fix(deploy): make LXC deploys atomic and fail-fast
Rebuild the deployment flow to prepare releases remotely, validate env/sudo prerequisites, run migrations in-release, and auto-rollback on health failures. Consolidate deployment docs and add a manual CI workflow so laptop and CI use the same push-based deploy path.
This commit is contained in:
parent
d228b44209
commit
2efdb2b785
8 changed files with 1057 additions and 319 deletions
157
scripts/validate-env.sh
Executable file
157
scripts/validate-env.sh
Executable file
|
|
@ -0,0 +1,157 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Validate environment variables for innercontext deployment
|
||||
# Checks both shared directory (persistent config) and current release (symlinks)
|
||||
#
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Color codes
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
# Shared directory (persistent configuration)
|
||||
SHARED_BACKEND_ENV="/opt/innercontext/shared/backend/.env"
|
||||
SHARED_FRONTEND_ENV="/opt/innercontext/shared/frontend/.env.production"
|
||||
|
||||
# Current release (should be symlinks to shared)
|
||||
CURRENT_BACKEND_ENV="/opt/innercontext/current/backend/.env"
|
||||
CURRENT_FRONTEND_ENV="/opt/innercontext/current/frontend/.env.production"
|
||||
|
||||
errors=0
|
||||
warnings=0
|
||||
|
||||
log_error() {
|
||||
echo -e "${RED}✗${NC} $1"
|
||||
((errors++))
|
||||
}
|
||||
|
||||
log_success() {
|
||||
echo -e "${GREEN}✓${NC} $1"
|
||||
}
|
||||
|
||||
log_warning() {
|
||||
echo -e "${YELLOW}⚠${NC} $1"
|
||||
((warnings++))
|
||||
}
|
||||
|
||||
check_symlink() {
|
||||
local symlink_path=$1
|
||||
local expected_target=$2
|
||||
|
||||
if [ ! -L "$symlink_path" ]; then
|
||||
log_error "Not a symlink: $symlink_path"
|
||||
return 1
|
||||
fi
|
||||
|
||||
local actual_target=$(readlink "$symlink_path")
|
||||
if [ "$actual_target" != "$expected_target" ]; then
|
||||
log_warning "Symlink target mismatch: $symlink_path -> $actual_target (expected: $expected_target)"
|
||||
else
|
||||
log_success "Symlink correct: $symlink_path -> $actual_target"
|
||||
fi
|
||||
}
|
||||
|
||||
check_var() {
|
||||
local file=$1
|
||||
local var_name=$2
|
||||
local optional=${3:-false}
|
||||
|
||||
if [ ! -f "$file" ]; then
|
||||
log_error "File not found: $file"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Check if variable exists and is not empty
|
||||
if grep -q "^${var_name}=" "$file"; then
|
||||
local value=$(grep "^${var_name}=" "$file" | cut -d'=' -f2-)
|
||||
if [ -z "$value" ]; then
|
||||
if [ "$optional" = true ]; then
|
||||
log_warning "$var_name is empty in $file (optional)"
|
||||
else
|
||||
log_error "$var_name is empty in $file"
|
||||
fi
|
||||
else
|
||||
log_success "$var_name is set"
|
||||
fi
|
||||
else
|
||||
if [ "$optional" = true ]; then
|
||||
log_warning "$var_name not found in $file (optional)"
|
||||
else
|
||||
log_error "$var_name not found in $file"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
echo "=== Validating Shared Directory Structure ==="
|
||||
|
||||
# Check shared directory exists
|
||||
if [ -d "/opt/innercontext/shared" ]; then
|
||||
log_success "Shared directory exists: /opt/innercontext/shared"
|
||||
else
|
||||
log_error "Shared directory not found: /opt/innercontext/shared"
|
||||
fi
|
||||
|
||||
# Check shared backend .env
|
||||
if [ -f "$SHARED_BACKEND_ENV" ]; then
|
||||
log_success "Shared backend .env exists: $SHARED_BACKEND_ENV"
|
||||
else
|
||||
log_error "Shared backend .env not found: $SHARED_BACKEND_ENV"
|
||||
fi
|
||||
|
||||
# Check shared frontend .env.production
|
||||
if [ -f "$SHARED_FRONTEND_ENV" ]; then
|
||||
log_success "Shared frontend .env.production exists: $SHARED_FRONTEND_ENV"
|
||||
else
|
||||
log_error "Shared frontend .env.production not found: $SHARED_FRONTEND_ENV"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "=== Validating Symlinks in Current Release ==="
|
||||
|
||||
# Check current release symlinks point to shared directory
|
||||
if [ -e "$CURRENT_BACKEND_ENV" ]; then
|
||||
check_symlink "$CURRENT_BACKEND_ENV" "../../../shared/backend/.env"
|
||||
else
|
||||
log_error "Current backend .env not found: $CURRENT_BACKEND_ENV"
|
||||
fi
|
||||
|
||||
if [ -e "$CURRENT_FRONTEND_ENV" ]; then
|
||||
check_symlink "$CURRENT_FRONTEND_ENV" "../../../shared/frontend/.env.production"
|
||||
else
|
||||
log_error "Current frontend .env.production not found: $CURRENT_FRONTEND_ENV"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "=== Validating Backend Environment Variables ==="
|
||||
if [ -f "$SHARED_BACKEND_ENV" ]; then
|
||||
check_var "$SHARED_BACKEND_ENV" "DATABASE_URL"
|
||||
check_var "$SHARED_BACKEND_ENV" "GEMINI_API_KEY"
|
||||
check_var "$SHARED_BACKEND_ENV" "LOG_LEVEL" true
|
||||
check_var "$SHARED_BACKEND_ENV" "CORS_ORIGINS" true
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "=== Validating Frontend Environment Variables ==="
|
||||
if [ -f "$SHARED_FRONTEND_ENV" ]; then
|
||||
check_var "$SHARED_FRONTEND_ENV" "PUBLIC_API_BASE"
|
||||
check_var "$SHARED_FRONTEND_ENV" "ORIGIN"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
if [ $errors -eq 0 ]; then
|
||||
if [ $warnings -eq 0 ]; then
|
||||
echo -e "${GREEN}✓ All environment checks passed${NC}"
|
||||
else
|
||||
echo -e "${YELLOW}⚠ Environment validation passed with $warnings warning(s)${NC}"
|
||||
fi
|
||||
exit 0
|
||||
else
|
||||
echo -e "${RED}✗ Found $errors error(s) in environment configuration${NC}"
|
||||
if [ $warnings -gt 0 ]; then
|
||||
echo -e "${YELLOW} And $warnings warning(s)${NC}"
|
||||
fi
|
||||
exit 1
|
||||
fi
|
||||
Loading…
Add table
Add a link
Reference in a new issue