Skip to content
/ blaze Public

blazing fast and simple redeploys using GitHub webooks and dockerized portainer swarm

Notifications You must be signed in to change notification settings

itmr-dev/blaze

Repository files navigation

blaze logo

Blaze

itmr-dev - blaze prod ci issues - blaze

Blaze is a service designed to automatically update Docker Swarm services based on GitHub package releases. This document explains how to deploy and configure Blaze using Docker Compose.

Prerequisites

Before setting up Blaze, ensure you have the following:

  • Docker Swarm up and running.
  • Access to GitHub repositories for receiving webhooks.
  • Access to a Portainer instance to manage Docker stacks.
  • Environment variables set:
    • SECRET: A secret key used for webhook payload verification.
    • PORTAINER_TOKEN: Token for accessing the Portainer API.
    • PORTAINER_URL: URL of your Portainer instance.

Setup

  1. Configure Environment Variables in Portainer:

    • Log in to your Portainer instance.
    • Go to the "Stacks" section.
    • Create a new stack or edit an existing one.
    • In the stack configuration, navigate to the "Environment" section.
    • Add the following environment variables:
      • SECRET: Your secret key used for webhook payload verification.
      • PORTAINER_TOKEN: Token for accessing the Portainer API.
      • PORTAINER_URL: URL of your Portainer instance.
  2. Update Stack Configuration in Portainer:

    • Copy and paste the following stack configuration into the Compose Editor:
    version: '3.7'
    services:
      hooks:
        image: 'ghcr.io/itmr-dev/blaze:latest'
        deploy:
          replicas: 1
          update_config:
            delay: 10s
            failure_action: rollback
            order: start-first
          labels:
            - 'blaze.update'
        environment:
          - SECRET=${SECRET}
          - PORTAINER_TOKEN=${PORTAINER_TOKEN}
          - PORTAINER_URL=${PORTAINER_URL}
        networks:
          - portainer_agent_network
    
    networks:
      portainer_agent_network:
        external: true
    • Ensure that you replace ${SECRET}, ${PORTAINER_TOKEN}, and ${PORTAINER_URL} with your actual values.
  3. Deploy Blaze: Deploy the Blaze service by starting or updating the stack in Portainer.

  4. Label Services: Add the blaze.update label to every service you want to automatically update when a new package is released.

How It Works

  1. Blaze listens for incoming webhooks from GitHub.
  2. When a webhook is received, Blaze verifies the payload signature using the provided secret.
  3. If the webhook action is 'published', Blaze proceeds to extract the package URL from the payload.
  4. Blaze queries the Docker Swarm for running stacks.
  5. For each stack found, Blaze checks if there are services with the label 'blaze.update' and matching the released package URL.
  6. If matches are found, Blaze updates the corresponding stacks with the new package.
  7. Blaze responds to GitHub with the status of the update process.

Blaze Service with Traefik

Click to expand: Setup with Traefik

Setup with Traefik

Extend your Docker Compose file to include Traefik configuration for routing and SSL termination:

version: '3.7'
services:
  hooks:
    image: 'ghcr.io/itmr-dev/blaze:latest'
    deploy:
      replicas: 1
      update_config:
        delay: 10s
        failure_action: rollback
        order: start-first
      labels:
        - 'traefik.enable=true'
        - 'traefik.http.routers.blaze.rule=Host(`blaze.example.com`)'
        - 'traefik.http.routers.blaze.entrypoints=https'
        - 'traefik.http.routers.blaze.tls=true'
        - 'traefik.http.services.blaze.loadbalancer.server.port=80'
        - 'blaze.update'
    environment:
      - SECRET=${SECRET}
      - PORTAINER_TOKEN=${PORTAINER_TOKEN}
      - PORTAINER_URL=${PORTAINER_URL}
    networks:
      - proxy
      - portainer_agent_network

networks:
  proxy:
    external: true
  portainer_agent_network:
    external: true

Replace blaze.example.com with your desired domain name for accessing Blaze. Ensure that Traefik is properly configured to handle HTTPS requests and route them to the Blaze service.



Choose the appropriate setup based on your infrastructure requirements. If you encounter any issues or have further questions, please refer to the GitHub repository or reach out to the maintainers.

About

blazing fast and simple redeploys using GitHub webooks and dockerized portainer swarm

Resources

Stars

Watchers

Forks

Packages