jesus/secretumvault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
secretumvault/justfiles/deploy.just
Jesús Pérez 914c5f767d
chore: source code, docs and tools
2025-12-22 21:34:01 +00:00

189 lines
5.8 KiB
Plaintext
Raw Permalink Blame History

# Deployment recipes for SecretumVault (Docker, Kubernetes, Helm)
[doc("Show deploy help")]
help:
@echo "DEPLOYMENT COMMANDS"; \
echo ""; \
echo "Docker Compose:"; \
echo " just deploy::compose-up Start full Docker Compose stack"; \
echo " just deploy::compose-down Stop Docker Compose"; \
echo " just deploy::compose-logs View Docker logs"; \
echo ""; \
echo "Docker Image:"; \
echo " just deploy::docker-build Build Docker image"; \
echo " just deploy::docker-run Run Docker container"; \
echo ""; \
echo "Kubernetes:"; \
echo " just deploy::k8s-apply Deploy all K8s manifests"; \
echo " just deploy::k8s-delete Delete all K8s resources"; \
echo " just deploy::k8s-status Check K8s deployment status"; \
echo ""; \
echo "Helm:"; \
echo " just deploy::helm-install Install via Helm"; \
echo " just deploy::helm-upgrade Upgrade Helm release"; \
echo " just deploy::helm-uninstall Uninstall Helm release"; \
echo ""
# Docker Compose: start all services
[doc("Start full Docker Compose stack (vault, etcd, surrealdb, postgres, prometheus, grafana)")]
compose-up:
@echo "Building and starting Docker Compose stack..."
docker-compose up -d
@echo "✅ Stack started"
@echo ""
@echo "Services:"
@echo " Vault: http://localhost:8200"
@echo " Prometheus: http://localhost:9090"
@echo " Grafana: http://localhost:3000"
@docker-compose ps
# Docker Compose: stop services
[doc("Stop Docker Compose stack")]
compose-down:
docker-compose down
# Docker Compose: view logs
[doc("View Docker Compose logs")]
compose-logs:
docker-compose logs -f
# Docker Compose: restart specific service
[doc("Restart Docker Compose service")]
compose-restart SERVICE:
docker-compose restart {{ SERVICE }}
# Docker: build image
[doc("Build Docker image (secretumvault:latest)")]
docker-build:
docker build -t secretumvault:latest .
# Docker: run container
[doc("Run Docker container locally")]
docker-run:
docker run -it --rm \
-p 8200:8200 \
-p 9090:9090 \
-v "{{ env_var('PWD') }}/docker/config:/etc/secretumvault:ro" \
secretumvault:latest server --config /etc/secretumvault/svault.toml
# Docker: build and push to registry
[doc("Build and push Docker image to registry")]
docker-push REGISTRY="docker.io/secretumvault":
docker build -t {{ REGISTRY }}:latest .
docker push {{ REGISTRY }}:latest
# Kubernetes: apply all manifests
[doc("Deploy to Kubernetes (applies all manifests)")]
k8s-apply:
@echo "Creating namespace..."
kubectl apply -f k8s/01-namespace.yaml
@sleep 1
@echo "Applying ConfigMap..."
kubectl apply -f k8s/02-configmap.yaml
@echo "Applying Deployment..."
kubectl apply -f k8s/03-deployment.yaml
@echo "Applying Services..."
kubectl apply -f k8s/04-service.yaml
@echo "Applying etcd..."
kubectl apply -f k8s/05-etcd.yaml
@echo "Applying SurrealDB..."
kubectl apply -f k8s/06-surrealdb.yaml
@echo "Applying PostgreSQL..."
kubectl apply -f k8s/07-postgresql.yaml
@echo "✅ All manifests applied"
@sleep 3
@echo ""
@just k8s-status
# Kubernetes: delete all resources
[doc("Delete all Kubernetes resources")]
k8s-delete:
@echo "Deleting namespace (all resources will be deleted)..."
kubectl delete namespace secretumvault
# Kubernetes: show deployment status
[doc("Show Kubernetes deployment status")]
k8s-status:
@echo "Namespace:"
@kubectl -n secretumvault get ns
@echo ""
@echo "Pods:"
@kubectl -n secretumvault get pods
@echo ""
@echo "Services:"
@kubectl -n secretumvault get svc
@echo ""
@echo "StatefulSets:"
@kubectl -n secretumvault get statefulsets
@echo ""
@echo "Wait for vault to be ready:"
@echo " kubectl -n secretumvault wait --for=condition=ready pod -l app=vault --timeout=300s"
# Kubernetes: port-forward to vault
[doc("Port-forward to vault API")]
k8s-portforward:
kubectl -n secretumvault port-forward svc/vault 8200:8200
# Kubernetes: view logs
[doc("View vault pod logs")]
k8s-logs:
kubectl -n secretumvault logs -f deployment/vault
# Helm: install release
[doc("Install vault via Helm")]
helm-install:
helm install vault helm/ \
--namespace secretumvault \
--create-namespace
# Helm: install with custom values
[doc("Install Helm with custom values")]
helm-install-custom VALUES:
helm install vault helm/ \
--namespace secretumvault \
--create-namespace \
--values {{ VALUES }}
# Helm: upgrade release
[doc("Upgrade existing Helm release")]
helm-upgrade:
helm upgrade vault helm/ --namespace secretumvault
# Helm: uninstall release
[doc("Uninstall Helm release")]
helm-uninstall:
helm uninstall vault --namespace secretumvault
# Helm: show values
[doc("Show Helm chart values")]
helm-values:
helm show values helm/ | less
# Helm: dry-run
[doc("Dry-run Helm install (show manifest)")]
helm-dry-run:
helm install vault helm/ \
--namespace secretumvault \
--create-namespace \
--dry-run \
--debug
# Kubernetes: exec into pod
[doc("Execute shell in vault pod")]
k8s-shell:
kubectl -n secretumvault exec -it deployment/vault -- /bin/sh
# Setup PostgreSQL secret
[doc("Create PostgreSQL secret in Kubernetes")]
k8s-postgres-secret PASSWORD:
kubectl -n secretumvault create secret generic vault-postgresql-secret \
--from-literal=password="{{ PASSWORD }}" \
--dry-run=client -o yaml | kubectl apply -f -
# Setup SurrealDB secret
[doc("Create SurrealDB secret in Kubernetes")]
k8s-surrealdb-secret PASSWORD:
kubectl -n secretumvault create secret generic vault-surrealdb-secret \
--from-literal=password="{{ PASSWORD }}" \
--dry-run=client -o yaml | kubectl apply -f -
Reference in New Issue View Git Blame Copy Permalink