4nk/ia_dev
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ia_dev/deploy/lib/README.md
Nicolas Cantu d80b240853 refactor(deploy): hoist shared conf handling to deploy/lib 
**Motivations:**
- Apply approved boundary: identical steps in ia_dev libs; project orchestrator keeps only specific sequencing

**Root causes:**
- N/A

**Correctifs:**
- N/A

**Evolutions:**
- Add deploy/lib/deploy-conf-handling.sh (jq, secrets_path export, IA_DEV_DEPLOY_* context)
- Document boundary in deploy-methodology.sh; orchestrator sources new lib
- deploy/lib/README.md: boundary + deploy-conf-handling

**Pages affectées:**
- deploy/lib/*.sh, deploy/orchestrator.sh, deploy/lib/README.md
2026-03-23 13:23:23 +01:00

2.4 KiB
Raw Blame History

Shared deploy libraries (ia_dev)

ssh.sh

Canonical SSH/SCP helpers (ssh_run, scp_copy, require_ssh_key, ssh_common_opts) used across projects.
LeCoffre : deploy/scripts_v2/_lib/ssh.sh sources ia_dev/deploy/lib/ssh.sh when the submodule path ia_dev/deploy/lib/ssh.sh exists from the repo root; otherwise it embeds the same implementation.

deploy-log.sh

Optional deploy_script_tee_log_if_requested <project_root> <log_subdir> — requires info from the projects colors.sh (sourced before this file in deploy.sh).

Policy

Project-specific logic (Prisma, systemd unit names, remote app layout, LeCoffre domains) stays under each repositorys deploy/scripts_v2/. Only transport/logging helpers live here.

deploy-methodology.sh

Shared contract for all managed projects: allowed envs (test | pprod | prod), validation helpers. Sourced by deploy.sh and orchestrator.sh. Extend only with an explicit decision (new env = conf + doc migration).

Boundary : any step strictly identical for every project belongs here or in a sibling deploy/lib/deploy-*.sh. The project orchestrator under repository_root only sequences project-specific scripts (e.g. _lib/deploy-phase-*.sh).

Quality gates and longer sequences that are identical across projects should be added here or in peers — not in project repos.

deploy-conf-handling.sh

Shared conf.json handling: jq requirement, deploy.secrets_pathSECRETS_BASE / LECOFFRE_SECRETS_BASE, optional exports IA_DEV_DEPLOY_REPO_ROOT and IA_DEV_DEPLOY_ENV for project scripts. Sourced by orchestrator.sh. Add new generic deploy.* reads here.

Orchestration (../orchestrator.sh, ../deploy.sh)

  • deploy.sh : ./deploy/deploy.sh <project_id> <env> [args] — applies methodology (env validation, banner), sets IA_PROJECT_ID, then exec orchestrator.sh.
  • orchestrator.sh : exports secrets from conf, then exec the project orchestrator repository_root + deploy.project_orchestrator_path (relative path) with the same "$@". Legacy : if project_orchestrator_path is missing, uses deploy.hooks.phases or deploy.deploy_script_path. run-project-hooks.sh execs orchestrator.sh for backward compatibility.

Project orchestrator = single script in the target repo that sequences project-specific steps (deploy.sh LeCoffre today, or a dedicated orchestrate-project.sh later).