Compare commits

..

2 Commits

Author SHA1 Message Date
87246181a9 update 2026-03-07 07:25:57 +00:00
1bb61a0acc fix(ci): inject public Supabase env into app and Docker build stages 2026-03-07 07:20:02 +00:00
5 changed files with 25 additions and 79 deletions

View File

@@ -9,10 +9,8 @@ WORKDIR /app
ARG NEXT_PUBLIC_SUPABASE_URL ARG NEXT_PUBLIC_SUPABASE_URL
ARG NEXT_PUBLIC_SUPABASE_ANON_KEY ARG NEXT_PUBLIC_SUPABASE_ANON_KEY
ARG BUILD_CACHE_BUSTER ENV NEXT_PUBLIC_SUPABASE_URL=$NEXT_PUBLIC_SUPABASE_URL
ENV NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL} ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=$NEXT_PUBLIC_SUPABASE_ANON_KEY
ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY}
ENV BUILD_CACHE_BUSTER=${BUILD_CACHE_BUSTER}
COPY --from=deps /app/node_modules ./node_modules COPY --from=deps /app/node_modules ./node_modules
COPY . . COPY . .

50
Jenkinsfile vendored
View File

@@ -78,7 +78,7 @@ pipeline {
string(credentialsId: 'supabase-public-url', variable: 'NEXT_PUBLIC_SUPABASE_URL'), string(credentialsId: 'supabase-public-url', variable: 'NEXT_PUBLIC_SUPABASE_URL'),
string(credentialsId: 'supabase-public-anon-key', variable: 'NEXT_PUBLIC_SUPABASE_ANON_KEY') string(credentialsId: 'supabase-public-anon-key', variable: 'NEXT_PUBLIC_SUPABASE_ANON_KEY')
]) { ]) {
sh 'docker build --build-arg NEXT_PUBLIC_SUPABASE_URL="$NEXT_PUBLIC_SUPABASE_URL" --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY="$NEXT_PUBLIC_SUPABASE_ANON_KEY" --build-arg BUILD_CACHE_BUSTER="${BUILD_NUMBER}" -t ${IMAGE_LATEST} -t ${IMAGE_BUILD} .' sh 'docker build --build-arg NEXT_PUBLIC_SUPABASE_URL="$NEXT_PUBLIC_SUPABASE_URL" --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY="$NEXT_PUBLIC_SUPABASE_ANON_KEY" -t ${IMAGE_LATEST} -t ${IMAGE_BUILD} .'
} }
} }
} }
@@ -90,57 +90,29 @@ stage('Deploy') {
keyFileVariable: 'SSH_KEY' keyFileVariable: 'SSH_KEY'
)]) { )]) {
sh ''' sh '''
bash <<EOF bash -eo pipefail << 'EOF'
set -euxo pipefail set -euo pipefail
SSH_OPTS="-i ${SSH_KEY} -o BatchMode=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" "mkdir -p $DEPLOY_PATH/scripts"
echo "Testing remote SSH connectivity"
ssh ${SSH_OPTS} "${APP_USER}@${APP_HOST}" "whoami && hostname && pwd"
echo "Deploying image tag: ${IMAGE_BUILD}"
docker image inspect "${IMAGE_BUILD}" --format='{{.Id}} {{.RepoTags}}'
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" "mkdir -p $DEPLOY_PATH/scripts"
rsync -az \ rsync -az \
-e "ssh ${SSH_OPTS}" \ -e "ssh -i $SSH_KEY" \
docker-compose.prod.yml \ docker-compose.prod.yml \
"$APP_USER@$APP_HOST:$DEPLOY_PATH/" "$APP_USER@$APP_HOST:$DEPLOY_PATH/"
rsync -az \ rsync -az \
-e "ssh ${SSH_OPTS}" \ -e "ssh -i $SSH_KEY" \
scripts/ \ scripts/ \
"$APP_USER@$APP_HOST:$DEPLOY_PATH/scripts/" "$APP_USER@$APP_HOST:$DEPLOY_PATH/scripts/"
IMAGE_TAR="plesk-agency-portal-build.tar" docker save ${IMAGE_LATEST} ${IMAGE_BUILD} \
echo "Creating image archive: ${IMAGE_TAR}" | ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" 'docker load'
docker save -o "${IMAGE_TAR}" "${IMAGE_BUILD}"
ls -lh "${IMAGE_TAR}"
sha256sum "${IMAGE_TAR}"
echo "Copying image archive to remote host via scp" ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
scp ${SSH_OPTS} "${IMAGE_TAR}" "$APP_USER@$APP_HOST:$DEPLOY_PATH/"
echo "Verifying image archive exists on remote host"
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" "ls -lh $DEPLOY_PATH/plesk-agency-portal-build.tar"
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" "sha256sum $DEPLOY_PATH/plesk-agency-portal-build.tar"
echo "Loading image archive on remote host"
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" "docker load -i $DEPLOY_PATH/plesk-agency-portal-build.tar"
echo "Verifying exact image tag is available on remote host"
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" "docker image inspect ${IMAGE_BUILD} --format='{{.Id}} {{.RepoTags}}'"
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" \
"cd $DEPLOY_PATH && chmod +x ./scripts/deploy-prod.sh ./scripts/smoke-check.sh ./scripts/rollback-prod.sh" "cd $DEPLOY_PATH && chmod +x ./scripts/deploy-prod.sh ./scripts/smoke-check.sh ./scripts/rollback-prod.sh"
echo "Running remote deploy script with exact image tag" ssh -i "$SSH_KEY" "$APP_USER@$APP_HOST" \
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" \ "cd $DEPLOY_PATH && ./scripts/deploy-prod.sh"
"cd $DEPLOY_PATH && APP_IMAGE='${IMAGE_BUILD}' ./scripts/deploy-prod.sh"
echo "Printing final running container image metadata"
ssh ${SSH_OPTS} "$APP_USER@$APP_HOST" "docker inspect plesk-agency-portal --format='{{.Image}} {{.Created}}'"
EOF EOF
''' '''
} }

