Blaze is a service designed to automatically update Docker Swarm services based on GitHub package releases. This document explains how to deploy and configure Blaze using Docker Compose.
Before setting up Blaze, ensure you have the following:
- Docker Swarm up and running.
- Access to GitHub repositories for receiving webhooks.
- Access to a Portainer instance to manage Docker stacks.
- Environment variables set:
SECRET
: A secret key used for webhook payload verification.PORTAINER_TOKEN
: Token for accessing the Portainer API.PORTAINER_URL
: URL of your Portainer instance.
-
Configure Environment Variables in Portainer:
- Log in to your Portainer instance.
- Go to the "Stacks" section.
- Create a new stack or edit an existing one.
- In the stack configuration, navigate to the "Environment" section.
- Add the following environment variables:
SECRET
: Your secret key used for webhook payload verification.PORTAINER_TOKEN
: Token for accessing the Portainer API.PORTAINER_URL
: URL of your Portainer instance.
-
Update Stack Configuration in Portainer:
- Copy and paste the following stack configuration into the Compose Editor:
version: '3.7' services: hooks: image: 'ghcr.io/itmr-dev/blaze:latest' deploy: replicas: 1 update_config: delay: 10s failure_action: rollback order: start-first labels: - 'blaze.update' environment: - SECRET=${SECRET} - PORTAINER_TOKEN=${PORTAINER_TOKEN} - PORTAINER_URL=${PORTAINER_URL} networks: - portainer_agent_network networks: portainer_agent_network: external: true
- Ensure that you replace
${SECRET}
,${PORTAINER_TOKEN}
, and${PORTAINER_URL}
with your actual values.
-
Deploy Blaze: Deploy the Blaze service by starting or updating the stack in Portainer.
-
Label Services: Add the
blaze.update
label to every service you want to automatically update when a new package is released.
- Blaze listens for incoming webhooks from GitHub.
- When a webhook is received, Blaze verifies the payload signature using the provided secret.
- If the webhook action is 'published', Blaze proceeds to extract the package URL from the payload.
- Blaze queries the Docker Swarm for running stacks.
- For each stack found, Blaze checks if there are services with the label 'blaze.update' and matching the released package URL.
- If matches are found, Blaze updates the corresponding stacks with the new package.
- Blaze responds to GitHub with the status of the update process.
Click to expand: Setup with Traefik
Extend your Docker Compose file to include Traefik configuration for routing and SSL termination:
version: '3.7'
services:
hooks:
image: 'ghcr.io/itmr-dev/blaze:latest'
deploy:
replicas: 1
update_config:
delay: 10s
failure_action: rollback
order: start-first
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.blaze.rule=Host(`blaze.example.com`)'
- 'traefik.http.routers.blaze.entrypoints=https'
- 'traefik.http.routers.blaze.tls=true'
- 'traefik.http.services.blaze.loadbalancer.server.port=80'
- 'blaze.update'
environment:
- SECRET=${SECRET}
- PORTAINER_TOKEN=${PORTAINER_TOKEN}
- PORTAINER_URL=${PORTAINER_URL}
networks:
- proxy
- portainer_agent_network
networks:
proxy:
external: true
portainer_agent_network:
external: true
Replace blaze.example.com
with your desired domain name for accessing Blaze. Ensure that Traefik is properly configured to handle HTTPS requests and route them to the Blaze service.
Choose the appropriate setup based on your infrastructure requirements. If you encounter any issues or have further questions, please refer to the GitHub repository or reach out to the maintainers.