Compare commits

..

22 Commits

Author SHA1 Message Date
838cb38862 fix(deploy): add smoke check retries and pass public Supabase build env 2026-03-07 06:37:14 +00:00
5c6be8a056 Merge pull request 'fix(deploy): use image-only production compose and correct script sync' (#44) from fix/cl9-prod-compose-and-deploy-sync into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/44
2026-03-06 18:38:02 +00:00
2edf19fac3 fix(deploy): use image-only production compose and correct script sync 2026-03-06 18:37:14 +00:00
c696869909 Merge pull request 'fix(ci): correct rsync deploy path and define smoke check base URL' (#43) from fix/cl9-jenkins-rsync-and-smoke-check-paths into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/43
2026-03-06 18:22:38 +00:00
0e2dd1bfc7 fix(ci): correct rsync deploy path and define smoke check base URL 2026-03-06 18:21:13 +00:00
99f020f560 Merge pull request 'update deploy stage and smoke check for scripts' (#42) from fix/cl9-move-deployment-scripts into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/42
2026-03-06 17:56:59 +00:00
4d241545d2 update deploy stage and smoke check for scripts 2026-03-06 17:56:46 +00:00
2e8849332b Merge pull request 'fix(ci): add default deploy environment variables for bash-safe pipeline' (#41) from fix/cl9-jenkins-env-defaults into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/41
2026-03-06 16:10:05 +00:00
d30a7d37b5 fix(ci): add default deploy environment variables for bash-safe pipeline 2026-03-06 16:08:50 +00:00
6a09053ac3 Merge pull request 'fix(ci): run pipeline shell steps using bash to support pipefail' (#40) from fix/cl9-jenkins-bash-shell into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/40
2026-03-06 16:00:48 +00:00
ab27e57e66 fix(ci): run pipeline shell steps using bash to support pipefail 2026-03-06 15:53:52 +00:00
cd4ba09404 Merge pull request 'fix(ci): add default deploy credential and host variables to Jenkins pipeline' (#39) from fix/cl9-jenkins-credential-default into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/39
2026-03-06 15:45:01 +00:00
13b778a4e4 fix(ci): add default deploy credential and host variables to Jenkins pipeline 2026-03-06 15:42:18 +00:00
69c051052d Merge pull request 'swapped runner to node:20-bookworm-slim' (#38) from fix/update-runner into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/38
2026-03-06 14:13:39 +00:00
d1982f1618 swapped runner to node:20-bookworm-slim 2026-03-06 14:13:26 +00:00
d2b57c03b3 Merge pull request 'changed image to node:20-bookworm-slim' (#37) from fix/update-docker-file-for-image into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/37
2026-03-06 14:11:32 +00:00
5990ad9423 changed image to node:20-bookworm-slim 2026-03-06 14:11:13 +00:00
8391ef1004 Merge pull request 'commented out preflight' (#36) from fix/edit-jenkinfile into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/36
2026-03-06 14:03:03 +00:00
348e26de14 commented out preflight 2026-03-06 14:02:52 +00:00
54d920bc09 Merge pull request 'build fix check for docker' (#35) from fix/jenkins-check-for-docker into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/35
2026-03-06 13:58:53 +00:00
91744bf71f build fix check for docker 2026-03-06 13:58:41 +00:00
c4626e32f3 Merge pull request 'fix(ci): require docker-capable Jenkins agent with preflight checks' (#34) from feature/cl9-jenkins-docker-agent into master
Reviewed-on: http://gitea.lan:3000/robbond/pleskSaas/pulls/34
2026-03-06 13:44:20 +00:00
5 changed files with 91 additions and 72 deletions

View File

@@ -1,23 +1,28 @@
FROM cgr.dev/chainguard/node:20-dev AS deps FROM node:20-bookworm-slim AS deps
WORKDIR /app WORKDIR /app
COPY package.json package-lock.json ./ COPY package.json package-lock.json ./
RUN npm ci RUN npm ci
FROM cgr.dev/chainguard/node:20-dev AS builder FROM node:20-bookworm-slim AS builder
WORKDIR /app WORKDIR /app
ARG NEXT_PUBLIC_SUPABASE_URL
ARG NEXT_PUBLIC_SUPABASE_ANON_KEY
ENV NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL}
ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY}
COPY --from=deps /app/node_modules ./node_modules COPY --from=deps /app/node_modules ./node_modules
COPY . . COPY . .
RUN npm run build RUN npm run build
FROM cgr.dev/chainguard/node:20-dev AS prod-deps FROM node:20-bookworm-slim AS prod-deps
WORKDIR /app WORKDIR /app
COPY package.json package-lock.json ./ COPY package.json package-lock.json ./
RUN npm ci --omit=dev RUN npm ci --omit=dev
FROM cgr.dev/chainguard/node:20 AS runner FROM node:20-bookworm-slim AS runner
WORKDIR /app WORKDIR /app
ENV NODE_ENV=production ENV NODE_ENV=production

