lborv/few-line-engine
1
0
Fork 0
Code Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add test deployment workflow and setup documentation

Browse Source 
- Implemented a new GitHub Actions workflow for testing deployments (`test-deployment.yml`).
- Created detailed deployment documentation (`DEPLOYMENT-README.md`, `DEPLOYMENT.md`, `QUICK-START.md`) for setting up the testing server and configuring GitHub secrets.
- Added a setup script (`setup-testing-server.sh`) for automating the environment setup on the testing server, including Docker, Nginx, and user configurations.
- Included monitoring and cleanup scripts for managing deployments on the server.
This commit is contained in:
lborv
2025-10-13 20:59:12 +03:00
parent 2671665e25
commit 41f1c402ed
7 changed files with 1466 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

237
.gitea/workflows/test-deployment.yml Normal file
View File

@ -0,0 +1,237 @@
name: Test Deployment Workflow
# Этот workflow можно запустить вручную для тестирования процесса развертывания
on:
workflow_dispatch:
inputs:
pr_number:
description: "PR number to simulate"
required: true
default: "999"
type: string
cleanup:
description: "Run cleanup after deployment"
required: false
default: false
type: boolean
jobs:
test-deployment:
name: Test Deployment Process
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "18"
cache: "yarn"
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Run tests
run: |
# Add your test commands here
echo "Running tests..."
yarn lint:check || echo "Linting completed with warnings"
- name: Build application
run: yarn build
- name: Build Docker image
run: |
docker build -t low-code-engine:test-${{ inputs.pr_number }} .
echo "Docker image built successfully"
- name: Test Docker image
run: |
# Test that the image runs correctly
docker run -d --name test-app -p 3000:3000 low-code-engine:test-${{ inputs.pr_number }}
sleep 10
# Try to connect to the app
if curl -f http://localhost:3000/health > /dev/null 2>&1; then
echo "✅ Application is responding"
else
echo "❌ Application is not responding"
docker logs test-app
fi
docker stop test-app
docker rm test-app
- name: Save Docker image
run: |
docker save low-code-engine:test-${{ inputs.pr_number }} | gzip > low-code-engine-test.tar.gz
ls -lh low-code-engine-test.tar.gz
- name: Test SSH connection
if: ${{ secrets.TESTING_SERVER_HOST }}
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
echo "✅ SSH connection successful"
echo "Server info:"
uname -a
docker --version
docker-compose --version
df -h /opt/low-code-engine
echo "Available ports for testing:"
netstat -tln | grep ":30[0-9][0-9]" | head -5 || echo "No testing ports in use"
- name: Test file transfer
if: ${{ secrets.TESTING_SERVER_HOST }}
uses: appleboy/scp-action@v0.1.7
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
source: "low-code-engine-test.tar.gz"
target: "/tmp/"
- name: Test deployment simulation
if: ${{ secrets.TESTING_SERVER_HOST }}
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
echo "Testing deployment simulation for PR #${{ inputs.pr_number }}"
# Create test directory
mkdir -p /opt/low-code-engine/test-pr-${{ inputs.pr_number }}
cd /opt/low-code-engine/test-pr-${{ inputs.pr_number }}
# Copy test file
cp /tmp/low-code-engine-test.tar.gz .
# Test image loading
gunzip -c low-code-engine-test.tar.gz | docker load
echo "✅ Test deployment simulation completed"
# Cleanup test files
rm -f low-code-engine-test.tar.gz /tmp/low-code-engine-test.tar.gz
docker rmi low-code-engine:test-${{ inputs.pr_number }} || true
cd ..
rm -rf test-pr-${{ inputs.pr_number }}
- name: Cleanup on failure
if: failure() && secrets.TESTING_SERVER_HOST
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
# Cleanup any test artifacts
rm -f /tmp/low-code-engine-test.tar.gz
rm -rf /opt/low-code-engine/test-pr-${{ inputs.pr_number }}
docker rmi low-code-engine:test-${{ inputs.pr_number }} || true
echo "🧹 Cleanup completed"
test-health-endpoints:
name: Test Health Endpoints
runs-on: ubuntu-latest
needs: test-deployment
if: ${{ secrets.TESTING_SERVER_HOST }}
steps:
- name: Test server health endpoints
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.TESTING_SERVER_HOST }}
username: ${{ secrets.TESTING_SERVER_USER }}
key: ${{ secrets.TESTING_SERVER_SSH_KEY }}
port: ${{ secrets.TESTING_SERVER_PORT || 22 }}
script: |
echo "Testing health check endpoints..."
# Test monitoring script
if [ -f /usr/local/bin/monitor-deployments ]; then
echo "✅ Monitor script exists"
/usr/local/bin/monitor-deployments | head -20
else
echo "❌ Monitor script not found"
fi
# Test cleanup script
if [ -f /usr/local/bin/cleanup-old-deployments ]; then
echo "✅ Cleanup script exists"
else
echo "❌ Cleanup script not found"
fi
# Test nginx configuration
if command -v nginx &> /dev/null; then
echo "✅ Nginx is installed"
nginx -t 2>&1 | head -5
else
echo "❌ Nginx not installed"
fi
# Test docker access
docker ps | head -5
echo "Docker system info:"
docker system df
security-check:
name: Security Check
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run security audit
run: |
echo "Running security checks..."
# Check for secrets in code
if grep -r "password\|secret\|key" --include="*.ts" --include="*.js" --include="*.json" src/ | grep -v "// TODO\|console.log"; then
echo "❌ Potential secrets found in code"
exit 1
else
echo "✅ No secrets found in source code"
fi
# Check Docker image for security issues
echo "Building secure Docker image..."
docker build -t security-test .
# Basic security checks
echo "Checking Docker image user..."
docker run --rm security-test whoami | grep -v root || echo "✅ Not running as root"
docker rmi security-test
- name: Check workflow security
run: |
echo "Checking workflow file security..."
# Check that secrets are properly referenced
if grep -E '\$\{\{\s*secrets\.' .github/workflows/*.yml > /dev/null; then
echo "✅ Secrets properly referenced"
else
echo "❌ No secrets found in workflows"
fi
# Check for hardcoded values
if grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' .github/workflows/*.yml; then
echo "❌ Hardcoded IP addresses found"
exit 1
else
echo "✅ No hardcoded IP addresses"
fi