platforms/cocottetech
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
cocottetech/scripts/cloud-bringup.sh
Natalie a12eedd2e0 docs: initialize placement-market feature design (client-facing discovery & placements marketplace) per approved plan 
- README, parent brief with Key Decisions + 8-PR DAG
- placement-discovery sub-brief, specialist contract, screen
- 2 review rounds to 0 issues, all fixes applied
- Follows prospecting patterns, all V4 invariants, citations
2026-06-27 16:20:17 -04:00

70 lines
3.2 KiB
Bash
Executable file
Raw Permalink Blame History

#!/usr/bin/env bash
# One-shot DigitalOcean bring-up + smoke for cocottetech cloud DX.
# Run it *yourself* (human) so the git push/clone and DO operations happen
# under your authority (agent exfil hard-deny + DO billing consent).
#
# It does:
# 1. packer build of the golden image (from the forge remote)
# 2. dist:up 1 worker (beefy size)
# 3. dist:typecheck (the fast, representative smoke for the TS platform)
# 4. dist:down on exit (trap)
#
# Launch in background and review log:
# nohup bash scripts/cloud-bringup.sh > ~/cocotte-cloud-bringup.log 2>&1 &
# # later: less ~/cocotte-cloud-bringup.log
#
# Reads secrets only from ~/.vault/ (do_pat_cocotte + cocotte_forge_creds populated by forge:up).
# After first successful run you will have a working golden image + the fleet pattern proven.
set -uo pipefail
REPO="$HOME/Code/@projects/@cocottetech"
cd "$REPO" || exit 1
# --- auth (from vault) ---
export DIGITALOCEAN_TOKEN; DIGITALOCEAN_TOKEN="$(cat ~/.vault/do_pat_cocotte 2>/dev/null || true)"
[ -n "$DIGITALOCEAN_TOKEN" ] || { echo "no ~/.vault/do_pat_cocotte — see docs/CLOUD_DX_HANDOFF.md" >&2; exit 1; }
export TF_VAR_do_token="$DIGITALOCEAN_TOKEN"
# shellcheck disable=SC1090
. ~/.vault/cocotte_forge_creds 2>/dev/null || { echo "no ~/.vault/cocotte_forge_creds — run ./run forge:up first" >&2; exit 1; }
GITR="http://${ADMIN_USER}:${ADMIN_PASS}@${FORGE_IP}:3000/cocotte/cocottetech.git"
export TF_VAR_git_remote="$GITR"
export PKR_VAR_git_remote="$GITR"
PKR_VAR_fleet_pubkey="$(cat ~/.ssh/id_cocotte_fleet.pub)"; export PKR_VAR_fleet_pubkey
# Add the fleet key so dispatch (ssh as cocotte@worker) works
ssh-add ~/.ssh/id_cocotte_fleet 2>/dev/null || true
echo "########## $(date) — cocottetech DO cloud bring-up starting ##########"
_teardown() {
echo "########## teardown: ./run dist:down ##########"
./run dist:down 2>&1 | tail -5 || true
echo "forge left UP for inspection — './run forge:down' to park it (~\$0.30/mo idle)."
}
trap _teardown EXIT
echo "=== [1/4] packer build golden image (node/pnpm toolchain + warm clone + pnpm install; ~15-40 min) ==="
( cd infra/packer && \
packer init golden-image.pkr.hcl >/dev/null && \
packer build -var "git_remote=${GITR}" -var "fleet_pubkey=$(cat ~/.ssh/id_cocotte_fleet.pub)" golden-image.pkr.hcl ) \
|| { echo "!!! PACKER BUILD FAILED — see above. Stopping."; exit 1; }
echo "=== [2/4] dist:up 1 worker (s-8vcpu-16gb-amd) ==="
./run dist:up 1 s-8vcpu-16gb-amd || { echo "!!! dist:up FAILED"; exit 1; }
echo " waiting 60s for worker cloud-init (key copy + git pull + pnpm ready) to settle ..."
sleep 60
echo "=== [3/4] dist:typecheck on the worker (fast representative smoke for @platform TS monorepo) ==="
time ./run dist:typecheck || echo " (dist:typecheck returned nonzero — inspect log above)"
echo "=== [4/4] (optional) dist:test:unit if you want more coverage — skipped for bring-up speed ==="
# ./run dist:test # uncomment if you want full test on the first bring-up
echo "########## $(date) — bring-up done. Worker will be torn down on exit (trap). ##########"
echo "Review the log. Golden image is now available for future ./run dist:up N runs."
echo "Next time you can just ./run dist:up N ; ./run dist:typecheck ; ./run dist:down"
Reference in a new issue View git blame Copy permalink