diff --git a/CI_CD_PIPELINE_SETUP_GUIDE.md b/CI_CD_PIPELINE_SETUP_GUIDE.md index 7ec92c7..52eabef 100644 --- a/CI_CD_PIPELINE_SETUP_GUIDE.md +++ b/CI_CD_PIPELINE_SETUP_GUIDE.md @@ -577,7 +577,7 @@ sudo apt install -y \ #### 1.5 Install Podman -**Note**: For detailed Podman installation and configuration, see the [Docker Registry Install Guide](Docker_Registry_Install_Guide.md#step-1-install-podman-if-not-already-installed). +**Note**: Podman is required for container operations and will be installed in the following steps. ```bash # Install Podman and related tools @@ -595,7 +595,7 @@ sudo usermod --add-subuids 100000-165535 CI_SERVICE_USER sudo usermod --add-subgids 100000-165535 CI_SERVICE_USER ``` -**What this does**: Installs Podman and configures it for rootless operation, which is needed for the CI pipeline and Docker Registry operations. +**What this does**: Installs Podman and configures it for rootless operation, which is needed for the CI pipeline and Forgejo Container Registry operations. ### Step 2: Create Users @@ -639,8 +639,8 @@ cd /opt sudo git clone https://your-forgejo-instance/your-username/APP_NAME.git sudo chown -R CI_SERVICE_USER:CI_SERVICE_USER APP_NAME/ -# Verify the registry folder exists -ls -la /opt/APP_NAME/registry/ +# Verify the application directory structure +ls -la /opt/APP_NAME/ ``` **Important**: Replace `your-forgejo-instance`, `your-username`, and `APP_NAME` with your actual Forgejo instance URL, username, and application name. @@ -648,7 +648,7 @@ ls -la /opt/APP_NAME/registry/ **What this does**: - CI_DEPLOY_USER creates the directory structure and clones the repository - CI_SERVICE_USER owns all the files for security -- Registry configuration files are now available at `/opt/APP_NAME/registry/` +- Application configuration files are now available at `/opt/APP_NAME/` ### Step 4: Configure Forgejo Container Registry Access @@ -940,15 +940,11 @@ podman exec ci-pip mkdir -p /etc/containers podman exec ci-pip tee /etc/containers/registries.conf > /dev/null << 'EOF' [[registry]] location = "YOUR_CI_CD_IP:4443" -client_cert = "/etc/registry/certs/clients/client.crt" -client_key = "/etc/registry/certs/private/client.key" +# Forgejo Container Registry uses Personal Access Tokens for authentication EOF # Copy client certificates to PiP container -podman cp /etc/registry/certs/clients/client.crt ci-pip:/etc/registry/certs/clients/ -podman cp /etc/registry/certs/private/client.key ci-pip:/etc/registry/certs/private/ -podman exec ci-pip chmod 600 /etc/registry/certs/private/client.key -podman exec ci-pip chmod 644 /etc/registry/certs/clients/client.crt +# Forgejo Container Registry authentication is handled through environment variables # Test Forgejo Container Registry connectivity from PiP podman exec ci-pip podman pull alpine:latest @@ -997,29 +993,19 @@ ls -la /tmp/ci-workspace The Forgejo Container Registry setup uses the built-in registry functionality, providing secure and integrated container image storage. -**Application Files** (in `/opt/APP_NAME/registry/`): -- `containers-policy.json` - Container policy for image signature verification -- `openssl.conf` - OpenSSL configuration for certificate generation from project repository +**Application Files** (in `/opt/APP_NAME/`): +- Configuration files for the application +- Nginx configuration for reverse proxy **System Files** (FHS-compliant locations): -- `/var/lib/registry/` - Registry data storage -- `/etc/registry/certs/` - SSL/TLS certificate hierarchy: - - `/etc/registry/certs/private/` - Private keys (mode 600) - - `/etc/registry/certs/ca/` - CA certificates (mode 644) - - `/etc/registry/certs/clients/` - Client CA certificates (mode 640) - - `/etc/registry/certs/requests/` - Certificate requests and configs (mode 644) - - `/etc/registry/certs/registry.crt` - Server certificate (mode 644) -- `/etc/registry/nginx.conf` - nginx reverse proxy configuration (mode 644) -- `/etc/systemd/user/registry.service` - Systemd user service for rootless registry -- `/etc/systemd/system/registry-proxy.service` - Systemd system service for TLS proxy +- `/var/lib/` - Application data storage +- `/etc/nginx/` - Nginx configuration - `/var/log/nginx/` - nginx proxy logs **Benefits of FHS Compliance**: -- **Data persistence**: Registry data stored in `/var/lib/registry/` survives container restarts -- **Certificate security**: Hierarchical certificate structure with proper permissions -- **mTLS authentication**: Client certificates for