lborv/few-line-engine
1
0
Fork 0
Code Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add test deployment workflow and setup documentation

Browse Source 
- Implemented a new GitHub Actions workflow for testing deployments (`test-deployment.yml`).
- Created detailed deployment documentation (`DEPLOYMENT-README.md`, `DEPLOYMENT.md`, `QUICK-START.md`) for setting up the testing server and configuring GitHub secrets.
- Added a setup script (`setup-testing-server.sh`) for automating the environment setup on the testing server, including Docker, Nginx, and user configurations.
- Included monitoring and cleanup scripts for managing deployments on the server.
This commit is contained in:
lborv
2025-10-13 20:59:12 +03:00
parent 2671665e25
commit 41f1c402ed
7 changed files with 1466 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

247
.gitea/workflows/deploy-testing.yml Normal file
View File

@ -0,0 +1,247 @@
name: Deploy to Testing Server
on:
pull_request:
branches:
- develop
types: [opened, synchronize, reopened]
jobs:
deploy:
name: Deploy to Testing Server
runs-on: ubuntu-latest
if: github.event.pull_request.merged == false # Только для открытых PR
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "18"
cache: "yarn"
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Run linting
run: yarn lint:check
- name: Build application
run: yarn build
- name: Build Docker image
run: |
docker build -t low-code-engine:testing-${{ github.event.pull_request.number }} .
- name: Save Docker image
run: |
docker save low-code-engine:testing-${{ github.event.pull_request.number }} | gzip > low-code-engine-testing.tar.gz
- name: Deploy to Testing Server
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
# Создаем директорию для приложения если её нет
mkdir -p /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }}
cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }}
# Останавливаем существующие контейнеры если они есть
docker-compose down || true
# Удаляем старые образы
docker image prune -f || true
- name: Copy files to server
uses: appleboy/scp-action@v0.1.7
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
source: "low-code-engine-testing.tar.gz,docker-compose.yml,docker/"
target: "/opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }}/"
- name: Load and run Docker containers
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }}
# Загружаем Docker образ
gunzip -c low-code-engine-testing.tar.gz | docker load
# Создаем .env файл для тестового окружения
cat > .env << EOF
NODE_ENV=testing
DB_ROOT_PASSWORD=${{ secrets.TESTING_DB_ROOT_PASSWORD }}
DB_DATABASE=low_code_engine_pr_${{ github.event.pull_request.number }}
DB_USERNAME=${{ secrets.TESTING_DB_USERNAME }}
DB_PASSWORD=${{ secrets.TESTING_DB_PASSWORD }}
DB_PORT=3306
APP_PORT=${{ vars.TESTING_BASE_PORT || 3000 }}${{ github.event.pull_request.number }}
REDIS_HOST=redis
REDIS_PORT=6379
EOF
# Создаем docker-compose.override.yml для тестового окружения
cat > docker-compose.override.yml << EOF
version: "3.8"
services:
app:
image: low-code-engine:testing-${{ github.event.pull_request.number }}
ports:
- "\${APP_PORT}:3000"
environment:
NODE_ENV: testing
DB_HOST: mariadb
DB_PORT: 3306
