Add DBIS portal live deploy target
This commit is contained in:
defiQUG
@@ -102,6 +102,30 @@
|
||||
"timeout_ms": 15000
|
||||
}
|
||||
},
|
||||
{
|
||||
"repo": "Gov_Web_Portals/DBIS",
|
||||
"branch": "main",
|
||||
"target": "dbis-portal-live",
|
||||
"description": "Redeploy the DBIS public portal on CT 7804 from the staged DBIS checkout overlaid into the Gov Portals workspace.",
|
||||
"cwd": "${PHOENIX_REPO_ROOT}",
|
||||
"command": [
|
||||
"bash",
|
||||
"scripts/deployment/phoenix-deploy-dbis-portal-live-from-workspace.sh"
|
||||
],
|
||||
"required_env": [
|
||||
"PHOENIX_REPO_ROOT",
|
||||
"PHOENIX_DEPLOY_WORKSPACE"
|
||||
],
|
||||
"timeout_sec": 2400,
|
||||
"healthcheck": {
|
||||
"url": "https://d-bis.org/.well-known/trust.json",
|
||||
"expect_status": 200,
|
||||
"expect_body_includes": "\"organization\"",
|
||||
"attempts": 12,
|
||||
"delay_ms": 5000,
|
||||
"timeout_ms": 15000
|
||||
}
|
||||
},
|
||||
{
|
||||
"repo": "d-bis/CurrenciCombo",
|
||||
"branch": "main",
|
||||
|
||||
167
scripts/deployment/phoenix-deploy-dbis-portal-live-from-workspace.sh
Executable file
167
scripts/deployment/phoenix-deploy-dbis-portal-live-from-workspace.sh
Executable file
@@ -0,0 +1,167 @@
|
||||
#!/usr/bin/env bash
|
||||
# Deploy the DBIS public portal from a Phoenix Deploy API staged DBIS checkout.
|
||||
#
|
||||
# The DBIS repo is normally a submodule of Gov_Web_Portals/gov-portals-monorepo
|
||||
# and depends on the parent workspace package @public-web-portals/shared. This
|
||||
# wrapper builds a temporary monorepo-shaped workspace, overlays the staged DBIS
|
||||
# source into it, syncs that tree to CT 7804, then rebuilds/restarts DBIS.
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
die() {
|
||||
echo "ERROR: $*" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
||||
|
||||
source "$PROJECT_ROOT/config/ip-addresses.conf" 2>/dev/null || true
|
||||
[ -f "$PROJECT_ROOT/.env" ] && set +u && source "$PROJECT_ROOT/.env" 2>/dev/null || true && set -u
|
||||
|
||||
PHOENIX_REPO_ROOT="${PHOENIX_REPO_ROOT:-$PROJECT_ROOT}"
|
||||
PHOENIX_DEPLOY_WORKSPACE="${PHOENIX_DEPLOY_WORKSPACE:-}"
|
||||
GOV_PORTALS_REPO_URL="${GOV_PORTALS_REPO_URL:-https://gitea.d-bis.org/Gov_Web_Portals/gov-portals-monorepo.git}"
|
||||
GOV_PORTALS_REF="${GOV_PORTALS_REF:-main}"
|
||||
|
||||
VMID_GOV_PORTALS="${VMID_GOV_PORTALS:-7804}"
|
||||
IP_GOV_PORTALS_DEV="${IP_GOV_PORTALS_DEV:-192.168.11.54}"
|
||||
PROXMOX_HOST="${PROXMOX_HOST:-192.168.11.11}"
|
||||
CT_APP_DIR="${DBIS_PORTAL_CT_DIR:-/srv/gov-portals}"
|
||||
SERVICE_NAME="${DBIS_PORTAL_SERVICE:-gov-portal-DBIS}"
|
||||
DBIS_PORT="${DBIS_PORT:-3001}"
|
||||
|
||||
[[ -d "$PHOENIX_REPO_ROOT" ]] || die "PHOENIX_REPO_ROOT does not exist: $PHOENIX_REPO_ROOT"
|
||||
[[ -n "$PHOENIX_DEPLOY_WORKSPACE" ]] || die "PHOENIX_DEPLOY_WORKSPACE is required"
|
||||
[[ -d "$PHOENIX_DEPLOY_WORKSPACE" ]] || die "staged DBIS workspace missing: $PHOENIX_DEPLOY_WORKSPACE"
|
||||
[[ "$CT_APP_DIR" != "/" ]] || die "refusing to deploy into /"
|
||||
|
||||
TMP_DIR="$(mktemp -d)"
|
||||
BUILD_CONTEXT="$TMP_DIR/gov-portals"
|
||||
ARCHIVE="$TMP_DIR/gov-portals-dbis-live.tgz"
|
||||
REMOTE_ARCHIVE="/tmp/gov-portals-dbis-live-${PHOENIX_DEPLOY_SHA:-manual}-$$.tgz"
|
||||
|
||||
cleanup() {
|
||||
rm -rf "$TMP_DIR"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
echo "Preparing DBIS live deploy context"
|
||||
echo " DBIS source: $PHOENIX_DEPLOY_WORKSPACE"
|
||||
echo " parent repo: $GOV_PORTALS_REPO_URL#$GOV_PORTALS_REF"
|
||||
echo " target: CT $VMID_GOV_PORTALS ($IP_GOV_PORTALS_DEV), service $SERVICE_NAME, port $DBIS_PORT"
|
||||
|
||||
git_auth_args=()
|
||||
if [[ -n "${GITEA_TOKEN:-}" ]]; then
|
||||
git_auth_args=(-c "http.extraHeader=Authorization: token ${GITEA_TOKEN}")
|
||||
fi
|
||||
|
||||
git "${git_auth_args[@]}" clone --depth 1 --branch "$GOV_PORTALS_REF" "$GOV_PORTALS_REPO_URL" "$BUILD_CONTEXT"
|
||||
|
||||
rm -rf "$BUILD_CONTEXT/DBIS"
|
||||
mkdir -p "$BUILD_CONTEXT/DBIS"
|
||||
tar \
|
||||
--exclude=.git \
|
||||
--exclude=node_modules \
|
||||
--exclude=.next \
|
||||
--exclude='*.tsbuildinfo' \
|
||||
-C "$PHOENIX_DEPLOY_WORKSPACE" \
|
||||
-cf - . | tar -C "$BUILD_CONTEXT/DBIS" -xf -
|
||||
|
||||
tar \
|
||||
--exclude=.git \
|
||||
--exclude=node_modules \
|
||||
--exclude=.next \
|
||||
--exclude='*.tsbuildinfo' \
|
||||
-C "$BUILD_CONTEXT" \
|
||||
-czf "$ARCHIVE" .
