-
Notifications
You must be signed in to change notification settings - Fork 0
138 lines (114 loc) · 4.25 KB
/
deploy.yml
File metadata and controls
138 lines (114 loc) · 4.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: Deploy to server
on:
push:
branches: [ main, deploy-workflow ]
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan -H "${{ secrets.SERVER_IP }}" >> ~/.ssh/known_hosts
- name: Upload entire repository (preserve venv on server)
run: |
rsync -az --delete \
--exclude='venv/' \
-e "ssh -o StrictHostKeyChecking=yes" \
./ \
"${{ secrets.USERNAME }}@${{ secrets.SERVER_IP }}:${{ secrets.PROJECT_PATH }}/"
- name: Install deps and restart service on server
run: |
ssh -T -o StrictHostKeyChecking=yes \
"${{ secrets.USERNAME }}@${{ secrets.SERVER_IP }}" <<'EOF' > /dev/null
set -euo pipefail
cd "${{ secrets.PROJECT_PATH }}"
# Activate existing venv and install/upgrade deps
source "${{ secrets.PROJECT_PATH }}/venv/bin/activate"
pip3 install --upgrade pip
pip3 install -r requirements.txt
# Restart your service
sudo systemctl restart parktrack-api-server
EOF
check-service:
runs-on: ubuntu-latest
needs: build-and-deploy
steps:
- name: Setup SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan -H "${{ secrets.SERVER_IP }}" >> ~/.ssh/known_hosts
- name: Wait and check service health (systemd + summary)
run: |
echo "Checking systemd status on remote server..."
SSH="ssh -T -o StrictHostKeyChecking=yes ${{ secrets.USERNAME }}@${{ secrets.SERVER_IP }}"
APP_ROOT="${{ secrets.PROJECT_PATH }}"
if $SSH "sleep 15 && systemctl is-active --quiet parktrack-api-server" > /dev/null 2>&1; then
echo "systemd reports parktrack-api-server=active."
else
echo "Service is NOT active. Fetching logs since last start..."
# Время последнего запуска юнита
START_TIME=$($SSH "systemctl show parktrack-api-server -p ActiveEnterTimestamp --value" || echo "unknown")
# Логи только с последнего запуска + маскировка пути
ERROR_LOG=$(
$SSH "journalctl -u parktrack-api-server --since \"$START_TIME\" --no-pager --no-hostname -o short" \
| sed "s|$APP_ROOT|<project_path>|g" \
| tail -n 20
)
echo "Last start time: $START_TIME"
echo "Last error log lines:"
echo "$ERROR_LOG"
# Красивый markdown в summary
{
echo "## ❌ Service restart failed"
echo
echo "**Last start:** \`$START_TIME\`"
echo
echo "### Logs since last start:"
echo
echo '```text'
echo "$ERROR_LOG"
echo '```'
} >> "$GITHUB_STEP_SUMMARY"
exit 1
fi
check-health-endpoint:
runs-on: ubuntu-latest
needs: [build-and-deploy, check-service]
steps:
- name: Wait and check /health endpoint
run: |
echo "Waiting for health endpoint to become healthy..."
URL="https://api.parktrack.live/health"
RESPONSE=""
SUCCESS=0
for i in {1..5}; do
RESPONSE=$(curl -sS "$URL" || echo "")
echo "Attempt $i, response: $RESPONSE"
if [ "$RESPONSE" = '{"status":"healthy"}' ]; then
SUCCESS=1
break
fi
sleep 3
done
if [ "$SUCCESS" -ne 1 ]; then
{
echo "## ❌ Healthcheck failed"
echo
echo "**Endpoint:** \`$URL\` "
echo
echo "### Last response"
echo
echo '```json'
echo "$RESPONSE"
echo '```'
} >> "$GITHUB_STEP_SUMMARY"
exit 1
fi
echo "Health endpoint OK."