View File

@@ -12,13 +12,8 @@ if [ ! -f "${DEPLOY_PATH}/docker-compose.prod.yml" ]; then
exit 1 exit 1
fi fi
if [ ! -f "${DEPLOY_PATH}/.env" ]; then
echo "Missing .env in ${DEPLOY_PATH}" >&2
exit 1
fi
cd "${DEPLOY_PATH}" cd "${DEPLOY_PATH}"
APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml up -d --no-build --force-recreate APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml up -d
APP_IMAGE="${APP_IMAGE}" docker compose -f docker-compose.prod.yml ps docker compose -f docker-compose.prod.yml ps

View File

@@ -21,20 +21,10 @@ if [ ! -f "${DEPLOY_PATH}/docker-compose.prod.yml" ]; then
exit 1 exit 1
fi fi
if [ ! -f "${DEPLOY_PATH}/.env" ]; then
echo "Missing .env in ${DEPLOY_PATH}" >&2
exit 1
fi
if [ ! -f "${DEPLOY_PATH}/scripts/smoke-check.sh" ]; then
echo "Missing scripts/smoke-check.sh in ${DEPLOY_PATH}" >&2
exit 1
fi
cd "${DEPLOY_PATH}" cd "${DEPLOY_PATH}"
APP_IMAGE="${PREVIOUS_IMAGE_TAG}" docker compose -f docker-compose.prod.yml up -d --no-build --force-recreate APP_IMAGE="${PREVIOUS_IMAGE_TAG}" docker compose -f docker-compose.prod.yml up -d --no-build
"${DEPLOY_PATH}/scripts/smoke-check.sh" "${APP_BASE_URL}" "${DEPLOY_PATH}/smoke-check.sh" "${APP_BASE_URL}"
docker compose -f docker-compose.prod.yml ps docker compose -f docker-compose.prod.yml ps

View File

@@ -11,26 +11,17 @@ fi
URL="${BASE_URL%/}/api/health" URL="${BASE_URL%/}/api/health"
TMP_FILE="$(mktemp)" TMP_FILE="$(mktemp)"
MAX_ATTEMPTS=20
SLEEP_SECONDS=3
trap 'rm -f "${TMP_FILE}"' EXIT trap 'rm -f "${TMP_FILE}"' EXIT
for attempt in $(seq 1 "${MAX_ATTEMPTS}"); do HTTP_CODE=$(curl -sS -o "${TMP_FILE}" -w "%{http_code}" "${URL}")
HTTP_CODE=$(curl -sS -o "${TMP_FILE}" -w "%{http_code}" "${URL}" || echo "000")
if [ "${HTTP_CODE}" = "200" ]; then if [ "${HTTP_CODE}" != "200" ]; then
if node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync(process.argv[1],'utf8'));if(d?.ok!==true||typeof d?.service!=='string'){process.exit(1)}" "${TMP_FILE}"; then echo "Smoke check failed: ${URL} returned ${HTTP_CODE}" >&2
echo "Smoke check passed: ${URL} (attempt ${attempt}/${MAX_ATTEMPTS})"
exit 0
fi
fi
if [ "${attempt}" -lt "${MAX_ATTEMPTS}" ]; then
sleep "${SLEEP_SECONDS}"
fi
done
echo "Smoke check failed after ${MAX_ATTEMPTS} attempts: ${URL}" >&2
cat "${TMP_FILE}" >&2 || true cat "${TMP_FILE}" >&2 || true
exit 1 exit 1
fi
node -e "const fs=require('fs');const d=JSON.parse(fs.readFileSync(process.argv[1],'utf8'));if(d?.ok!==true||typeof d?.service!=='string'){process.exit(1)}" "${TMP_FILE}"
echo "Smoke check passed: ${URL}"