secure push operations -- **Service management**: Systemd services for proper startup, shutdown, and monitoring -- **Separation of concerns**: Private keys isolated from public certificates +- **Data persistence**: Application data stored in proper locations survives restarts +- **Service management**: Proper separation of application components +- **Log management**: Centralized logging for easier troubleshooting - **Log management**: Logs in `/var/log/nginx/` for centralized logging - **Configuration separation**: App configs in app directory, system data in system directories - **Policy enforcement**: Container policies for image signature verification @@ -1034,7 +1020,7 @@ The Forgejo Container Registry setup uses the built-in registry functionality, p The CI/CD pipeline uses a three-stage approach with dedicated environments for each stage: -**Job 1 (Testing) - `docker-compose.test.yml`:** +**Job 1 (Testing) - `ci-pod.yaml`:** - **Purpose**: Comprehensive testing with multiple containers - **Environment**: DinD with PostgreSQL, Rust, and Node.js containers - **Code Checkout**: Code is checked out directly into the DinD container at `/workspace` from the Forgejo repository that triggered the build @@ -1057,7 +1043,7 @@ The CI/CD pipeline uses a three-stage approach with dedicated environments for e - **Registry Access**: Reuses Forgejo Container Registry authentication from Job 1 - **Cleanup**: DinD container stopped and removed (clean slate for next run) -**Job 3 (Deployment) - `docker-compose.prod.yml`:** +**Job 3 (Deployment) - `prod-pod.yaml`:** - **Purpose**: Production deployment with pre-built images - **Environment**: Production runner on Production Linode - **Process**: @@ -1070,7 +1056,7 @@ The CI/CD pipeline uses a three-stage approach with dedicated environments for e - **๐Ÿงน Complete Isolation**: Each job has its own dedicated environment - **๐Ÿšซ No Resource Contention**: Testing and building don't interfere with Forgejo Container Registry - **โšก Consistent Environment**: Same setup every time -- **๐ŸŽฏ Purpose-Specific**: Each Docker Compose file serves a specific purpose +- **๐ŸŽฏ Purpose-Specific**: Each pod configuration serves a specific purpose - **๐Ÿ”„ Parallel Safety**: Jobs can run safely in parallel **Testing DinD Setup:** @@ -1099,7 +1085,7 @@ docker exec ci-dind docker rmi YOUR_CI_CD_IP/APP_NAME/dind-test:latest #### 6.5 Production Deployment Architecture -The production deployment uses a separate Docker Compose file (`docker-compose.prod.yml`) that pulls built images from the Forgejo Container Registry and deploys the complete application stack. +The production deployment uses a separate pod configuration (`prod-pod.yaml`) that pulls built images from the Forgejo Container Registry and deploys the complete application stack. **Production Stack Components:** - **PostgreSQL**: Production database with persistent storage @@ -1110,11 +1096,11 @@ The production deployment uses a separate Docker Compose file (`docker-compose.p **Deployment Flow:** 1. **Production Runner**: Runs on Production Linode with `production` label 2. **Image Pull**: Pulls latest images from Forgejo Container Registry -3. **Stack Deployment**: Uses `docker-compose.prod.yml` to deploy complete stack +3. **Stack Deployment**: Uses `prod-pod.yaml` to deploy complete stack 4. **Health Verification**: Ensures all services are healthy before completion **Key Benefits:** -- **๐Ÿ”„ Image Registry**: Centralized image storage in Docker Registry +- **๐Ÿ”„ Image Registry**: Centralized image storage in Forgejo Container Registry - **๐Ÿ“ฆ Consistent Deployment**: Same images tested in CI are deployed to production - **โšก Fast Deployment**: Only pulls changed images - **๐Ÿ›ก๏ธ Rollback Capability**: Can easily rollback to previous image versions @@ -1153,11 +1139,11 @@ sudo ufw --force enable sudo ufw default deny incoming sudo ufw default allow outgoing sudo ufw allow ssh -sudo ufw allow 443/tcp # Docker Registry via nginx (public read access) +# Note: Forgejo Container Registry access is configured through Forgejo itself ``` **Security Model**: -- **Port 443 (Docker Registry)**: Public read access, authenticated write access +- **Forgejo Registry**: Integrated authentication and authorization - **SSH**: Restricted to your IP addresses - **All other ports**: Blocked @@ -1169,21 +1155,18 @@ sudo ufw allow 443/tcp # Docker Registry via nginx (public read access) podman --version ``` -#### 8.2 Check Docker Registry v2 