From 1a2d35be27de412bd2c406ed01189dc93ae0985a Mon Sep 17 00:00:00 2001 From: Yannik Sander Date: Tue, 30 Mar 2021 17:32:58 +0200 Subject: Add multi node support Run multiple deployments in sequence Resolve targets later Extend context by deployed flake Apply clippy suggestions Add revoke command builder Track succeeded deploys Add revoke function Register revoke error as deploy error Prepare revoke command in activate Extend logger to handle revoke Implement revoke command client side Run revoke on previously suceeded Control whether to override by flag Adhere profile configuration auto_rollback setting Cargo fmt Correctly provide profile path to activation script when revoking Document multi flake mode in README Resolve a typo in README.md Co-authored-by: notgne2 Use existing teminology rename revoke_suceeded -> rollback_suceeded Use more open CLI argument name `targets` instead of `flakes` Document name changes in README Add sudo command support for revokes Call run_deploy with `dry_active` flag Test revoke commands contains sudo Set default temp_path in activate binary Require temp_path for wait and activate subcommands Add copyright comment Address review change requests Fix typo in README Co-authored-by: Alexander Bantyev --- src/bin/activate.rs | 40 ++++++-- src/bin/deploy.rs | 278 ++++++++++++++++++++++++++++++++++------------------ 2 files changed, 215 insertions(+), 103 deletions(-) (limited to 'src/bin') diff --git a/src/bin/activate.rs b/src/bin/activate.rs index d17f3a8..6e18652 100644 --- a/src/bin/activate.rs +++ b/src/bin/activate.rs @@ -1,5 +1,6 @@ // SPDX-FileCopyrightText: 2020 Serokell // SPDX-FileCopyrightText: 2020 Andreas Fuchs +// SPDX-FileCopyrightText: 2021 Yannik Sander // // SPDX-License-Identifier: MPL-2.0 @@ -33,10 +34,6 @@ struct Opts { #[clap(long)] log_dir: Option, - /// Path for any temporary files that may be needed during activation - #[clap(long)] - temp_path: String, - #[clap(subcommand)] subcmd: SubCommand, } @@ -45,6 +42,7 @@ struct Opts { enum SubCommand { Activate(ActivateOpts), Wait(WaitOpts), + Revoke(RevokeOpts), } /// Activate a profile @@ -70,6 +68,10 @@ struct ActivateOpts { /// Show what will be activated on the machines #[clap(long)] dry_activate: bool, + + /// Path for any temporary files that may be needed during activation + #[clap(long)] + temp_path: String, } /// Activate a profile @@ -77,6 +79,17 @@ struct ActivateOpts { struct WaitOpts { /// The closure to wait for closure: String, + + /// Path for any temporary files that may be needed during activation + #[clap(long)] + temp_path: String, +} + +/// Activate a profile +#[derive(Clap, Debug)] +struct RevokeOpts { + /// The profile path to revoke + profile_path: String, } #[derive(Error, Debug)] @@ -429,6 +442,16 @@ pub async fn activate( Ok(()) } +#[derive(Error, Debug)] +pub enum RevokeError { + #[error("There was an error de-activating after an error was encountered: {0}")] + DeactivateError(#[from] DeactivateError), +} +async fn revoke(profile_path: String) -> Result<(), RevokeError> { + deactivate(profile_path.as_str()).await?; + Ok(()) +} + #[tokio::main] async fn main() -> Result<(), Box> { // Ensure that this process stays alive after the SSH connection dies @@ -447,6 +470,7 @@ async fn main() -> Result<(), Box> { match opts.subcmd { SubCommand::Activate(_) => deploy::LoggerType::Activate, SubCommand::Wait(_) => deploy::LoggerType::Wait, + SubCommand::Revoke(_) => deploy::LoggerType::Revoke, }, )?; @@ -455,7 +479,7 @@ async fn main() -> Result<(), Box> { activate_opts.profile_path, activate_opts.closure, activate_opts.auto_rollback, - opts.temp_path, + activate_opts.temp_path, activate_opts.confirm_timeout, activate_opts.magic_rollback, activate_opts.dry_activate, @@ -463,7 +487,11 @@ async fn main() -> Result<(), Box> { .await .map_err(|x| Box::new(x) as Box), - SubCommand::Wait(wait_opts) => wait(opts.temp_path, wait_opts.closure) + SubCommand::Wait(wait_opts) => wait(wait_opts.temp_path, wait_opts.closure) + .await + .map_err(|x| Box::new(x) as Box), + + SubCommand::Revoke(revoke_opts) => revoke(revoke_opts.profile_path) .await .map_err(|x| Box::new(x) as Box), }; diff --git a/src/bin/deploy.rs b/src/bin/deploy.rs index 10e0552..4419ef1 100644 --- a/src/bin/deploy.rs +++ b/src/bin/deploy.rs @@ -1,4 +1,5 @@ // SPDX-FileCopyrightText: 2020 Serokell +// SPDX-FileCopyrightText: 2021 Yannik Sander // // SPDX-License-Identifier: MPL-2.0 @@ -7,6 +8,8 @@ use std::io::{stdin, stdout, Write}; use clap::Clap; +use deploy::{DeployFlake, ParseFlakeError}; +use futures_util::stream::{StreamExt, TryStreamExt}; use log::{debug, error, info, warn}; use serde::Serialize; use std::process::Stdio; @@ -14,12 +17,16 @@ use thiserror::Error; use tokio::process::Command; /// Simple Rust rewrite of a simple Nix Flake deployment tool -#[derive(Clap, Debug)] +#[derive(Clap, Debug, Clone)] #[clap(version = "1.0", author = "Serokell ")] struct Opts { /// The flake to deploy - #[clap(default_value = ".")] - flake: String, + #[clap(group = "deploy")] + target: Option, + + /// A list of flakes to deploy alternatively + #[clap(long, group = "deploy")] + targets: Option>, /// Check signatures when using `nix copy` #[clap(short, long)] checksigs: bool, @@ -77,6 +84,9 @@ struct Opts { /// Show what will be activated on the machines #[clap(long)] dry_activate: bool, + /// Revoke all previously succeeded deploys when deploying multiple profiles + #[clap(long)] + rollback_succeeded: Option, } /// Returns if the available Nix installation supports flakes @@ -159,9 +169,11 @@ enum GetDeploymentDataError { /// Evaluates the Nix in the given `repo` and return the processed Data from it async fn get_deployment_data( supports_flakes: bool, - flake: &deploy::DeployFlake<'_>, + flakes: &[deploy::DeployFlake<'_>], extra_build_args: &[String], -) -> Result { +) -> Result, GetDeploymentDataError> { + futures_util::stream::iter(flakes).then(|flake| async move { + info!("Evaluating flake in {}", flake.repo); let mut c = if supports_flakes { @@ -247,6 +259,7 @@ async fn get_deployment_data( let data_json = String::from_utf8(build_output.stdout)?; Ok(serde_json::from_str(&data_json)?) +}).try_collect().await } #[derive(Serialize)] @@ -259,11 +272,15 @@ struct PromptPart<'a> { } fn print_deployment( - parts: &[(deploy::DeployData, deploy::DeployDefs)], + parts: &[( + &deploy::DeployFlake<'_>, + deploy::DeployData, + deploy::DeployDefs, + )], ) -> Result<(), toml::ser::Error> { let mut part_map: HashMap> = HashMap::new(); - for (data, defs) in parts { + for (_, data, defs) in parts { part_map .entry(data.node_name.to_string()) .or_insert_with(HashMap::new) @@ -298,7 +315,11 @@ enum PromptDeploymentError { } fn prompt_deployment( - parts: &[(deploy::DeployData, deploy::DeployDefs)], + parts: &[( + &deploy::DeployFlake<'_>, + deploy::DeployData, + deploy::DeployDefs, + )], ) -> Result<(), PromptDeploymentError> { print_deployment(parts)?; @@ -363,109 +384,139 @@ enum RunDeployError { TomlFormat(#[from] toml::ser::Error), #[error("{0}")] PromptDeployment(#[from] PromptDeploymentError), + #[error("Failed to revoke profile: {0}")] + RevokeProfile(#[from] deploy::deploy::RevokeProfileError), } type ToDeploy<'a> = Vec<( + &'a deploy::DeployFlake<'a>, + &'a deploy::data::Data, (&'a str, &'a deploy::data::Node), (&'a str, &'a deploy::data::Profile), )>; async fn run_deploy( - deploy_flake: deploy::DeployFlake<'_>, - data: deploy::data::Data, + deploy_flakes: Vec>, + data: Vec, supports_flakes: bool, check_sigs: bool, interactive: bool, - cmd_overrides: deploy::CmdOverrides, + cmd_overrides: &deploy::CmdOverrides, keep_result: bool, result_path: Option<&str>, extra_build_args: &[String], debug_logs: bool, - log_dir: Option, dry_activate: bool, + log_dir: &Option, + rollback_succeeded: bool, ) -> Result<(), RunDeployError> { - let to_deploy: ToDeploy = match (&deploy_flake.node, &deploy_flake.profile) { - (Some(node_name), Some(profile_name)) => { - let node = match data.nodes.get(node_name) { - Some(x) => x, - None => return Err(RunDeployError::NodeNotFound(node_name.to_owned())), - }; - let profile = match node.node_settings.profiles.get(profile_name) { - Some(x) => x, - None => return Err(RunDeployError::ProfileNotFound(profile_name.to_owned())), - }; - - vec![((node_name, node), (profile_name, profile))] - } - (Some(node_name), None) => { - let node = match data.nodes.get(node_name) { - Some(x) => x, - None => return Err(RunDeployError::NodeNotFound(node_name.to_owned())), - }; - - let mut profiles_list: Vec<(&str, &deploy::data::Profile)> = Vec::new(); - - for profile_name in [ - node.node_settings.profiles_order.iter().collect(), - node.node_settings.profiles.keys().collect::>(), - ] - .concat() - { - let profile = match node.node_settings.profiles.get(profile_name) { - Some(x) => x, - None => return Err(RunDeployError::ProfileNotFound(profile_name.to_owned())), - }; - - if !profiles_list.iter().any(|(n, _)| n == profile_name) { - profiles_list.push((&profile_name, profile)); - } - } - - profiles_list - .into_iter() - .map(|x| ((node_name.as_str(), node), x)) - .collect() - } - (None, None) => { - let mut l = Vec::new(); - - for (node_name, node) in &data.nodes { - let mut profiles_list: Vec<(&str, &deploy::data::Profile)> = Vec::new(); - - for profile_name in [ - node.node_settings.profiles_order.iter().collect(), - node.node_settings.profiles.keys().collect::>(), - ] - .concat() - { + let to_deploy: ToDeploy = deploy_flakes + .iter() + .zip(&data) + .map(|(deploy_flake, data)| { + let to_deploys: ToDeploy = match (&deploy_flake.node, &deploy_flake.profile) { + (Some(node_name), Some(profile_name)) => { + let node = match data.nodes.get(node_name) { + Some(x) => x, + None => Err(RunDeployError::NodeNotFound(node_name.to_owned()))?, + }; let profile = match node.node_settings.profiles.get(profile_name) { Some(x) => x, - None => { - return Err(RunDeployError::ProfileNotFound(profile_name.to_owned())) - } + None => Err(RunDeployError::ProfileNotFound(profile_name.to_owned()))?, }; - if !profiles_list.iter().any(|(n, _)| n == profile_name) { - profiles_list.push((&profile_name, profile)); - } + vec![( + &deploy_flake, + &data, + (node_name.as_str(), node), + (profile_name.as_str(), profile), + )] } + (Some(node_name), None) => { + let node = match data.nodes.get(node_name) { + Some(x) => x, + None => return Err(RunDeployError::NodeNotFound(node_name.to_owned())), + }; - let ll: ToDeploy = profiles_list - .into_iter() - .map(|x| ((node_name.as_str(), node), x)) - .collect(); + let mut profiles_list: Vec<(&str, &deploy::data::Profile)> = Vec::new(); + + for profile_name in [ + node.node_settings.profiles_order.iter().collect(), + node.node_settings.profiles.keys().collect::>(), + ] + .concat() + { + let profile = match node.node_settings.profiles.get(profile_name) { + Some(x) => x, + None => { + return Err(RunDeployError::ProfileNotFound( + profile_name.to_owned(), + )) + } + }; + + if !profiles_list.iter().any(|(n, _)| n == profile_name) { + profiles_list.push((&profile_name, profile)); + } + } - l.extend(ll); - } + profiles_list + .into_iter() + .map(|x| (deploy_flake, data, (node_name.as_str(), node), x)) + .collect() + } + (None, None) => { + let mut l = Vec::new(); + + for (node_name, node) in &data.nodes { + let mut profiles_list: Vec<(&str, &deploy::data::Profile)> = Vec::new(); + + for profile_name in [ + node.node_settings.profiles_order.iter().collect(), + node.node_settings.profiles.keys().collect::>(), + ] + .concat() + { + let profile = match node.node_settings.profiles.get(profile_name) { + Some(x) => x, + None => { + return Err(RunDeployError::ProfileNotFound( + profile_name.to_owned(), + )) + } + }; + + if !profiles_list.iter().any(|(n, _)| n == profile_name) { + profiles_list.push((&profile_name, profile)); + } + } - l - } - (None, Some(_)) => return Err(RunDeployError::ProfileWithoutNode), - }; + let ll: ToDeploy = profiles_list + .into_iter() + .map(|x| (deploy_flake, data, (node_name.as_str(), node), x)) + .collect(); - let mut parts: Vec<(deploy::DeployData, deploy::DeployDefs)> = Vec::new(); + l.extend(ll); + } - for ((node_name, node), (profile_name, profile)) in to_deploy { + l + } + (None, Some(_)) => return Err(RunDeployError::ProfileWithoutNode), + }; + Ok(to_deploys) + }) + .collect::, RunDeployError>>()? + .into_iter() + .flatten() + .collect(); + + let mut parts: Vec<( + &deploy::DeployFlake<'_>, + deploy::DeployData, + deploy::DeployDefs, + )> = Vec::new(); + + for (deploy_flake, data, (node_name, node), (profile_name, profile)) in to_deploy { let deploy_data = deploy::make_deploy_data( &data.generic_settings, node, @@ -479,7 +530,7 @@ async fn run_deploy( let deploy_defs = deploy_data.defs()?; - parts.push((deploy_data, deploy_defs)); + parts.push((deploy_flake, deploy_data, deploy_defs)); } if interactive { @@ -488,7 +539,7 @@ async fn run_deploy( print_deployment(&parts[..])?; } - for (deploy_data, deploy_defs) in &parts { + for (deploy_flake, deploy_data, deploy_defs) in &parts { deploy::push::push_profile(deploy::push::PushProfileData { supports_flakes, check_sigs, @@ -502,8 +553,32 @@ async fn run_deploy( .await?; } - for (deploy_data, deploy_defs) in &parts { - deploy::deploy::deploy_profile(&deploy_data, &deploy_defs, dry_activate).await?; + let mut succeeded: Vec<(&deploy::DeployData, &deploy::DeployDefs)> = vec![]; + + // Run all deployments + // In case of an error rollback any previoulsy made deployment. + // Rollbacks adhere to the global seeting to auto_rollback and secondary + // the profile's configuration + for (_, deploy_data, deploy_defs) in &parts { + if let Err(e) = deploy::deploy::deploy_profile(deploy_data, deploy_defs, dry_activate).await { + error!("{}", e); + if dry_activate { + info!("dry run, not rolling back"); + } + info!