From 62c146a998924ce93ecdb4f92d05473ef195f5ba Mon Sep 17 00:00:00 2001
From: Riku Rouvila <riku.rouvila@gmail.com>
Date: Wed, 18 Sep 2024 14:40:28 +0300
Subject: [PATCH] try different approach for networking so dependencies wouldnt
 have to be restarted

---
 infrastructure/deployment/deploy.sh   |  12 +--
 infrastructure/docker-compose.app.yml | 113 +++++++++++++++-----------
 2 files changed, 67 insertions(+), 58 deletions(-)

diff --git a/infrastructure/deployment/deploy.sh b/infrastructure/deployment/deploy.sh
index 37fba077..93053641 100755
--- a/infrastructure/deployment/deploy.sh
+++ b/infrastructure/deployment/deploy.sh
@@ -302,22 +302,13 @@ docker_stack_deploy() {
 
   EXISTING_STACKS=$(configured_ssh 'docker stack ls --format "{{ .Name }}" | grep -v "dependencies" | paste -sd "," -')
 
-  configured_rsync -rlD $SSH_USER@$SSH_HOST:/opt/opencrvs/infrastructure/docker-compose.dependencies.yml ./infrastructure/docker-compose.dependencies.yml
-
-  REFRESH_DEPENDENCY_NETWORKS=false
-
   if echo $EXISTING_STACKS | grep -w $STACK > /dev/null; then
     echo "Stack $STACK exists"
-    npx tsx infrastructure/deployment/add-networks.ts infrastructure/docker-compose.dependencies.yml "$EXISTING_STACKS" > ./docker-compose.dependencies.yml
   else
     echo "Stack $STACK doesnt exist. Creating"
-    REFRESH_DEPENDENCY_NETWORKS=true
-    npx tsx infrastructure/deployment/add-networks.ts infrastructure/docker-compose.dependencies.yml "$EXISTING_STACKS,$STACK" > ./docker-compose.dependencies.yml
   fi
 
-  configured_rsync -rlD ./docker-compose.dependencies.yml $SSH_USER@$SSH_HOST:/opt/opencrvs/infrastructure/docker-compose.dependencies.yml
-
-  if [ "$REFRESH_DEPENDENCY_NETWORKS" = true ] || [ "$UPDATE_DEPENDENCIES" = true ]; then
+  if [ "$UPDATE_DEPENDENCIES" = true ]; then
     echo "Updating dependency stack"
     configured_ssh 'cd /opt/opencrvs && \
       docker stack deploy --prune -c '$(split_and_join " " " -c " "$(to_remote_paths $DEPENDENCY_COMPOSE_FILES)")' --with-registry-auth dependencies'
@@ -326,7 +317,6 @@ docker_stack_deploy() {
   configured_ssh 'cd /opt/opencrvs && \
     docker stack deploy --prune -c '$(split_and_join " " " -c " "$(to_remote_paths $APPLICATION_COMPOSE_FILES)")' --with-registry-auth '$STACK
 
-
 }
 
 validate_options
diff --git a/infrastructure/docker-compose.app.yml b/infrastructure/docker-compose.app.yml
index 8d807c87..65d9aa3a 100644
--- a/infrastructure/docker-compose.app.yml
+++ b/infrastructure/docker-compose.app.yml
@@ -19,8 +19,9 @@ services:
       - source: hearth-ext-conf.{{ts}}
         target: /src/hearth/config/queryparam-extensions.json
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -46,8 +47,9 @@ services:
       labels:
         - 'traefik.enable=false'
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -70,7 +72,7 @@ services:
         - 'traefik.http.routers.${STACK}__countryconfig.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__countryconfig.entrypoints=web,websecure'
         - 'traefik.http.routers.${STACK}__countryconfig.middlewares=gzip-compression'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
         - 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.Pragma=no-cache'
         - 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.Cache-control=no-store'
         - 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.X-Robots-Tag=none'
@@ -117,8 +119,9 @@ services:
       - INFOBIP_SENDER_ID=${INFOBIP_SENDER_ID:-}
       - DOMAIN=${STACK}.{{hostname}}
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -143,7 +146,7 @@ services:
         - 'traefik.http.routers.${STACK}__login.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__login.entrypoints=web,websecure'
         - 'traefik.http.routers.${STACK}__login.middlewares=gzip-compression'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
         - 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.Pragma=no-cache'
         - 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.Cache-control=no-store'
         - 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.X-Robots-Tag=none'
@@ -152,8 +155,9 @@ services:
         - 'traefik.http.middlewares.${STACK}__login.headers.stspreload=true'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -180,7 +184,7 @@ services:
         - 'traefik.http.routers.${STACK}__client.tls.domains[0].main=${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__client.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__client.entrypoints=web,websecure'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
 
