Skip to content

Deploy services with Welder

Welder supports welder deploy command that intends to deploy your service. Your service or application may understand different things by "deployment", i.e. it could be just publishing a new version of the library to the remote repository or upload of some files to S3.

Generic deployments

Generic deployment steps are pretty much the same as build steps, the difference is that every deployment assumes that it should be deployed to a specific "environment". To specify what environments you'd like to deploy your service to you need to add environments section under deploy section in the descriptor:

# ...
modules:
  - name: myservice
    deploy:
      environments:
        development:
          autoDeploy: true # this is important when generating Bamboo/BBP configuration to allow automatic deployment
        production: {}
      steps:
        - step:
            runOn: host
            script:
              - gcloud storage cp ${project:root}/myservice.zip gs://my-bucket-${project:env}
# ...
In the example above we assume that some zip archive is produced after the build step, and it should be uploaded to gcloud storage bucket. Depending on which environment is provided to welder deploy command, the gs://my-bucket-<env> argument will be set to development or production.

Note

${project:env} expression gets replaced with the actual value when you invoke a deployment command. For welder deploy -e ddev it will be replaced with ddev.

Pushed images summary

After pushing Docker images Welder generates some files under .welder-out directory. These files are used by Welder while running deployment steps to supply fully resolved Docker digests and tags of all pushed images. They are automatically set by Welder as environment variables supplied to deploy steps.

At first there is a file called .welder-out/docker.yaml used by Welder when it runs deployment steps.

Another file generated by Welder is called .welder-out/docker-pushed-images.sh. It can be used in scripts or passed to other tools, such as Bitbucket Pipelines pipes. The file contains a list of environment variables that can be used to access pushed images.

# ...
modules:
  - name: myservice
    dockerImages:
      - name: main-image
        dockerFile: ${project:root}/Dockerfile
        tags:
          - docker.simple-container.com/dev/myservice:latest
    deploy:
      steps:
        - task: deploy
# ...
Given the example above the contents of this file may look like:

export MYSERVICE_MAIN_IMAGE_TAG=latest
export MYSERVICE_MAIN_IMAGE_IMAGE=docker.simple-container.com/dev/myservice
export MYSERVICE_MAIN_IMAGE_DIGEST=sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870
export MYSERVICE_MAIN_IMAGE_0_TAG=latest
export MYSERVICE_MAIN_IMAGE_0_IMAGE=docker.simple-container.com/dev/myservice
export MYSERVICE_MAIN_IMAGE_0_DIGEST=sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870

Running Bitbucket pipes

Welder can run Bitbucket Pipeline Pipes without any additional changes to bitbucket-pipelines.yml file. You can simply reference a pipe by its name:

# ...
modules:
  - name: myservice
    dockerImages:
      - name: main-image
        dockerFile: ${project:root}/Dockerfile
        tags:
          - docker.simple-container.com/dev/myservice:latest
    deploy:
      env:
        SERVICE_NAME: myservice
        SERVICE_DESCRIPTOR: ${project:root}/myservice.sd.yml
        BEFORE_SCRIPT: ". ${project:root}/.welder-out/docker-pushed-images.sh"
      steps:
        - pipe: docker://docker.simple-container.com/mycompany/deploy:latest
# ...

Note

When pipe is invoked directly from welder.yaml, environment variables are set through env within deploy section in contrast to bitbucket-pipelines.yml file where there is an additional variables section added to pipe.

To allow running mycompany/deploy:latest pipe locally you will need to provide a valid TOKEN environment variable, so that the pipe actually works from your local machine. This can be done using a local profile and a task that generates the token:

# ...
profiles:
  local:
    activation:
      if: "!${mode:pipelines} && !${mode:bamboo}"
    build:
      env:
        TOKEN: ${task:generate-token.trim:-}
# ...
tasks:
  generate-token:
    runOn: host
    script:
      - mycompany-token --aud deploy -g mycompany-admin-group -o jwt # some command to output proper token on your laptop

Make sure you've replaced the command with the actual command that generates the deploy token.