#!/usr/bin/env bash # # Full Infrastructure Deployment (RFC 0044) # # Deploys all phases in order with validation between each phase. # This is the recommended way to perform a complete infrastructure rollout. # # Usage: # ./deploy-all.sh [--dry-run] [--skip-validation] [--start-phase <1-5>] # # Prerequisites: # - AWS CLI configured with appropriate credentials # - Terraform >= 1.6.0 # - kubectl # - Helm 3.x # set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # Flags DRY_RUN=false SKIP_VALIDATION=false START_PHASE=1 # Parse arguments while [[ $# -gt 0 ]]; do case $1 in --dry-run) DRY_RUN=true shift ;; --skip-validation) SKIP_VALIDATION=true shift ;; --start-phase) START_PHASE="$2" shift 2 ;; -h|--help) echo "Usage: $0 [--dry-run] [--skip-validation] [--start-phase <1-5>]" echo "" echo "Options:" echo " --dry-run Show what would be done without making changes" echo " --skip-validation Skip validation between phases (not recommended)" echo " --start-phase Start from phase N (for resuming failed deployments)" exit 0 ;; *) echo -e "${RED}Unknown option: $1${NC}" exit 1 ;; esac done log_info() { echo -e "${BLUE}[INFO]${NC} $1" } log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1" } log_warn() { echo -e "${YELLOW}[WARN]${NC} $1" } log_error() { echo -e "${RED}[ERROR]${NC} $1" } run_phase() { local phase="$1" local script="$2" local validation="$3" echo "" echo "========================================" echo "Starting Phase $phase" echo "========================================" echo "" # Run deployment local args=() if [ "$DRY_RUN" = true ]; then args+=("--dry-run") fi if [ -x "$script" ]; then "$script" "${args[@]}" else log_error "Deployment script not found or not executable: $script" exit 1 fi # Run validation if [ "$SKIP_VALIDATION" = false ] && [ -x "$validation" ]; then echo "" log_info "Running validation for Phase $phase..." if ! "$validation"; then log_error "Phase $phase validation failed" echo "" echo "Options:" echo " 1. Fix the issues and re-run: $0 --start-phase $phase" echo " 2. Skip validation: $0 --skip-validation --start-phase $phase" echo " 3. Rollback: ./rollback.sh --phase $phase" exit 1 fi fi # Tag successful deployment if [ "$DRY_RUN" = false ]; then log_info "Tagging Phase $phase deployment..." local tag_name="v0.${phase}.0-phase${phase}" local tag_message="Phase ${phase}: $(get_phase_name "$phase")" git tag -a "$tag_name" -m "$tag_message" 2>/dev/null || log_warn "Tag $tag_name already exists" fi log_success "Phase $phase complete" } get_phase_name() { case "$1" in 1) echo "Foundation Infrastructure" ;; 2) echo "Core Services" ;; 3) echo "DNS and Email" ;; 4) echo "Observability" ;; 5) echo "E2EE Webmail" ;; *) echo "Unknown" ;; esac } main() { echo "========================================" echo "Full Infrastructure Deployment" echo "RFC 0044: Infrastructure Rollout Guide" echo "========================================" echo "" echo "This script will deploy all infrastructure phases in order:" echo " Phase 1: Foundation Infrastructure (RFC 0039)" echo " Phase 2: Core Services (RFC 0040)" echo " Phase 3: DNS and Email (RFC 0041)" echo " Phase 4: Observability (RFC 0042)" echo " Phase 5: E2EE Webmail (RFC 0043) [optional]" echo "" if [ "$DRY_RUN" = true ]; then log_warn "Running in DRY-RUN mode - no changes will be made" echo "" fi if [ "$START_PHASE" -gt 1 ]; then log_info "Starting from Phase $START_PHASE" echo "" fi # Track start time local start_time start_time=$(date +%s) # Phase 1: Foundation if [ "$START_PHASE" -le 1 ]; then run_phase 1 "$SCRIPT_DIR/deploy-phase1-foundation.sh" "$SCRIPT_DIR/validate-phase1.sh" fi # Phase 2: Core Services if [ "$START_PHASE" -le 2 ]; then run_phase 2 "$SCRIPT_DIR/deploy-phase2-core-services.sh" "$SCRIPT_DIR/validate-phase2.sh" fi # Phase 3: DNS and Email if [ "$START_PHASE" -le 3 ]; then run_phase 3 "$SCRIPT_DIR/deploy-phase3-dns-email.sh" "$SCRIPT_DIR/validate-phase3.sh" fi # Phase 4: Observability if [ "$START_PHASE" -le 4 ]; then run_phase 4 "$SCRIPT_DIR/deploy-phase4-observability.sh" "$SCRIPT_DIR/validate-phase4.sh" fi # Phase 5: E2EE Webmail (optional) if [ "$START_PHASE" -le 5 ]; then echo "" log_info "Phase 5 (E2EE Webmail) is optional." read -p "Deploy Phase 5? (yes/no): " deploy_phase5 if [ "$deploy_phase5" = "yes" ]; then run_phase 5 "$SCRIPT_DIR/deploy-phase5-e2ee-webmail.sh" "$SCRIPT_DIR/validate-phase5.sh" else log_info "Skipping Phase 5" fi fi # Calculate duration local end_time end_time=$(date +%s) local duration=$((end_time - start_time)) local minutes=$((duration / 60)) local seconds=$((duration % 60)) # Final release tag if [ "$DRY_RUN" = false ]; then log_info "Creating final release tag..." git tag -a "v1.0.0" -m "Initial Release: Full Infrastructure Stack" 2>/dev/null || log_warn "Tag v1.0.0 already exists" fi echo "" echo "========================================" log_success "Full Infrastructure Deployment Complete!" echo "========================================" echo "" echo "Deployment Summary:" echo " Duration: ${minutes}m ${seconds}s" echo " Phases deployed: $(($START_PHASE > 1 ? 6 - $START_PHASE : 5))" echo "" echo "Post-Deployment Checklist:" echo " [ ] All Prometheus targets UP" echo " [ ] No firing alerts in Alertmanager" echo " [ ] Grafana dashboards showing data" echo " [ ] CockroachDB cluster healthy (3 nodes)" echo " [ ] Vault unsealed and HA" echo " [ ] Keycloak SSO working for all services" echo " [ ] DNS resolving correctly" echo " [ ] Email sending/receiving works" echo " [ ] Backups running" echo "" echo "Documentation:" echo " - Runbooks: $SCRIPT_DIR/../runbooks/" echo " - RFC 0044: Infrastructure Rollout Guide" } main "$@"