Make DBIS Phoenix deploy atomic

2026-05-09 15:38:29 -07:00
parent dd02f4b59b
commit 61c730dff5
1 changed files with 26 additions and 14 deletions
--- a/scripts/deployment/phoenix-deploy-dbis-portal-live-from-workspace.sh
+++ b/scripts/deployment/phoenix-deploy-dbis-portal-live-from-workspace.sh
@@ -40,6 +40,7 @@ TMP_DIR="$(mktemp -d)"
 BUILD_CONTEXT="$TMP_DIR/gov-portals"
 ARCHIVE="$TMP_DIR/gov-portals-dbis-live.tgz"
 REMOTE_ARCHIVE="/tmp/gov-portals-dbis-live-${PHOENIX_DEPLOY_SHA:-manual}-$$.tgz"
+REMOTE_STAGE_DIR="/srv/gov-portals-new-${PHOENIX_DEPLOY_SHA:-manual}-$$"

 cleanup() {
  rm -rf "$TMP_DIR"
@@ -83,17 +84,20 @@ echo "Pushing archive into CT $VMID_GOV_PORTALS"
 ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new "root@$PROXMOX_HOST" \
  "pct push $VMID_GOV_PORTALS '$REMOTE_ARCHIVE' '$REMOTE_ARCHIVE'"

-echo "Extracting, building, and restarting DBIS inside CT $VMID_GOV_PORTALS"
+echo "Extracting and building DBIS in a staged directory inside CT $VMID_GOV_PORTALS"
 ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new "root@$PROXMOX_HOST" \
  "pct exec $VMID_GOV_PORTALS -- bash -s" <<CT_SCRIPT
 set -euo pipefail

 CT_APP_DIR="$CT_APP_DIR"
 REMOTE_ARCHIVE="$REMOTE_ARCHIVE"
+REMOTE_STAGE_DIR="$REMOTE_STAGE_DIR"
 SERVICE_NAME="$SERVICE_NAME"
 DBIS_PORT="$DBIS_PORT"

-mkdir -p "\$CT_APP_DIR"
+rm -rf "\$REMOTE_STAGE_DIR"
+mkdir -p "\$REMOTE_STAGE_DIR"
+
 ENV_BACKUP="\$(mktemp -d)"
 if [ -d "\$CT_APP_DIR/DBIS" ]; then
  for env_file in .env .env.local .env.production; do
@@ -103,19 +107,13 @@ if [ -d "\$CT_APP_DIR/DBIS" ]; then
  done
 fi

-find "\$CT_APP_DIR" -mindepth 1 -maxdepth 1 \
-  ! -name ".env" \
-  ! -name ".env.local" \
-  ! -name ".env.production" \
-  -exec rm -rf {} +
-
-tar -xzf "\$REMOTE_ARCHIVE" -C "\$CT_APP_DIR"
+tar -xzf "\$REMOTE_ARCHIVE" -C "\$REMOTE_STAGE_DIR"
 rm -f "\$REMOTE_ARCHIVE"

-mkdir -p "\$CT_APP_DIR/DBIS"
+mkdir -p "\$REMOTE_STAGE_DIR/DBIS"
 for env_file in .env .env.local .env.production; do
-  if [ -f "\$ENV_BACKUP/\$env_file" ] && [ ! -f "\$CT_APP_DIR/DBIS/\$env_file" ]; then
-    cp "\$ENV_BACKUP/\$env_file" "\$CT_APP_DIR/DBIS/\$env_file"
+  if [ -f "\$ENV_BACKUP/\$env_file" ] && [ ! -f "\$REMOTE_STAGE_DIR/DBIS/\$env_file" ]; then
+    cp "\$ENV_BACKUP/\$env_file" "\$REMOTE_STAGE_DIR/DBIS/\$env_file"
  fi
 done
 rm -rf "\$ENV_BACKUP"
@@ -148,10 +146,17 @@ if [ -z "\$PNPM_BIN" ]; then
 fi
 [ -n "\$PNPM_BIN" ] || { echo "pnpm is required but was not found after install" >&2; exit 1; }

-cd "\$CT_APP_DIR"
+cd "\$REMOTE_STAGE_DIR"
 "\$PNPM_BIN" install --frozen-lockfile
 "\$PNPM_BIN" --filter portal-dbis build

+PREVIOUS_DIR=""
+if [ -e "\$CT_APP_DIR" ]; then
+  PREVIOUS_DIR="\${CT_APP_DIR}-previous-\$(date +%Y%m%d%H%M%S)"
+  mv "\$CT_APP_DIR" "\$PREVIOUS_DIR"
+fi
+mv "\$REMOTE_STAGE_DIR" "\$CT_APP_DIR"
+
 cat > "/etc/systemd/system/\$SERVICE_NAME.service" <<UNIT
 [Unit]
 Description=Gov Portal DBIS
@@ -177,7 +182,14 @@ systemctl daemon-reload
 systemctl enable "\$SERVICE_NAME"
 systemctl restart "\$SERVICE_NAME"
 sleep 3
-curl -fsS --max-time 15 "http://127.0.0.1:\$DBIS_PORT/" >/dev/null
+if ! curl -fsS --max-time 15 "http://127.0.0.1:\$DBIS_PORT/" >/dev/null; then
+  if [ -n "\$PREVIOUS_DIR" ] && [ -d "\$PREVIOUS_DIR" ]; then
+    rm -rf "\$CT_APP_DIR"
+    mv "\$PREVIOUS_DIR" "\$CT_APP_DIR"
+    systemctl restart "\$SERVICE_NAME" || true
+  fi
+  exit 1
+fi
 CT_SCRIPT

 ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new "root@$PROXMOX_HOST" "rm -f '$REMOTE_ARCHIVE'" >/dev/null 2>&1 || true