112 lines
3.4 KiB
Bash
112 lines
3.4 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
cd "$(dirname "$0")/.."
|
|
|
|
ENV_SOURCE="/opt/job-tracker/shared/.env"
|
|
ENV_TARGET=".env"
|
|
|
|
if [ ! -f "$ENV_SOURCE" ]; then
|
|
echo "Missing shared env file at $ENV_SOURCE"
|
|
exit 1
|
|
fi
|
|
|
|
# Keep runtime secrets outside the repo checkout so workflow uploads cannot wipe them.
|
|
ln -snf "$ENV_SOURCE" "$ENV_TARGET"
|
|
|
|
if [ ! -L "$ENV_TARGET" ] && [ ! -f "$ENV_TARGET" ]; then
|
|
echo "Failed to link deployment env file into $(pwd)/$ENV_TARGET"
|
|
exit 1
|
|
fi
|
|
|
|
export APP_VERSION="${APP_VERSION:-0.0.0}"
|
|
export APP_COMMIT_SHA="${APP_COMMIT_SHA:-unknown}"
|
|
export APP_BUILD_STAMP="${APP_BUILD_STAMP:-unknown}"
|
|
|
|
compose() {
|
|
docker compose "$@"
|
|
}
|
|
|
|
build_with_recovery() {
|
|
if compose build; then
|
|
return 0
|
|
fi
|
|
|
|
echo "docker compose build failed. Attempting one cleanup + retry because layer extraction can fail on constrained hosts."
|
|
docker image rm -f app-ai-service:latest 2>/dev/null || true
|
|
docker builder prune -af >/dev/null 2>&1 || true
|
|
docker system prune -f >/dev/null 2>&1 || true
|
|
compose build --no-cache ai-service
|
|
compose build backend frontend
|
|
}
|
|
|
|
compose pull || true
|
|
build_with_recovery
|
|
# Force recreation so updated port mappings, env vars, and container config always apply on deploy.
|
|
compose up -d --force-recreate --remove-orphans
|
|
|
|
if [ -n "${OLLAMA_MODEL:-}" ]; then
|
|
echo "Post-deploy Ollama warmup enabled for model: ${OLLAMA_MODEL}"
|
|
./scripts/start-ollama-cv.sh
|
|
fi
|
|
|
|
sleep 5
|
|
compose ps
|
|
|
|
backend_status="$(compose ps backend --format '{{.State}}' 2>/dev/null | head -n 1 | tr '[:upper:]' '[:lower:]')"
|
|
if [ "$backend_status" != "running" ]; then
|
|
echo "Backend service is not healthy after deploy (state: ${backend_status:-unknown})."
|
|
compose logs --tail=200 backend || true
|
|
exit 1
|
|
fi
|
|
|
|
ai_status="$(compose ps ai-service --format '{{.State}}' 2>/dev/null | head -n 1 | tr '[:upper:]' '[:lower:]')"
|
|
if [ "$ai_status" != "running" ]; then
|
|
echo "AI service is not healthy after deploy (state: ${ai_status:-unknown})."
|
|
compose logs --tail=200 ai-service || true
|
|
exit 1
|
|
fi
|
|
|
|
if [ -n "${APP_PUBLIC_BASE_URL:-}" ]; then
|
|
public_base="${APP_PUBLIC_BASE_URL%/}"
|
|
auth_config_body_file="$(mktemp)"
|
|
auth_config_headers_file="$(mktemp)"
|
|
cleanup_public_check() {
|
|
rm -f "$auth_config_body_file" "$auth_config_headers_file"
|
|
}
|
|
trap cleanup_public_check EXIT
|
|
|
|
echo "Running public smoke check against ${public_base}"
|
|
if ! curl -fsS "${public_base}/" >/dev/null; then
|
|
echo "Public frontend check failed for ${public_base}/"
|
|
exit 1
|
|
fi
|
|
|
|
if ! curl -fsS -D "$auth_config_headers_file" -o "$auth_config_body_file" "${public_base}/api/auth/config"; then
|
|
echo "Public API smoke check failed for ${public_base}/api/auth/config"
|
|
exit 1
|
|
fi
|
|
|
|
content_type="$(awk 'BEGIN{IGNORECASE=1} /^content-type:/ {print $2}' "$auth_config_headers_file" | tr -d '\r' | tail -n 1)"
|
|
if [[ "$content_type" != application/json* ]]; then
|
|
echo "Public API smoke check returned unexpected content type: ${content_type:-missing}"
|
|
echo "First bytes of response:"
|
|
head -c 200 "$auth_config_body_file" || true
|
|
exit 1
|
|
fi
|
|
|
|
if ! grep -q 'requireAuth' "$auth_config_body_file"; then
|
|
echo "Public API smoke check returned JSON without requireAuth."
|
|
cat "$auth_config_body_file"
|
|
exit 1
|
|
fi
|
|
|
|
trap - EXIT
|
|
cleanup_public_check
|
|
fi
|
|
|
|
# Clean up old legacy container name if it still exists from pre-rename deployments.
|
|
docker rm -f app-summarizer-1 2>/dev/null || true
|
|
|
|
echo "Deployment complete: ${APP_VERSION} ${APP_COMMIT_SHA}"
|