109
Jenkinsfile vendored
View File

@@ -1,33 +1,41 @@
pipeline { pipeline {
// Build + deploy stages require Docker CLI/daemon access on the Jenkins node. // Build + deploy stages require Docker CLI/daemon access on the Jenkins node.
// Ensure this label maps to an agent with Docker installed and usable. // Ensure this label maps to an agent with Docker installed and usable.
agent { label 'docker' } agent any
environment { environment {
REGISTRY_IMAGE = "plesk-agency-portal" REGISTRY_IMAGE = "plesk-agency-portal"
IMAGE_LATEST = "${REGISTRY_IMAGE}:latest" IMAGE_LATEST = "${REGISTRY_IMAGE}:latest"
IMAGE_BUILD = "${REGISTRY_IMAGE}:build-${BUILD_NUMBER}" IMAGE_BUILD = "${REGISTRY_IMAGE}:build-${BUILD_NUMBER}"
DEPLOY_SSH_CREDENTIAL_ID = "${env.DEPLOY_SSH_CREDENTIAL_ID ?: 'plesk-agency-deploy-key'}"
APP_HOST = "${env.APP_HOST ?: '192.168.68.89'}"
APP_USER = "${env.APP_USER ?: 'deploy'}"
DEPLOY_PATH = "${env.DEPLOY_PATH ?: '/opt/plesk-agency-portal'}"
APP_BASE_URL = "${env.APP_BASE_URL ?: 'http://192.168.68.89:3000'}"
NEXT_PUBLIC_SUPABASE_URL = "${env.NEXT_PUBLIC_SUPABASE_URL ?: ''}"
NEXT_PUBLIC_SUPABASE_ANON_KEY = "${env.NEXT_PUBLIC_SUPABASE_ANON_KEY ?: ''}"
} }
stages { stages {
stage('Preflight') { // stage('Preflight') {
steps { // steps {
sh ''' // sh '''
set -euo pipefail // set -euo pipefail
if ! command -v docker >/dev/null 2>&1; then // if ! command -v docker >/dev/null 2>&1; then
echo "Docker CLI is not available on this Jenkins agent." // echo "Docker CLI is not available on this Jenkins agent."
echo "Run this pipeline on a Docker-capable node (label: docker) or install Docker on the current agent." // echo "Run this pipeline on a Docker-capable node or install Docker on the current agent."
exit 1 // exit 1
fi // fi
if ! docker version >/dev/null 2>&1; then // if ! docker version >/dev/null 2>&1; then
echo "Docker is installed but not usable by Jenkins (daemon/socket/permissions issue)." // echo "Docker is installed but not usable by Jenkins (daemon/socket/permissions issue)."
exit 1 // exit 1
fi // fi
''' // '''
} // }
} // }
stage('Checkout') { stage('Checkout') {
steps { steps {
@@ -62,44 +70,55 @@ pipeline {
stage('Build Docker image') { stage('Build Docker image') {
steps { steps {
sh 'docker build -t ${IMAGE_LATEST} -t ${IMAGE_BUILD} .' sh 'docker build --build-arg NEXT_PUBLIC_SUPABASE_URL="${NEXT_PUBLIC_SUPABASE_URL}" --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY="${NEXT_PUBLIC_SUPABASE_ANON_KEY}" -t ${IMAGE_LATEST} -t ${IMAGE_BUILD} .'
} }
} }
stage('Deploy') { stage('Deploy') {
steps { steps {
script { withCredentials([sshUserPrivateKey(
if (!env.DEPLOY_SSH_CREDENTIAL_ID) { credentialsId: "${env.DEPLOY_SSH_CREDENTIAL_ID}",
error 'DEPLOY_SSH_CREDENTIAL_ID is required' keyFileVariable: 'SSH_KEY'
} )]) {
} sh '''
sshagent(credentials: ["${env.DEPLOY_SSH_CREDENTIAL_ID}"]) { bash -eo pipefail << 'EOF'
sh ''' set -euo pipefail
set -euo pipefail
: "${DEPLOY_SSH_HOST:?Missing DEPLOY_SSH_HOST}"
: "${DEPLOY_SSH_USER:?Missing DEPLOY_SSH_USER}"
: "${DEPLOY_PATH:?Missing DEPLOY_PATH}"
rsync -az \ ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" "mkdir -p $DEPLOY_PATH/scripts"
docker-compose.prod.yml \
scripts/deploy-prod.sh \
scripts/smoke-check.sh \
scripts/rollback-prod.sh \
${DEPLOY_SSH_USER}@${DEPLOY_SSH_HOST}:${DEPLOY_PATH}/
docker save ${IMAGE_LATEST} ${IMAGE_BUILD} \ rsync -az \
| ssh ${DEPLOY_SSH_USER}@${DEPLOY_SSH_HOST} 'docker load' -e "ssh -i $SSH_KEY" \
docker-compose.prod.yml \
"$APP_USER@$APP_HOST:$DEPLOY_PATH/"
ssh ${DEPLOY_SSH_USER}@${DEPLOY_SSH_HOST} \ rsync -az \
"chmod +x ${DEPLOY_PATH}/deploy-prod.sh ${DEPLOY_PATH}/smoke-check.sh ${DEPLOY_PATH}/rollback-prod.sh && APP_IMAGE='${IMAGE_BUILD}' DEPLOY_PATH='${DEPLOY_PATH}' ${DEPLOY_PATH}/deploy-prod.sh" -e "ssh -i $SSH_KEY" \
''' scripts/ \
} "$APP_USER@$APP_HOST:$DEPLOY_PATH/scripts/"
}
docker save ${IMAGE_LATEST} ${IMAGE_BUILD} \
| ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" 'docker load'
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
"cd $DEPLOY_PATH && chmod +x ./scripts/deploy-prod.sh ./scripts/smoke-check.sh ./scripts/rollback-prod.sh"
ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
"cd $DEPLOY_PATH && ./scripts/deploy-prod.sh"
EOF
'''
} }
}
}
stage('Smoke check') { stage('Smoke check') {
steps { steps {
sh 'chmod +x scripts/smoke-check.sh && scripts/smoke-check.sh ${APP_BASE_URL}' sh '''
bash -eo pipefail << EOF
set -euo pipefail
chmod +x scripts/smoke-check.sh
scripts/smoke-check.sh "${APP_BASE_URL}"
EOF
'''
} }
} }
} }