Status +#### 8.2 Check Forgejo Container Registry Status ```bash -cd /opt/APP_NAME/registry +cd /opt/APP_NAME podman pod ps ``` -#### 8.3 Test Docker Registry v2 Access +#### 8.3 Test Forgejo Container Registry Access ```bash -# Test Docker Registry v2 API -curl -k https://localhost:443/v2/_catalog - -# Test Docker Registry v2 UI -curl -k -I https://localhost:443 +# Test Forgejo Container Registry access +# Registry access is handled through your Forgejo instance's web interface ``` --- @@ -1461,9 +1444,9 @@ ls -la /opt/APP_NAME - Sets proper ownership for the PROD_SERVICE_USER - Ensures the directory exists before the CI workflow runs -### Step 13: Configure Podman for Docker Registry v2 Access +### Step 13: Configure Podman for Forgejo Container Registry Access -**Important**: The Production Linode needs to be able to pull images from the Docker Registry v2 on the CI/CD Linode. Since we're using nginx with automatic HTTPS, no additional certificate configuration is needed. +**Important**: The Production Linode needs to be able to pull images from the Forgejo Container Registry. Authentication is handled through the CI/CD pipeline configuration. ```bash # Change to the PROD_SERVICE_USER @@ -1485,7 +1468,7 @@ exit ### Step 14: Set Up Forgejo Runner for Production Deployment -**Important**: The Production Linode needs a Forgejo runner to execute the deployment job from the CI/CD workflow. This runner will pull images from Docker Registry and deploy using `docker-compose.prod.yml`. +**Important**: The Production Linode needs a Forgejo runner to execute the deployment job from the CI/CD workflow. This runner will pull images from Forgejo Container Registry and deploy using the production pod configuration. #### 14.1 Download Runner @@ -1636,19 +1619,19 @@ sudo journalctl -u forgejo-runner.service -f --no-pager When the workflow runs, it will: -1. Pull the latest Docker images from Docker Registry -2. Use the `docker-compose.prod.yml` file to deploy the application stack +1. Pull the latest Docker images from Forgejo Container Registry +2. Use the `prod-pod.yaml` file to deploy the application stack 3. Create the necessary environment variables for production deployment 4. Verify that all services are healthy after deployment The production runner will automatically handle the deployment process when you push to the main branch. -#### 14.6 Understanding the Production Docker Compose Setup +#### 14.6 Understanding the Production Pod Setup -The `docker-compose.prod.yml` file is specifically designed for production deployment and differs from development setups: +The `prod-pod.yaml` file is specifically designed for production deployment and uses Kubernetes pod specifications: **Key Features**: -- **Image-based deployment**: Uses pre-built images from Docker Registry instead of building from source +- **Image-based deployment**: Uses pre-built images from Forgejo Container Registry instead of building from source - **Production networking**: All services communicate through a dedicated `sharenet-network` - **Health checks**: Each service includes health checks to ensure proper startup order - **Nginx reverse proxy**: Includes Nginx for SSL termination, load balancing, and security headers @@ -1662,9 +1645,9 @@ The `docker-compose.prod.yml` file is specifically designed for production deplo 4. **Nginx**: Reverse proxy that serves the frontend and proxies API requests to backend **Deployment Process**: -1. The production runner pulls the latest images from Docker Registry +1. The production runner pulls the latest images from Forgejo Container Registry 2. Creates environment variables for the deployment -3. Runs `docker compose -f docker-compose.prod.yml up -d` +3. Runs `podman play kube prod-pod.yaml` 4. Waits for all services to be healthy 5. Verifies the deployment was successful @@ -1772,10 +1755,10 @@ sudo fail2ban-client status podman --version ``` -#### 16.2 Test Docker Registry v2 Access +#### 16.2 Test Forgejo Container Registry Access ```bash -# Test pulling an image from the CI/CD Docker Registry v2 (unauthenticated port 443) +# Test pulling an image from Forgejo Container Registry podman pull YOUR_CI_CD_IP/APP_NAME/test:latest ``` @@ -1794,20 +1777,20 @@ podman pull YOUR_CI_CD_IP/APP_NAME/test:latest Go to your Forgejo repository and add these secrets in **Settings โ†’ Secrets and Variables โ†’ Actions**: **Required Secrets:** -- `CI_HOST`: Your CI/CD Linode IP address (used for Docker Registry