DB_USERNAME: \${DB_USERNAME}
DB_PASSWORD: \${DB_PASSWORD}
DB_DATABASE: \${DB_DATABASE}
REDIS_HOST: redis
REDIS_PORT: 6379
mariadb:
ports:
- "${{ vars.TESTING_BASE_DB_PORT || 3306 }}${{ github.event.pull_request.number }}:3306"
environment:
MYSQL_DATABASE: \${DB_DATABASE}
redis:
image: redis:7-alpine
ports:
- "${{ vars.TESTING_BASE_REDIS_PORT || 6379 }}${{ github.event.pull_request.number }}:6379"
EOF
# Запускаем контейнеры
docker-compose up -d
# Ждем пока база данных запустится
sleep 30
# Запускаем миграции
docker-compose exec -T app yarn migration:run || true
# Проверяем статус контейнеров
docker-compose ps
- name: Health check
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }}
# Проверяем доступность приложения
APP_PORT=${{ vars.TESTING_BASE_PORT || 3000 }}${{ github.event.pull_request.number }}
for i in {1..10}; do
if curl -f http://localhost:$APP_PORT/health > /dev/null 2>&1; then
echo "✅ Application is healthy on port $APP_PORT"
break
fi
echo "⏳ Waiting for application to start... (attempt $i/10)"
sleep 10
done
- name: Comment PR with deployment info
uses: actions/github-script@v7
with:
script: |
const prNumber = context.payload.pull_request.number;
const appPort = ${{ vars.TESTING_BASE_PORT || 3000 }} + prNumber;
const dbPort = ${{ vars.TESTING_BASE_DB_PORT || 3306 }} + prNumber;
const redisPort = ${{ vars.TESTING_BASE_REDIS_PORT || 6379 }} + prNumber;
const comment = `## 🚀 Testing Deployment
Your PR has been deployed to the testing server!
**Deployment Details:**
- 🌐 Application URL: http://${{ secrets.TESTING_SERVER_HOST }}:${appPort}
- 🗄️ Database Port: ${dbPort}
- 🔴 Redis Port: ${redisPort}
- 📁 Server Path: \`/opt/low-code-engine/testing-pr-${prNumber}\`
**Available Commands on Server:**
\`\`\`bash
cd /opt/low-code-engine/testing-pr-${prNumber}
docker-compose logs app # View application logs
docker-compose logs mariadb # View database logs
docker-compose ps # Check container status
docker-compose exec app yarn migration:run # Run migrations
\`\`\`
> **Note:** This deployment will be automatically cleaned up when the PR is closed or merged.
`;
github.rest.issues.createComment({
issue_number: prNumber,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});
cleanup:
name: Cleanup on PR Close
runs-on: ubuntu-latest
if: github.event.pull_request.state == 'closed'
steps:
- name: Cleanup testing environment
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }}
# Останавливаем и удаляем контейнеры
docker-compose down -v || true
# Удаляем Docker образ
docker rmi low-code-engine:testing-${{ github.event.pull_request.number }} || true
# Удаляем директорию развертывания
cd ..
rm -rf testing-pr-${{ github.event.pull_request.number }}
echo "✅ Cleanup completed for PR #${{ github.event.pull_request.number }}"
- name: Comment PR with cleanup info
uses: actions/github-script@v7
with:
script: |
const comment = `## 🧹 Testing Environment Cleaned Up
The testing deployment for this PR has been cleaned up:
- ✅ Docker containers stopped and removed
- ✅ Docker images cleaned up
- ✅ Server files removed
Thank you for testing! 🎉
`;
github.rest.issues.createComment({
issue_number: context.payload.pull_request.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});