|
||||
|
||||
echo "Uploading deploy archive to Proxmox host $PROXMOX_HOST"
|
||||
scp -q -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new "$ARCHIVE" "root@$PROXMOX_HOST:$REMOTE_ARCHIVE"
|
||||
|
||||
echo "Pushing archive into CT $VMID_GOV_PORTALS"
|
||||
ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new "root@$PROXMOX_HOST" \
|
||||
"pct push $VMID_GOV_PORTALS '$REMOTE_ARCHIVE' '$REMOTE_ARCHIVE'"
|
||||
|
||||
echo "Extracting, building, and restarting DBIS inside CT $VMID_GOV_PORTALS"
|
||||
ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new "root@$PROXMOX_HOST" \
|
||||
"pct exec $VMID_GOV_PORTALS -- bash -s" <<CT_SCRIPT
|
||||
set -euo pipefail
|
||||
|
||||
CT_APP_DIR="$CT_APP_DIR"
|
||||
REMOTE_ARCHIVE="$REMOTE_ARCHIVE"
|
||||
SERVICE_NAME="$SERVICE_NAME"
|
||||
DBIS_PORT="$DBIS_PORT"
|
||||
|
||||
mkdir -p "\$CT_APP_DIR"
|
||||
ENV_BACKUP="\$(mktemp -d)"
|
||||
if [ -d "\$CT_APP_DIR/DBIS" ]; then
|
||||
for env_file in .env .env.local .env.production; do
|
||||
if [ -f "\$CT_APP_DIR/DBIS/\$env_file" ]; then
|
||||
cp "\$CT_APP_DIR/DBIS/\$env_file" "\$ENV_BACKUP/\$env_file"
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
find "\$CT_APP_DIR" -mindepth 1 -maxdepth 1 \
|
||||
! -name ".env" \
|
||||
! -name ".env.local" \
|
||||
! -name ".env.production" \
|
||||
-exec rm -rf {} +
|
||||
|
||||
tar -xzf "\$REMOTE_ARCHIVE" -C "\$CT_APP_DIR"
|
||||
rm -f "\$REMOTE_ARCHIVE"
|
||||
|
||||
mkdir -p "\$CT_APP_DIR/DBIS"
|
||||
for env_file in .env .env.local .env.production; do
|
||||
if [ -f "\$ENV_BACKUP/\$env_file" ] && [ ! -f "\$CT_APP_DIR/DBIS/\$env_file" ]; then
|
||||
cp "\$ENV_BACKUP/\$env_file" "\$CT_APP_DIR/DBIS/\$env_file"
|
||||
fi
|
||||
done
|
||||
rm -rf "\$ENV_BACKUP"
|
||||
|
||||
if ! command -v node >/dev/null 2>&1; then
|
||||
curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
|
||||
apt-get install -y nodejs
|
||||
fi
|
||||
|
||||
if ! command -v pnpm >/dev/null 2>&1; then
|
||||
npm install -g pnpm@8.15.0
|
||||
fi
|
||||
|
||||
cd "\$CT_APP_DIR"
|
||||
pnpm install --frozen-lockfile
|
||||
pnpm --filter portal-dbis build
|
||||
|
||||
cat > "/etc/systemd/system/\$SERVICE_NAME.service" <<UNIT
|
||||
[Unit]
|
||||
Description=Gov Portal DBIS
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=root
|
||||
WorkingDirectory=\$CT_APP_DIR/DBIS
|
||||
Environment=NODE_ENV=production
|
||||
Environment=PORT=\$DBIS_PORT
|
||||
EnvironmentFile=-\$CT_APP_DIR/DBIS/.env.production
|
||||
EnvironmentFile=-\$CT_APP_DIR/DBIS/.env.local
|
||||
ExecStart=/usr/bin/node \$CT_APP_DIR/DBIS/node_modules/next/dist/bin/next start -p \$DBIS_PORT
|
||||
Restart=on-failure
|
||||
RestartSec=5
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
UNIT
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable "\$SERVICE_NAME"
|
||||
systemctl restart "\$SERVICE_NAME"
|
||||
sleep 3
|
||||
curl -fsS --max-time 15 "http://127.0.0.1:\$DBIS_PORT/" >/dev/null
|
||||
CT_SCRIPT
|
||||
|
||||
ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new "root@$PROXMOX_HOST" "rm -f '$REMOTE_ARCHIVE'" >/dev/null 2>&1 || true
|
||||
|
||||
echo "DBIS live deployment complete."
|
||||
echo "Local origin check: http://$IP_GOV_PORTALS_DEV:$DBIS_PORT/"
|
||||
Reference in New Issue
Block a user