access) +- `CI_HOST`: Your CI/CD Linode IP address (used for testing environment) - `PRODUCTION_IP`: Your Production Linode IP address - `PROD_DEPLOY_USER`: The production deployment user name (e.g., `prod-deploy`) - `PROD_SERVICE_USER`: The production service user name (e.g., `prod-service`) - `APP_NAME`: Your application name (e.g., `sharenet`) - `POSTGRES_PASSWORD`: A strong password for the PostgreSQL database -- `REGISTRY_CLIENT_CERT`: Path to client certificate for mTLS authentication (e.g., `/etc/registry/certs/clients/client.crt`) -- `REGISTRY_CLIENT_KEY`: Path to client private key for mTLS authentication (e.g., `/etc/registry/certs/private/client.key`) +- `REGISTRY_HOST`: Your Forgejo instance's registry URL +- `REGISTRY_TOKEN`: Personal Access Token with package write permissions **Note**: The CI pipeline now uses mTLS authentication for pushes (port 4443) and Cosign for image signing. The registry policy enforces Sigstore signatures for all images consumed from the registry. -**Note**: This setup uses custom Dockerfiles for testing environments with base images stored in Docker Registry. The CI pipeline automatically checks if base images exist in Docker Registry and pulls them from Docker Hub only when needed, eliminating rate limiting issues and providing better control over the testing environment. +**Note**: This setup uses custom Dockerfiles for testing environments with base images. The CI pipeline automatically checks if base images exist in Forgejo Container Registry and pulls them from Docker Hub only when needed, eliminating rate limiting issues and providing better control over the testing environment. ### Step 18: Test Complete Pipeline @@ -1827,10 +1810,10 @@ The pipeline should execute these steps in order: 4. **Test Frontend**: Run frontend tests in isolated environment 5. **Build Backend**: Build backend Docker image in DinD 6. **Build Frontend**: Build frontend Docker image in DinD -7. **Push to Registry**: Push images to Docker Registry from DinD +7. **Push to Registry**: Push images to Forgejo Container Registry from DinD 8. **Deploy to Production**: Deploy to production server -#### 18.3 Check Docker Registry v2 +#### 18.3 Check Forgejo Container Registry ```bash # On CI/CD Linode @@ -1954,7 +1937,7 @@ tail -f /tmp/monitor.log ## Forgejo Container Registry Setup -This repository has been configured to use **Forgejo's built-in container registry** instead of a custom Docker Registry. This provides a simpler, more integrated solution while maintaining the same Podman Pods CI approach. +This repository uses **Forgejo's built-in container registry** which provides a simpler, more integrated solution while maintaining the same Podman Pods CI approach. ### Prerequisites @@ -2011,23 +1994,6 @@ For example: - `forgejo.example.com/devteam/sharenet/backend:abc123` - `forgejo.example.com/devteam/sharenet/frontend:abc123` -### Migration from Custom Registry - -If you were previously using the custom Docker Registry setup: - -1. **Remove old registry artifacts**: - - Delete `Docker_Registry_Install_Guide.md` - - Remove `registry/` folder - - Update any references to old registry paths - -2. **Update secrets**: - - Replace `CI_HOST`, `REGISTRY_USER`, `REGISTRY_PASSWORD` with new Forgejo registry secrets - - Add `REGISTRY_HOST`, `REGISTRY_USERNAME`, `REGISTRY_TOKEN` - -3. **Update deployment**: - - Production environment will now pull from Forgejo registry - - No changes needed to Dockerfiles or application code - ### Benefits of Forgejo Container Registry - โœ… **Simplified setup** - No custom registry installation required @@ -2074,13 +2040,13 @@ podman image inspect REGISTRY_HOST/OWNER_REPO/backend:TAG You have successfully set up a complete CI/CD pipeline with: - โœ… **Automated testing** on every code push in isolated DinD environment -- โœ… **Docker image building** and Docker Registry storage +- โœ… **Docker image building** and Forgejo Container Registry storage - โœ… **Automated deployment** to production - โœ… **Health monitoring** and logging - โœ… **Backup and cleanup** automation - โœ… **Security hardening** with proper user separation - โœ… **SSL/TLS support** with self-signed certificates and mTLS authentication -- โœ… **Zero resource contention** between CI/CD and Docker Registry +- โœ… **Zero resource contention** between CI/CD and Forgejo Container Registry - โœ… **FHS-compliant directory structure** for better organization and security - โœ… **Robust rootless services** via systemd