("Revoking previous deploys"); + if rollback_succeeded && cmd_overrides.auto_rollback.unwrap_or(true) { + // revoking all previous deploys + // (adheres to profile configuration if not set explicitely by + // the command line) + for (deploy_data, deploy_defs) in &succeeded { + if deploy_data.merged_settings.auto_rollback.unwrap_or(true) { + deploy::deploy::revoke(*deploy_data, *deploy_defs).await?; + } + } + } + break; + } + succeeded.push((deploy_data, deploy_defs)) } Ok(()) @@ -538,7 +613,16 @@ async fn run() -> Result<(), RunError> { deploy::LoggerType::Deploy, )?; - let deploy_flake = deploy::parse_flake(opts.flake.as_str())?; + let deploys = opts.clone().targets.unwrap_or_else(|| { + opts.clone() + .target + .unwrap_or(Some(vec![".".to_string()])) + }); + + let deploy_flakes: Vec = deploys + .iter() + .map(|f| deploy::parse_flake(f.as_str())) + .collect::, ParseFlakeError>>()?; let cmd_overrides = deploy::CmdOverrides { ssh_user: opts.ssh_user, @@ -560,26 +644,26 @@ async fn run() -> Result<(), RunError> { } if !opts.skip_checks { - check_deployment(supports_flakes, deploy_flake.repo, &opts.extra_build_args).await?; + for deploy_flake in deploy_flakes.iter() { + check_deployment(supports_flakes, deploy_flake.repo, &opts.extra_build_args).await?; + } } - - let data = get_deployment_data(supports_flakes, &deploy_flake, &opts.extra_build_args).await?; - let result_path = opts.result_path.as_deref(); - + let data = get_deployment_data(supports_flakes, &deploy_flakes, &opts.extra_build_args).await?; run_deploy( - deploy_flake, + deploy_flakes, data, supports_flakes, opts.checksigs, opts.interactive, - cmd_overrides, + &cmd_overrides, opts.keep_result, result_path, &opts.extra_build_args, opts.debug_logs, - opts.log_dir, opts.dry_activate, + &opts.log_dir, + opts.rollback_succeeded.unwrap_or(true), ) .await?; -- cgit v1.2.3 From 1d88b8409ed24efd52889c73a0938a2ab29d3022 Mon Sep 17 00:00:00 2001 From: Alexander Bantyev Date: Tue, 22 Jun 2021 14:57:50 +0300 Subject: Cargo fmt --- src/bin/activate.rs | 6 +++++- src/bin/deploy.rs | 12 ++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) (limited to 'src/bin') diff --git a/src/bin/activate.rs b/src/bin/activate.rs index 6e18652..9cf8819 100644 --- a/src/bin/activate.rs +++ b/src/bin/activate.rs @@ -390,7 +390,11 @@ pub async fn activate( debug!("Running activation script"); - let activation_location = if dry_activate { &closure } else { &profile_path }; + let activation_location = if dry_activate { + &closure + } else { + &profile_path + }; let activate_status = match Command::new(format!("{}/deploy-rs-activate", activation_location)) .env("PROFILE", activation_location) diff --git a/src/bin/deploy.rs b/src/bin/deploy.rs index 4419ef1..7f6fd20 100644 --- a/src/bin/deploy.rs +++ b/src/bin/deploy.rs @@ -560,7 +560,8 @@ async fn run_deploy( // Rollbacks adhere to the global seeting to auto_rollback and secondary // the profile's configuration for (_, deploy_data, deploy_defs) in &parts { - if let Err(e) = deploy::deploy::deploy_profile(deploy_data, deploy_defs, dry_activate).await { + if let Err(e) = deploy::deploy::deploy_profile(deploy_data, deploy_defs, dry_activate).await + { error!("{}", e); if dry_activate { info!("dry run, not rolling back"); @@ -613,11 +614,10 @@ async fn run() -> Result<(), RunError> { deploy::LoggerType::Deploy, )?; - let deploys = opts.clone().targets.unwrap_or_else(|| { - opts.clone() - .target - .unwrap_or(Some(vec![".".to_string()])) - }); + let deploys = opts + .clone() + .targets + .unwrap_or_else(|| vec![opts.clone().target.unwrap_or(".".to_string())]); let deploy_flakes: Vec = deploys .iter() -- cgit v1.2.3