237
.gitea/workflows/test-deployment.yml Normal file
View File

@ -0,0 +1,237 @@
name: Test Deployment Workflow
# Этот workflow можно запустить вручную для тестирования процесса развертывания
on:
workflow_dispatch:
inputs:
pr_number:
description: "PR number to simulate"
required: true
default: "999"
type: string
cleanup:
description: "Run cleanup after deployment"
required: false
default: false
type: boolean
jobs:
test-deployment:
name: Test Deployment Process
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "18"
cache: "yarn"
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Run tests
run: |
# Add your test commands here
echo "Running tests..."
yarn lint:check || echo "Linting completed with warnings"
- name: Build application
run: yarn build
- name: Build Docker image
run: |
docker build -t low-code-engine:test-${{ inputs.pr_number }} .
echo "Docker image built successfully"
- name: Test Docker image
run: |
# Test that the image runs correctly
docker run -d --name test-app -p 3000:3000 low-code-engine:test-${{ inputs.pr_number }}
sleep 10
# Try to connect to the app
if curl -f http://localhost:3000/health > /dev/null 2>&1; then
echo "✅ Application is responding"
else
echo "❌ Application is not responding"
docker logs test-app
fi
docker stop test-app
docker rm test-app
- name: Save Docker image
run: |
docker save low-code-engine:test-${{ inputs.pr_number }} | gzip > low-code-engine-test.tar.gz
ls -lh low-code-engine-test.tar.gz
- name: Test SSH connection
if: ${{ secrets.TESTING_SERVER_HOST }}
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
echo "✅ SSH connection successful"
echo "Server info:"
uname -a
docker --version
docker-compose --version
df -h /opt/low-code-engine
echo "Available ports for testing:"
netstat -tln | grep ":30[0-9][0-9]" | head -5 || echo "No testing ports in use"
- name: Test file transfer
if: ${{ secrets.TESTING_SERVER_HOST }}
uses: appleboy/scp-action@v0.1.7
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
source: "low-code-engine-test.tar.gz"
target: "/tmp/"
- name: Test deployment simulation
if: ${{ secrets.TESTING_SERVER_HOST }}
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
echo "Testing deployment simulation for PR #${{ inputs.pr_number }}"
# Create test directory
mkdir -p /opt/low-code-engine/test-pr-${{ inputs.pr_number }}
cd /opt/low-code-engine/test-pr-${{ inputs.pr_number }}
# Copy test file
cp /tmp/low-code-engine-test.tar.gz .
# Test image loading
gunzip -c low-code-engine-test.tar.gz | docker load
echo "✅ Test deployment simulation completed"
# Cleanup test files
rm -f low-code-engine-test.tar.gz /tmp/low-code-engine-test.tar.gz
docker rmi low-code-engine:test-${{ inputs.pr_number }} || true
cd ..
rm -rf test-pr-${{ inputs.pr_number }}
- name: Cleanup on failure
if: failure() && secrets.TESTING_SERVER_HOST
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
# Cleanup any test artifacts
rm -f /tmp/low-code-engine-test.tar.gz
rm -rf /opt/low-code-engine/test-pr-${{ inputs.pr_number }}
docker rmi low-code-engine:test-${{ inputs.pr_number }} || true
echo "🧹 Cleanup completed"
test-health-endpoints:
name: Test Health Endpoints
runs-on: ubuntu-latest
needs: test-deployment
if: ${{ secrets.TESTING_SERVER_HOST }}
steps:
- name: Test server health endpoints
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
echo "Testing health check endpoints..."
# Test monitoring script
if [ -f /usr/local/bin/monitor-deployments ]; then
echo "✅ Monitor script exists"
/usr/local/bin/monitor-deployments | head -20
else
echo "❌ Monitor script not found"
fi
# Test cleanup script
if [ -f /usr/local/bin/cleanup-old-deployments ]; then
echo "✅ Cleanup script exists"
else
echo "❌ Cleanup script not found"
fi
# Test nginx configuration
if command -v nginx &> /dev/null; then
echo "✅ Nginx is installed"
nginx -t 2>&1 | head -5
else
echo "❌ Nginx not installed"
fi
# Test docker access
docker ps | head -5
echo "Docker system info:"
docker system df
security-check:
name: Security Check
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run security audit
run: |
echo "Running security checks..."
# Check for secrets in code
if grep -r "password\|secret\|key" --include="*.ts" --include="*.js" --include="*.json" src/ | grep -v "// TODO\|console.log"; then
echo "❌ Potential secrets found in code"
exit 1
else
echo "✅ No secrets found in source code"
fi
# Check Docker image for security issues
echo "Building secure Docker image..."
docker build -t security-test .
# Basic security checks
echo "Checking Docker image user..."
docker run --rm security-test whoami | grep -v root || echo "✅ Not running as root"
docker rmi security-test
- name: Check workflow security
run: |
echo "Checking workflow file security..."
# Check that secrets are properly referenced
if grep -E '\$\{\{\s*secrets\.' .github/workflows/*.yml > /dev/null; then
echo "✅ Secrets properly referenced"
else
echo "❌ No secrets found in workflows"
fi
# Check for hardcoded values
if grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' .github/workflows/*.yml; then
echo "❌ Hardcoded IP addresses found"
exit 1
else
echo "✅ No hardcoded IP addresses"
fi