PR AA follow-up: manual-rollback loud-failure summary + keep-min-5 backup-prune cron + root-only initial-keys handoff file
Some checks failed
CI / Frontend Lint (pull_request) Failing after 7s
CI / Frontend Type Check (pull_request) Failing after 7s
CI / Frontend Build (pull_request) Failing after 6s
CI / Frontend E2E Tests (pull_request) Failing after 7s
CI / Orchestrator Build (pull_request) Failing after 7s
CI / Orchestrator Unit Tests (pull_request) Failing after 6s
CI / Orchestrator E2E (Testcontainers) (pull_request) Has been skipped
CI / Contracts Compile (pull_request) Failing after 5s
CI / Contracts Test (pull_request) Failing after 6s
Code Quality / SonarQube Analysis (pull_request) Failing after 20s
Code Quality / Code Quality Checks (pull_request) Failing after 7s
Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s
Security Scan / OWASP ZAP Scan (pull_request) Failing after 4s
Some checks failed
CI / Frontend Lint (pull_request) Failing after 7s
CI / Frontend Type Check (pull_request) Failing after 7s
CI / Frontend Build (pull_request) Failing after 6s
CI / Frontend E2E Tests (pull_request) Failing after 7s
CI / Orchestrator Build (pull_request) Failing after 7s
CI / Orchestrator Unit Tests (pull_request) Failing after 6s
CI / Orchestrator E2E (Testcontainers) (pull_request) Has been skipped
CI / Contracts Compile (pull_request) Failing after 5s
CI / Contracts Test (pull_request) Failing after 6s
Code Quality / SonarQube Analysis (pull_request) Failing after 20s
Code Quality / Code Quality Checks (pull_request) Failing after 7s
Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s
Security Scan / OWASP ZAP Scan (pull_request) Failing after 4s
- deploy-currencicombo-8604.sh: on readiness timeout, print loud failure summary (journalctl tails + exact --rollback command with specific backup path) instead of silently exiting. Deliberately does NOT auto-rollback; first cutovers often fail because of env/migration mistakes and auto-restore hides the failure state ops needs. - install.sh: on first run, write the three API keys + EVENT_SIGNING_SECRET to /root/currencicombo-first-keys.txt (0600, root:root) as a handoff copy. Canonical values still live in /etc/currencicombo/orchestrator.env. Log one pointer line (not the secrets themselves) to journald. Handoff file is NOT regenerated if orchestrator.env already exists. - install-prune-cron.sh (new, opt-in): installs /etc/cron.daily/ currencicombo-prune-backups that deletes entries older than 30 days from /var/lib/currencicombo/backups/ WHILE always keeping the newest 5 regardless of age. Enforced via newest-first sort + i<KEEP_MIN skip. - webapp-nginx.conf: drop the misleading /events/* 421 guard-rail. The orchestrator's SSE endpoint is /api/plans/:id/events/stream (under /api/), so one /api/* guard-rail covers both normal REST and SSE. - README.md: corrected NPMplus rule table to TWO rules (/api/* with SSE-friendly proxy_buffering=off + 24h read_timeout + Connection "" + http/1.1, and /); added post-cutover smoke checks section with a concrete SSE streaming test that catches silent proxy_buffering=on misconfig; documented the /root/currencicombo-first-keys.txt handoff and the install-prune-cron.sh workflow; replaced stale 'not auto-pruned' note. Verification: - shellcheck --severity=warning: clean on all 3 scripts. - bash -n: clean on install-prune-cron.sh. - install-prune-cron.sh --dry-run: prints the pruner body with resolved env values as expected. - install.sh --dry-run: walks through user/dirs/nginx-apt steps, then fails fast on missing psql (expected on a build box without Postgres). Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>
This commit is contained in:
Devin AI
@@ -2,8 +2,9 @@
|
||||
# Invoked by the `currencicombo-webapp.service` systemd unit and installed
|
||||
# to /etc/currencicombo/webapp-nginx.conf by scripts/deployment/install.sh.
|
||||
#
|
||||
# Listens on :3000 (NPMplus upstream). NPMplus path-routes /api/* and
|
||||
# /events/* to the orchestrator on :8080; everything else lands here.
|
||||
# Listens on :3000 (NPMplus upstream). NPMplus path-routes /api/* to the
|
||||
# orchestrator on :8080 (with SSE-friendly settings — see README.md);
|
||||
# everything else lands here.
|
||||
# This config does NOT proxy /api itself — that's intentional so a wrong
|
||||
# NPMplus rule fails loudly instead of silently bypassing the orchestrator.
|
||||
|
||||
@@ -61,17 +62,15 @@ http {
|
||||
return 404;
|
||||
}
|
||||
|
||||
# Guard-rail: if NPMplus fails to path-route /api or /events, surface
|
||||
# it as a clean 421 rather than serving index.html and confusing the
|
||||
# browser with a JSON parse error.
|
||||
# Guard-rail: if NPMplus fails to path-route /api/*, surface it as a
|
||||
# clean 421 rather than serving index.html and confusing the browser
|
||||
# with a JSON parse error. The SSE endpoint lives at
|
||||
# /api/plans/:id/events/stream, which also sits under /api/, so one
|
||||
# rule covers both.
|
||||
location /api/ {
|
||||
return 421 "NPMplus is misconfigured: /api/* must proxy to orchestrator :8080\n";
|
||||
add_header Content-Type text/plain always;
|
||||
}
|
||||
location /events/ {
|
||||
return 421 "NPMplus is misconfigured: /events/* must proxy to orchestrator :8080\n";
|
||||
add_header Content-Type text/plain always;
|
||||
}
|
||||
|
||||
# SPA fallback. Must come last.
|
||||
location / {
|
||||
|
||||
Reference in New Issue
Block a user