I’ve got a CI pipeline that builds a docker image, pushes it to the Gitlab registry and then I’d like to automatically update the image in the staging environment.

The docker environment is hosted in Rancher, I can call the Rancher API to upgrade the docker image through a simple script.

#!/bin/sh
set -x #echo on
while getopts ":k:s:a:" opt; do
  case $opt in
    k) RANCHERACCESS="$OPTARG"
    s) RANCHERSECRET="$OPTARG"
    a) APPID="$OPTARG"
    \?) echo "Invalid option -$OPTARG" >&2
curl -u $RANCHERACCESS:$RANCHERSECRET \
-X POST \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{"inServiceStrategy":null, "toServiceStrategy":"\"batchSize\":1, \"finalScale\":1, \"intervalMillis\":2000, \"toServiceId\":\"reference['$APPID']\", \"updateLinks\":false"}' \
'http://rancher.hosting.com:8080/v2-beta/projects/1a5/services/'$APPID'/?action=upgrade'
I’m calling this script in the gitlab-ci.yml file like this
deploy_Staging:
  stage: deploy
  script: 
    - ls -lsa ./scripts
    - whoami
    - ./scripts/RancherDeploy.sh -k $RANCHERACCESS -s $RANCHERSECRET -a $STAGING_ID
  environment:
    name: Staging
    url: https://Staging.app.net
However, when this phase always fails

This is my output
$ ls -lsa ./scripts
total 12
     4 drwxrwxrwx    2 root     root          4096 Mar 24 12:45 .
     4 drwxrwxrwx   13 root     root          4096 Mar 24 14:30 ..
     0 -rw-rw-rw-    1 root     root             0 Mar 24 11:27 .gitkeep
     4 -rw-rw-rw-    1 root     root           629 Mar 24 12:45 RancherDeploy.sh
$ whoami
$ ./scripts/RancherDeploy.sh -k $RANCHERACCESS -s $RANCHERSECRET -a $STAGING_ID
/bin/sh: eval: line 58: ./scripts/RancherDeploy.sh: Permission denied
ERROR: Job failed: exit code 126
I tried running the curl command directly from the YAML file, but the mashup of single and double quotes messes everything up 
What part am I missing to get this to work?
              
Hi Maxim, in my CI pipelines I do exactly the same, I just don’t use a script. Instead I build an Alpine linux image with Rancher CLI binary.
Now to the point; You should add a chmod +x I guess, give that a try:
deploy_Staging:
  stage: deploy
  script: 
    - ls -lsa ./scripts
    - whoami
    - chmod +x ./scripts/RancherDeploy.sh
    - ./scripts/RancherDeploy.sh -k $RANCHERACCESS -s $RANCHERSECRET -a $STAGING_ID
  environment:
    name: Staging
    url: https://Staging.app.net
              
Hi Stefan,
That worked indeed. Thanks for that.
When you say you build an Alpine image, am I correct in understanding you have an image based of alpine that has the docker binaries and the rancher-cli embedded within them. And the CI-runner uses this image to build and interact with the Rancher environment?
Thanks in advance!
              
While the chmod +x in the gitlab-ci.yml works fine, I think the better solution is to tell git that the file should be executable. Then git will set the executable permission for the file when it checks it out.
I think this happens automatically if the file already has the permission when it is added to git.

If the file was added to git without the permission, you can set the permission manually afterwards. See https://stackoverflow.com/questions/21691202/how-to-create-file-execute-mode-permissions-in-git-on-windows