View File

@@ -2,9 +2,6 @@ services:
web: web:
container_name: plesk-agency-portal container_name: plesk-agency-portal
image: ${APP_IMAGE:-plesk-agency-portal:latest} image: ${APP_IMAGE:-plesk-agency-portal:latest}
build:
context: .
dockerfile: Dockerfile
restart: unless-stopped restart: unless-stopped
env_file: env_file:
- .env - .env

View File

@@ -4,20 +4,9 @@ set -euo pipefail
DEPLOY_PATH="${DEPLOY_PATH:-/opt/plesk-agency-portal}" DEPLOY_PATH="${DEPLOY_PATH:-/opt/plesk-agency-portal}"
APP_IMAGE="${APP_IMAGE:-plesk-agency-portal:latest}" APP_IMAGE="${APP_IMAGE:-plesk-agency-portal:latest}"
SOURCE_PATH="${SOURCE_PATH:-${DEPLOY_PATH}}"
mkdir -p "${DEPLOY_PATH}" mkdir -p "${DEPLOY_PATH}"
for file in docker-compose.prod.yml deploy-prod.sh smoke-check.sh rollback-prod.sh; do
if [ -f "${SOURCE_PATH}/${file}" ]; then
cp "${SOURCE_PATH}/${file}" "${DEPLOY_PATH}/${file}"
fi
done
chmod +x "${DEPLOY_PATH}/deploy-prod.sh" \
"${DEPLOY_PATH}/smoke-check.sh" \
"${DEPLOY_PATH}/rollback-prod.sh" 2>/dev/null || true
if [ ! -f "${DEPLOY_PATH}/docker-compose.prod.yml" ]; then if [ ! -f "${DEPLOY_PATH}/docker-compose.prod.yml" ]; then
echo "Missing docker-compose.prod.yml in ${DEPLOY_PATH}" >&2 echo "Missing docker-compose.prod.yml in ${DEPLOY_PATH}" >&2
exit 1 exit 1
@@ -25,6 +14,6 @@ fi
cd "${DEPLOY_PATH}" cd "${DEPLOY_PATH}"
APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml up -d --no-build APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml up -d
docker compose -f docker-compose.prod.yml ps docker compose -f docker-compose.prod.yml ps

View File

@@ -11,17 +11,26 @@ fi
URL="${BASE_URL%/}/api/health" URL="${BASE_URL%/}/api/health"
TMP_FILE="$(mktemp)" TMP_FILE="$(mktemp)"
MAX_ATTEMPTS=20
SLEEP_SECONDS=3
trap 'rm -f "${TMP_FILE}"' EXIT trap 'rm -f "${TMP_FILE}"' EXIT
HTTP_CODE=$(curl -sS -o "${TMP_FILE}" -w "%{http_code}" "${URL}") for attempt in $(seq 1 "${MAX_ATTEMPTS}"); do
HTTP_CODE=$(curl -sS -o "${TMP_FILE}" -w "%{http_code}" "${URL}" || echo "000")
if [ "${HTTP_CODE}" != "200" ]; then if [ "${HTTP_CODE}" = "200" ]; then
echo "Smoke check failed: ${URL} returned ${HTTP_CODE}" >&2 if node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync(process.argv[1],'utf8'));if(d?.ok!==true||typeof d?.service!=='string'){process.exit(1)}" "${TMP_FILE}"; then
cat "${TMP_FILE}" >&2 || true echo "Smoke check passed: ${URL} (attempt ${attempt}/${MAX_ATTEMPTS})"
exit 1 exit 0
fi fi
fi
node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync(process.argv[1],'utf8'));if(d?.ok!==true||typeof d?.service!=='string'){process.exit(1)}" "${TMP_FILE}" if [ "${attempt}" -lt "${MAX_ATTEMPTS}" ]; then
sleep "${SLEEP_SECONDS}"
fi
done
echo "Smoke check passed: ${URL}" echo "Smoke check failed after ${MAX_ATTEMPTS} attempts: ${URL}" >&2
cat "${TMP_FILE}" >&2 || true
exit 1