From f1ab3dab2adf9adbad125dc3514aada4b2076f67 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 11 Oct 2024 01:12:05 +0000 Subject: [PATCH] Upgrade kamal from 1.9.1 to 2.2.2 Bumps [kamal](https://github.com/basecamp/kamal) from 1.9.1 to 2.2.2. - [Release notes](https://github.com/basecamp/kamal/releases) - [Commits](https://github.com/basecamp/kamal/compare/v1.9.1...v2.2.2) --- updated-dependencies: - dependency-name: kamal dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .kamal/hooks/pre-connect | 43 ---------------------------------------- .kamal/secrets | 11 ++++++++++ Gemfile | 4 ++-- Gemfile.lock | 25 ++++++++--------------- config/deploy.yml | 26 ++++++++++++------------ 5 files changed, 34 insertions(+), 75 deletions(-) delete mode 100755 .kamal/hooks/pre-connect create mode 100644 .kamal/secrets diff --git a/.kamal/hooks/pre-connect b/.kamal/hooks/pre-connect deleted file mode 100755 index 133bddf7..00000000 --- a/.kamal/hooks/pre-connect +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/env ruby - -require "bundler/inline" - -# true = install gems so this is fast on repeat invocations -gemfile(true, quiet: true) do - source "https://rubygems.org" - - gem "benchmark" -end - -hosts = ENV["KAMAL_HOSTS"].split(",") -results = nil -MAX_ATTEMPTS = 3 - -elapsed = Benchmark.realtime do - results = hosts.map do |host| - Thread.new do - attempts = 1 - - begin - Socket.getaddrinfo(host, 0, Socket::AF_UNSPEC, Socket::SOCK_STREAM, nil, Socket::AI_CANONNAME) - rescue SocketError - if attempts < MAX_ATTEMPTS - puts "Retrying DNS warmup: #{host}" - attempts += 1 - sleep rand - retry - else - puts "DNS warmup failed: #{host}" - host - end - end - - attempts - end - end.map(&:value) -end - -retries = results.sum - hosts.size -failures = results.count { |r| r == MAX_ATTEMPTS } - -puts "Prewarmed %d DNS lookups in %.2f seconds: %d retries, %d failures" % [hosts.size, elapsed, retries, failures] diff --git a/.kamal/secrets b/.kamal/secrets new file mode 100644 index 00000000..4f9afe72 --- /dev/null +++ b/.kamal/secrets @@ -0,0 +1,11 @@ +KAMAL_REGISTRY_USERNAME=$KAMAL_REGISTRY_USERNAME +KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD + +RAILS_MASTER_KEY=$RAILS_MASTER_KEY + +REDIS_URL=$REDIS_URL + +LITESTREAM_ACCESS_KEY_ID=$LITESTREAM_ACCESS_KEY_ID +LITESTREAM_SECRET_ACCESS_KEY=$LITESTREAM_SECRET_ACCESS_KEY +LITESTREAM_BUCKET=$LITESTREAM_BUCKET +LITESTREAM_REGION=$LITESTREAM_REGION diff --git a/Gemfile b/Gemfile index 318939ac..54c01cd7 100644 --- a/Gemfile +++ b/Gemfile @@ -3,10 +3,10 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby file: ".ruby-version" -gem "dotenv-rails" - gem "rails", github: "rails/rails" +gem "dotenv-rails", require: "dotenv/load" + # Drivers gem "sqlite3" gem "puma" diff --git a/Gemfile.lock b/Gemfile.lock index af35a532..7d9b1f28 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -106,10 +106,6 @@ GEM activesupport (>= 5.2.0) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) - airrecord (1.0.12) - faraday (>= 1.0, < 3.0) - faraday-net_http_persistent - net-http-persistent appsignal (4.0.9) logger rack @@ -189,10 +185,10 @@ GEM irb (~> 1.10) reline (>= 0.3.8) debug_inspector (1.2.0) - dotenv (2.8.1) - dotenv-rails (2.8.1) - dotenv (= 2.8.1) - railties (>= 3.2) + dotenv (3.1.4) + dotenv-rails (3.1.4) + dotenv (= 3.1.4) + railties (>= 6.1) drb (2.2.1) ed25519 (1.3.0) erubi (1.13.0) @@ -206,9 +202,6 @@ GEM faraday (>= 1, < 3) faraday-net_http (3.3.0) net-http - faraday-net_http_persistent (2.1.0) - faraday (~> 2.5) - net-http-persistent (~> 4.0) ferrum (0.15) addressable (~> 2.5) concurrent-ruby (~> 1.1) @@ -249,16 +242,16 @@ GEM activesupport (>= 5.0.0) jmespath (1.6.2) json (2.7.2) - kamal (1.9.1) + kamal (2.2.2) activesupport (>= 7.0) base64 (~> 0.2) bcrypt_pbkdf (~> 1.0) concurrent-ruby (~> 1.2) - dotenv (~> 2.8) + dotenv (~> 3.1) ed25519 (~> 1.2) net-ssh (~> 7.0) sshkit (>= 1.23.0, < 2.0) - thor (~> 1.2) + thor (~> 1.3) zeitwerk (~> 2.5) language_server-protocol (3.17.0.3) launchy (3.0.1) @@ -295,8 +288,6 @@ GEM msgpack (1.7.2) net-http (0.4.1) uri - net-http-persistent (4.0.2) - connection_pool (~> 2.2) net-imap (0.4.16) date net-protocol @@ -310,7 +301,7 @@ GEM net-ssh (>= 5.0.0, < 8.0.0) net-smtp (0.5.0) net-protocol - net-ssh (7.2.3) + net-ssh (7.3.0) nio4r (2.7.3) nokogiri (1.16.7-aarch64-linux) racc (~> 1.4) diff --git a/config/deploy.yml b/config/deploy.yml index 01c08d56..8a864154 100644 --- a/config/deploy.yml +++ b/config/deploy.yml @@ -1,7 +1,9 @@ -minimum_version: 1.1.0 +<% ENV["RAILS_ENV"] = "production" %> +<% require_relative "config/application" %> -service: hackathons +minimum_version: 2.2.2 +service: hackathons image: hackclub/hackathons servers: @@ -27,7 +29,7 @@ registry: - KAMAL_REGISTRY_PASSWORD builder: - multiarch: false + arch: amd64 cache: type: gha options: mode=max @@ -40,8 +42,12 @@ env: - RAILS_MASTER_KEY - REDIS_URL +asset_path: "/hackathons/public/assets" volumes: ["hackathons-storage:/hackathons/storage"] +proxy: + app_port: 3000 + accessories: litestream: roles: ["web"] @@ -51,13 +57,7 @@ accessories: cmd: replicate env: secret: - - LITESTREAM_ACCESS_KEY_ID - - LITESTREAM_SECRET_ACCESS_KEY - - LITESTREAM_BUCKET - - LITESTREAM_REGION - -asset_path: "/hackathons/public/assets" - -traefik: - args: - entrypoints.web.forwardedHeaders.trustedIPs: 10.0.0.0/8 + <% %w[BUCKET REGION ACCESS_KEY_ID SECRET_ACCESS_KEY].each do |secret| %> + <% ENV["LITESTREAM_#{secret}"] = Rails.application.credentials.aws!.fetch(secret.downcase.to_sym) %> + - LITESTREAM_<%= secret %> + <% end %>