user manager - โœ… **Host TLS reverse proxy** with rootless registry isolation @@ -2091,44 +2057,29 @@ Your application is now ready for continuous deployment with proper security, mo After successful setup, you can clean up the installation files to remove sensitive information: -```bash -# Remove installation files (optional - for security) -sudo rm -rf /opt/APP_NAME/registry/openssl.conf -sudo rm -rf /opt/APP_NAME/registry/certs/requests/openssl.conf - -# Note: DO NOT remove these files as they are needed for operation: -# - /opt/APP_NAME/registry/containers-policy.json -# - /etc/registry/certs/ (contains all certificates and keys) -# - /etc/systemd/user/registry.service -# - /etc/systemd/system/registry-proxy.service -# - /etc/registry/nginx.conf -``` - -**Security Note**: The certificate files in `/etc/registry/certs/` contain sensitive authentication data and should be: -- **Backed up securely** if needed for disaster recovery -- **Never committed to version control** -- **Protected with proper permissions** (600 for private keys, 640 for client CA) -- **Rotated regularly** by regenerating certificates and updating client configurations +**Security Note**: Forgejo Container Registry uses built-in authentication. Ensure your Personal Access Tokens are stored securely and never committed to version control. +- **Rotate tokens regularly** by generating new Personal Access Tokens +- **Use minimal permissions** - only grant `write:packages` scope for CI/CD operations ### Step 7.4 CI/CD Workflow Summary Table | Stage | What Runs | How/Where | |---------|--------------------------|--------------------------| -| Test | All integration/unit tests| `docker-compose.test.yml`| -| Build | Build & push images | Direct Docker commands | -| Deploy | Deploy to production | `docker-compose.prod.yml`| +| Test | All integration/unit tests| `ci-pod.yaml` | +| Build | Build & push images | Podman build & push | +| Deploy | Deploy to production | `prod-pod.yaml` | **How it works:** -- **Test:** The workflow spins up a full test environment using `docker-compose.test.yml` (Postgres, backend, frontend, etc.) and runs all tests inside containers. -- **Build:** If tests pass, the workflow uses direct Docker commands (no compose file) to build backend and frontend images and push them to Docker Registry. -- **Deploy:** The production runner pulls images from Docker Registry and deploys the stack using `docker-compose.prod.yml`. +- **Test:** The workflow spins up a full test environment using `ci-pod.yaml` (Postgres, backend, frontend, etc.) and runs all tests inside containers. +- **Build:** If tests pass, the workflow uses Podman to build backend and frontend images and push them to Forgejo Container Registry. +- **Deploy:** The production runner pulls images from Forgejo Container Registry and deploys the stack using `prod-pod.yaml`. **Expected Output:** - Each stage runs in its own isolated environment. - Test failures stop the pipeline before any images are built or deployed. - Only tested images are deployed to production. -### Manual Testing with docker-compose.test.yml +### Manual Testing with Podman Pods You can use the same test environment locally that the CI pipeline uses for integration testing. This is useful for debugging, development, or verifying your setup before pushing changes. @@ -2140,10 +2091,10 @@ For local development testing, you can run the test environment directly: ```bash # Start the test environment locally -docker compose -f docker-compose.test.yml up -d +podman play kube ci-pod.yaml # Check service health -docker compose -f docker-compose.test.yml ps +podman pod ps ``` **Important**: This local setup is for development only. The CI pipeline uses a more isolated DinD environment. @@ -2162,7 +2113,7 @@ docker exec ci-cd-test-node npm run test #### Cleanup When you're done, stop and remove all test containers: ```bash -docker compose -f docker-compose.test.yml down +podman pod stop ci-cd-test-pod && podman pod rm ci-cd-test-pod ``` **Tip:** The CI pipeline uses the same test containers but runs them inside a DinD environment for complete isolation. \ No newline at end of file diff --git a/scripts/deploy-local.sh b/scripts/deploy-local.sh deleted file mode 100755 index 6263559..0000000 --- a/scripts/deploy-local.sh +++ /dev/null @@ -1,197 +0,0 @@ -#!