3. start the new version
|
|
#
|
|
# The *target* here is your own machine instead of a server, but the logic is the real thing.
|
|
#
|
|
# Usage:
|
|
# ./deploy.sh <tag> # e.g. ./deploy.sh $(git rev-parse --short HEAD)
|
|
# BREAK=1 ./deploy.sh <tag># force the new version's health check to fail, to demo rollback
|
|
#
|
|
# Requires: docker (or `alias docker=podman`), curl.
|
|
|
|
set -euo pipefail
|
|
|
|
IMAGE="tasks-app"
|
|
CONTAINER="tasks-app"
|
|
PORT="8000"
|
|
STATE_FILE=".deploy-state" # records the last good tag, for rollback
|
|
TAG="${1:-$(git rev-parse --short HEAD)}"
|
|
|
|
say() { printf '\n=== %s\n' "$*"; }
|
|
|
|
# --- Step 1: build the artifact for this tag (in real CD this was already built+pushed by CI) -----
|
|
say "Building ${IMAGE}:${TAG}"
|
|
docker build -t "${IMAGE}:${TAG}" .
|
|
|
|
# Remember what is currently running so we can roll back to it.
|
|
PREVIOUS=""
|
|
if [ -f "${STATE_FILE}" ]; then
|
|
PREVIOUS="$(cat "${STATE_FILE}")"
|
|
fi
|
|
|
|
# --- Steps 2 + 3: start the new version with runtime config/secrets injected (Module 17) ----------
|
|
# Note: APP_VERSION is config supplied at run time, NOT baked into the image. A real deploy would
|
|
# also pass secrets here (e.g. --env-file, a mounted secret, or a secrets-manager lookup) — never
|
|
# committed, never in the image.
|
|
start_version() {
|
|
local tag="$1"
|
|
docker rm -f "${CONTAINER}" >/dev/null 2>&1 || true
|
|
docker run -d --name "${CONTAINER}" \
|
|
-p "${PORT}:8000" \
|
|
-e "APP_VERSION=${tag}" \
|
|
${BREAK:+-e "BREAK=${BREAK}"} \
|
|
"${IMAGE}:${tag}" >/dev/null
|
|
}
|
|
|
|
say "Starting ${IMAGE}:${TAG}"
|
|
start_version "${TAG}"
|
|
|
|
# --- Step 4: health-check the new version before trusting it --------------------------------------
|
|
healthy() {
|
|
for _ in $(seq 1 10); do
|
|
if curl -fs "http://localhost:${PORT}/health" >/dev/null 2>&1; then
|
|
return 0
|
|
fi
|
|
sleep 1
|
|
done
|
|
return 1
|
|
}
|
|
|
|
say "Health-checking http://localhost:${PORT}/health"
|
|
if healthy; then
|
|
# --- Step 5a: cut over. Record this as the new known-good for the next deploy's rollback target.
|
|
echo "${TAG}" > "${STATE_FILE}"
|
|
say "DEPLOY OK — ${IMAGE}:${TAG} is live and healthy"
|
|
curl -s "http://localhost:${PORT}/health"; echo
|
|
exit 0
|
|
fi
|
|
|
|
# --- Step 5b: ROLLBACK. The new version failed its health check. ----------------------------------
|
|
say "HEALTH CHECK FAILED for ${IMAGE}:${TAG} — rolling back"
|
|
docker rm -f "${CONTAINER}" >/dev/null 2>&1 || true
|
|
|
|
if [ -z "${PREVIOUS}" ]; then
|
|
echo "No previous known-good version to roll back to. Service is DOWN." >&2
|
|
echo "(Deploy a healthy version first, then re-run the BREAK=1 deploy to see rollback work.)" >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Rollback is trivial because we deploy immutable tags: just run the old one again. No rebuild.
|
|
say "Restoring previous good version ${IMAGE}:${PREVIOUS}"
|
|
BREAK="" start_version "${PREVIOUS}" # clear BREAK so the good version comes up clean
|
|
if healthy; then
|
|
say "ROLLED BACK — ${IMAGE}:${PREVIOUS} is live and healthy. The bad deploy reverted itself."
|
|
curl -s "http://localhost:${PORT}/health"; echo
|
|
exit 1 # exit non-zero: the deploy you asked for did NOT ship, even though service recovered
|
|
else
|
|
echo "Rollback FAILED — service is DOWN. Investigate ${IMAGE}:${PREVIOUS}." >&2
|
|
exit 2
|
|
fi
|