From 6a1c35946e7c047a263d6404ea10cb67f6e7c3cc Mon Sep 17 00:00:00 2001
From: Viktor Barzin <viktorbarzin@meta.com>
Date: Sun, 8 Feb 2026 20:28:02 +0000
Subject: [PATCH] Add rollout wait step to Drone CI pipelines

Both frontend and API pipelines now wait for K8s deployments to fully
roll out before marking the build as successful. Polls the K8s API
every 5s for up to 300s, checking observedGeneration, updatedReplicas,
and readyReplicas to confirm the new image is live in production.
---
 .drone.yml | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

diff --git a/.drone.yml b/.drone.yml
index 844a91c..37e490d 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -33,6 +33,34 @@ steps:
       - apk add curl
       - 'curl -s -X PATCH "https://kubernetes:6443/apis/apps/v1/namespaces/realestate-crawler/deployments/realestate-crawler-ui" -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" -H "Content-Type: application/json-patch+json" -k -d ''[{"op":"replace","path":"/spec/template/spec/containers/0/image","value":"viktorbarzin/immoweb:''"$DRONE_BUILD_NUMBER"''"}]'' | head'
 
+  - name: Wait for rollout
+    image: alpine
+    commands:
+      - apk add --no-cache curl jq
+      - >-
+        TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token);
+        API="https://kubernetes:6443/apis/apps/v1/namespaces/realestate-crawler/deployments";
+        for DEPLOY in realestate-crawler-ui; do
+          echo "Waiting for $DEPLOY rollout...";
+          for i in $(seq 1 60); do
+            S=$(curl -sk -H "Authorization: Bearer $TOKEN" "$API/$DEPLOY");
+            DESIRED=$(echo "$S" | jq '.spec.replicas');
+            UPDATED=$(echo "$S" | jq '.status.updatedReplicas // 0');
+            READY=$(echo "$S" | jq '.status.readyReplicas // 0');
+            GEN=$(echo "$S" | jq '.metadata.generation');
+            OBS=$(echo "$S" | jq '.status.observedGeneration // 0');
+            if [ "$OBS" -ge "$GEN" ] && [ "$UPDATED" -eq "$DESIRED" ] && [ "$READY" -eq "$DESIRED" ]; then
+              echo "$DEPLOY rollout complete ($READY/$DESIRED ready)";
+              break;
+            fi;
+            echo "  $DEPLOY: $READY/$DESIRED ready, $UPDATED updated (attempt $i/60)";
+            sleep 5;
+          done;
+          if [ "$i" -eq 60 ] && { [ "$READY" -ne "$DESIRED" ] || [ "$UPDATED" -ne "$DESIRED" ]; }; then
+            echo "ERROR: $DEPLOY rollout timed out after 300s"; exit 1;
+          fi;
+        done
+
 ---
 kind: pipeline
 type: kubernetes
@@ -71,3 +99,31 @@ steps:
       - 'curl -s -X PATCH "https://kubernetes:6443/apis/apps/v1/namespaces/realestate-crawler/deployments/realestate-crawler-api" -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" -H "Content-Type: application/json-patch+json" -k -d ''[{"op":"replace","path":"/spec/template/spec/containers/0/image","value":"viktorbarzin/realestatecrawler:''"$DRONE_BUILD_NUMBER"''"}]'' | head'
       - 'curl -s -X PATCH "https://kubernetes:6443/apis/apps/v1/namespaces/realestate-crawler/deployments/realestate-crawler-celery" -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" -H "Content-Type: application/json-patch+json" -k -d ''[{"op":"replace","path":"/spec/template/spec/containers/0/image","value":"viktorbarzin/realestatecrawler:''"$DRONE_BUILD_NUMBER"''"}]'' | head'
       - 'curl -s -X PATCH "https://kubernetes:6443/apis/apps/v1/namespaces/realestate-crawler/deployments/realestate-crawler-celery-beat" -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" -H "Content-Type: application/json-patch+json" -k -d ''[{"op":"replace","path":"/spec/template/spec/containers/0/image","value":"viktorbarzin/realestatecrawler:''"$DRONE_BUILD_NUMBER"''"}]'' | head'
+
+  - name: Wait for rollout
+    image: alpine
+    commands:
+      - apk add --no-cache curl jq
+      - >-
+        TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token);
+        API="https://kubernetes:6443/apis/apps/v1/namespaces/realestate-crawler/deployments";
+        for DEPLOY in realestate-crawler-api realestate-crawler-celery realestate-crawler-celery-beat; do
+          echo "Waiting for $DEPLOY rollout...";
+          for i in $(seq 1 60); do
+            S=$(curl -sk -H "Authorization: Bearer $TOKEN" "$API/$DEPLOY");
+            DESIRED=$(echo "$S" | jq '.spec.replicas');
+            UPDATED=$(echo "$S" | jq '.status.updatedReplicas // 0');
+            READY=$(echo "$S" | jq '.status.readyReplicas // 0');
+            GEN=$(echo "$S" | jq '.metadata.generation');
+            OBS=$(echo "$S" | jq '.status.observedGeneration // 0');
+            if [ "$OBS" -ge "$GEN" ] && [ "$UPDATED" -eq "$DESIRED" ] && [ "$READY" -eq "$DESIRED" ]; then
+              echo "$DEPLOY rollout complete ($READY/$DESIRED ready)";
+              break;
+            fi;
+            echo "  $DEPLOY: $READY/$DESIRED ready, $UPDATED updated (attempt $i/60)";
+            sleep 5;
+          done;
+          if [ "$i" -eq 60 ] && { [ "$READY" -ne "$DESIRED" ] || [ "$UPDATED" -ne "$DESIRED" ]; }; then
+            echo "ERROR: $DEPLOY rollout timed out after 300s"; exit 1;
+          fi;
+        done