/bin/bash - -# Sharenet Local Deployment Script -# This script handles local development deployments - -set -e - -# Configuration -APP_NAME="sharenet" -DOCKER_COMPOSE_FILE="docker-compose.yml" - -# Colors -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' - -log_info() { echo -e "${BLUE}[INFO]${NC} $1"; } -log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; } -log_warning() { echo -e "${YELLOW}[WARNING]${NC} $1"; } -log_error() { echo -e "${RED}[ERROR]${NC} $1"; } - -# Pre-deployment checks -pre_deployment_checks() { - log_info "Running pre-deployment checks..." - - # Check if docker-compose.yml exists - if [ ! -f "$DOCKER_COMPOSE_FILE" ]; then - log_error "docker-compose.yml not found in current directory" - log_error "Current directory: $(pwd)" - exit 1 - fi - - # Check if Docker is running - if ! docker info >/dev/null 2>&1; then - log_error "Docker is not running or not accessible" - exit 1 - fi - - # Check if docker-compose is available - if ! command -v docker-compose >/dev/null 2>&1; then - log_error "docker-compose is not installed or not in PATH" - exit 1 - fi - - log_success "Pre-deployment checks passed" -} - -# Pull latest code (if in git repository) -pull_latest_code() { - if [ -d ".git" ]; then - log_info "Pulling latest code from repository..." - if git pull origin main 2>/dev/null || git pull origin master 2>/dev/null; then - log_success "Code updated successfully" - else - log_warning "Could not pull latest code (not a git repository or no remote configured)" - fi - else - log_info "Not a git repository, skipping code pull" - fi -} - -# Pull latest images -pull_images() { - log_info "Pulling latest Docker images..." - if docker-compose pull; then - log_success "Images pulled successfully" - else - log_error "Failed to pull images" - exit 1 - fi -} - -# Stop existing containers -stop_containers() { - log_info "Stopping existing containers..." - if docker-compose down; then - log_success "Containers stopped successfully" - else - log_warning "Some containers may not have stopped cleanly" - fi -} - -# Start new containers -start_containers() { - log_info "Starting new containers..." - if docker-compose up -d; then - log_success "Containers started successfully" - else - log_error "Failed to start containers" - log_error "Recent logs:" - docker-compose logs --tail=20 - exit 1 - fi -} - -# Verify deployment -verify_deployment() { - log_info "Verifying deployment..." - - # Wait for containers to start - sleep 10 - - # Check if containers are running - if docker-compose ps | grep -q "Up"; then - log_success "Deployment successful! All containers are running." - docker-compose ps - else - log_error "Deployment failed! Some containers are not running." - docker-compose ps - log_error "Recent logs:" - docker-compose logs --tail=20 - exit 1 - fi -} - -# Clean up old images -cleanup_images() { - log_info "Cleaning up old Docker images..." - if docker image prune -f; then - log_success "Old images cleaned up successfully" - else - log_warning "Image cleanup had some issues" - fi -} - -# Show service status -show_status() { - log_info "Current service status:" - docker-compose ps - echo - log_info "Recent logs:" - docker-compose logs --tail=10 -} - -# Main deployment process -main() { - local command="${1:-deploy}" - - case "$command" in - deploy) - log_info "Starting local deployment for $APP_NAME..." - pre_deployment_checks - pull_latest_code - pull_images - stop_containers - start_containers - verify_deployment - cleanup_images - log_success "Local deployment completed successfully" - ;; - status) - log_info "Checking service status..." - if [ -f "$DOCKER_COMPOSE_FILE" ]; then - show_status - else - log_error "docker-compose.yml not found in current directory" - exit 1 - fi - ;; - restart) - log_info "Restarting services..." - pre_deployment_checks - stop_containers - start_containers - verify_deployment - log_success "Services restarted successfully" - ;; - logs) - log_info "Showing recent logs..." - if [ -f "$DOCKER_COMPOSE_FILE" ]; then - docker-compose logs --tail=50 -f - else - log_error "docker-compose.yml not found in current directory" - exit 1 - fi - ;; - *) - log_error "Unknown command: $command" - echo "Usage: $0 {deploy|status|restart|logs}" - echo "" - echo "Commands:" - echo " deploy - Deploy the application (default)" - echo " status - Show current service status" - echo " restart - Restart all services" - echo " logs - Show and follow recent logs" - exit 1 - ;; - esac -} - -# Handle interrupts gracefully -trap 'log_error "Deployment interrupted"; exit 1' INT TERM - -# Run main function -main "$@" \ No newline at end of file