         - 'traefik.http.middlewares.${STACK}__test-replacepathregex.redirectregex.permanent=true'
         - 'traefik.http.middlewares.${STACK}__test-replacepathregex.redirectregex.regex=^https?://${STACK}.{{hostname}}/(.*)'
@@ -193,8 +197,9 @@ services:
         - 'traefik.http.middlewares.${STACK}__client.headers.stspreload=true'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -244,7 +249,7 @@ services:
         - 'traefik.http.routers.${STACK}__gateway.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__gateway.entrypoints=web,websecure'
         - 'traefik.http.routers.${STACK}__gateway.middlewares=gzip-compression'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
         - 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.Pragma=no-cache'
         - 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.Cache-control=no-store'
         - 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.X-Robots-Tag=none'
@@ -253,8 +258,9 @@ services:
         - 'traefik.http.middlewares.${STACK}__gateway.headers.stspreload=true'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -288,8 +294,9 @@ services:
         - 'traefik.enable=false'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -318,8 +325,9 @@ services:
         - 'traefik.enable=false'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -342,8 +350,9 @@ services:
     volumes:
       - '/opt/opencrvs/infrastructure/elasticsearch:/usr/app'
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     deploy:
       labels:
         - 'traefik.enable=false'
@@ -390,8 +399,9 @@ services:
         - 'traefik.enable=false'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -431,7 +441,7 @@ services:
         - 'traefik.http.routers.${STACK}__auth.tls.domains[0].main=${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__auth.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__auth.entrypoints=web,websecure'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
         - 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.Pragma=no-cache'
         - 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.Cache-control=no-store'
         - 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.X-Robots-Tag=none'
@@ -440,8 +450,9 @@ services:
         - 'traefik.http.middlewares.${STACK}__auth.headers.stspreload=true'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -471,8 +482,9 @@ services:
         - 'traefik.enable=false'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -506,7 +518,7 @@ services:
         - 'traefik.http.routers.${STACK}__webhooks.tls.domains[0].main=${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__webhooks.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__webhooks.entrypoints=web,websecure'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
         - 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.Pragma=no-cache'
         - 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.Cache-control=no-store'
         - 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.X-Robots-Tag=none'
@@ -515,8 +527,9 @@ services:
         - 'traefik.http.middlewares.${STACK}__webhooks.headers.stspreload=true'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -557,7 +570,7 @@ services:
         - 'traefik.http.routers.${STACK}__config.tls.domains[0].main=${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__config.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__config.entrypoints=web,websecure'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
         - 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.Pragma=no-cache'
         - 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.Cache-control=no-store'
         - 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.X-Robots-Tag=none'
@@ -569,8 +582,9 @@ services:
         - 'traefik.http.routers.${STACK}__block-dashboard-queries.middlewares=${STACK}__block-internal-routes'
       replicas: 1
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -599,8 +613,9 @@ services:
       - MINIO_BUCKET=${STACK}--ocrvs
       - COUNTRY_CONFIG_URL=http://countryconfig.{{STACK}}_{{STACK}}_app_net:3040
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -618,8 +633,9 @@ services:
       labels:
         - 'traefik.enable=false'
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -658,8 +674,9 @@ services:
       restart_policy:
         condition: on-failure
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -693,8 +710,9 @@ services:
       - WEBHOOKS_MONGODB_PASSWORD=${WEBHOOKS_MONGODB_PASSWORD}
       - NOTIFICATION_MONGODB_PASSWORD=${NOTIFICATION_MONGODB_PASSWORD}
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     logging:
       driver: gelf
       options:
@@ -708,8 +726,9 @@ services:
       # Exceed Docker config file 500 kb file limit, thus a volume mount
       - /opt/opencrvs/infrastructure/metabase/metabase.init.db.sql:/metabase.init.db.sql
     networks:
-      - {{STACK}}_app_net
-      - dependencies_{{STACK}}_dependencies_net
+      {{STACK}}_app_net:
+      dependencies_internal_net:
+        aliases: []
     environment:
       - QA_ENV=true
       - HOST=0.0.0.0
@@ -737,7 +756,7 @@ services:
         - 'traefik.http.routers.${STACK}__metabase.tls.domains[0].main=${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__metabase.tls.domains[0].sans=*.${STACK}.{{hostname}}'
         - 'traefik.http.routers.${STACK}__metabase.entrypoints=web,websecure'
-        - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
+        - 'traefik.docker.network=dependencies_internal_net'
         - 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.Pragma=no-cache'
         - 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.Cache-control=no-store'
         - 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.X-Robots-Tag=none'
@@ -761,7 +780,7 @@ configs:
   mongo-on-deploy.{{ts}}:
     file: /opt/opencrvs/infrastructure/mongodb/on-deploy.sh
 networks:
-  dependencies_{{STACK}}_dependencies_net:
+  dependencies_internal_net:
     external: true
   {{STACK}}_app_net:
     driver: overlay