From ff664c208633326f3310260bd93f49c073c3fe7f Mon Sep 17 00:00:00 2001 From: lborv Date: Mon, 13 Oct 2025 21:25:36 +0300 Subject: [PATCH] fix: update comments and documentation to English for consistency --- .gitea/workflows/deploy-testing.yml | 30 ++-- .gitea/workflows/test-deployment.yml | 237 --------------------------- DEPLOYMENT.md | 146 ++++++++--------- 3 files changed, 88 insertions(+), 325 deletions(-) delete mode 100644 .gitea/workflows/test-deployment.yml diff --git a/.gitea/workflows/deploy-testing.yml b/.gitea/workflows/deploy-testing.yml index 1c6e0e3..943407c 100644 --- a/.gitea/workflows/deploy-testing.yml +++ b/.gitea/workflows/deploy-testing.yml @@ -10,7 +10,7 @@ jobs: deploy: name: Deploy to Testing Server runs-on: ubuntu-latest - if: github.event.pull_request.merged == false # Только для открытых PR + if: github.event.pull_request.merged == false # Only for open PRs steps: - name: Checkout code @@ -49,14 +49,14 @@ jobs: key: ${{ secrets.TESTING_SERVER_SSH_KEY }} port: ${{ secrets.TESTING_SERVER_PORT || 22 }} script: | - # Создаем директорию для приложения если её нет + # Create application directory if it doesn't exist mkdir -p /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }} cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }} - # Останавливаем существующие контейнеры если они есть + # Stop existing containers if they exist docker-compose down || true - # Удаляем старые образы + # Remove old images docker image prune -f || true - name: Copy files to server @@ -79,10 +79,10 @@ jobs: script: | cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }} - # Загружаем Docker образ + # Load Docker image gunzip -c low-code-engine-testing.tar.gz | docker load - # Создаем .env файл для тестового окружения + # Create .env file for testing environment cat > .env << EOF NODE_ENV=testing DB_ROOT_PASSWORD=${{ secrets.TESTING_DB_ROOT_PASSWORD }} @@ -95,7 +95,7 @@ jobs: REDIS_PORT=6379 EOF - # Создаем docker-compose.override.yml для тестового окружения + # Create docker-compose.override.yml for testing environment cat > docker-compose.override.yml << EOF version: "3.8" services: @@ -125,16 +125,16 @@ jobs: - "${{ vars.TESTING_BASE_REDIS_PORT || 6379 }}${{ github.event.pull_request.number }}:6379" EOF - # Запускаем контейнеры + # Start containers docker-compose up -d - # Ждем пока база данных запустится + # Wait for database to start sleep 30 - # Запускаем миграции + # Run migrations docker-compose exec -T app yarn migration:run || true - # Проверяем статус контейнеров + # Check container status docker-compose ps - name: Health check @@ -147,7 +147,7 @@ jobs: script: | cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }} - # Проверяем доступность приложения + # Check application availability APP_PORT=${{ vars.TESTING_BASE_PORT || 3000 }}${{ github.event.pull_request.number }} for i in {1..10}; do @@ -213,13 +213,13 @@ jobs: script: | cd /opt/low-code-engine/testing-pr-${{ github.event.pull_request.number }} - # Останавливаем и удаляем контейнеры + # Stop and remove containers docker-compose down -v || true - # Удаляем Docker образ + # Remove Docker image docker rmi low-code-engine:testing-${{ github.event.pull_request.number }} || true - # Удаляем директорию развертывания + # Remove deployment directory cd .. rm -rf testing-pr-${{ github.event.pull_request.number }} diff --git a/.gitea/workflows/test-deployment.yml b/.gitea/workflows/test-deployment.yml deleted file mode 100644 index d1c6032..0000000 --- a/.gitea/workflows/test-deployment.yml +++ /dev/null @@ -1,237 +0,0 @@ -name: Test Deployment Workflow - -# Этот workflow можно запустить вручную для тестирования процесса развертывания -on: - workflow_dispatch: - inputs: - pr_number: - description: "PR number to simulate" - required: true - default: "999" - type: string - cleanup: - description: "Run cleanup after deployment" - required: false - default: false - type: boolean - -jobs: - test-deployment: - name: Test Deployment Process - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: "18" - cache: "yarn" - - - name: Install dependencies - run: yarn install --frozen-lockfile - - - name: Run tests - run: | - # Add your test commands here - echo "Running tests..." - yarn lint:check || echo "Linting completed with warnings" - - - name: Build application - run: yarn build - - - name: Build Docker image - run: | - docker build -t low-code-engine:test-${{ inputs.pr_number }} . - echo "Docker image built successfully" - - - name: Test Docker image - run: | - # Test that the image runs correctly - docker run -d --name test-app -p 3000:3000 low-code-engine:test-${{ inputs.pr_number }} - sleep 10 - - # Try to connect to the app - if curl -f http://localhost:3000/health > /dev/null 2>&1; then - echo "✅ Application is responding" - else - echo "❌ Application is not responding" - docker logs test-app - fi - - docker stop test-app - docker rm test-app - - - name: Save Docker image - run: | - docker save low-code-engine:test-${{ inputs.pr_number }} | gzip > low-code-engine-test.tar.gz - ls -lh low-code-engine-test.tar.gz - - - name: Test SSH connection - if: ${{ secrets.TESTING_SERVER_HOST }} - uses: appleboy/ssh-action@v1.0.3 - with: - host: ${{ secrets.TESTING_SERVER_HOST }} - username: ${{ secrets.TESTING_SERVER_USER }} - key: ${{ secrets.TESTING_SERVER_SSH_KEY }} - port: ${{ secrets.TESTING_SERVER_PORT || 22 }} - script: | - echo "✅ SSH connection successful" - echo "Server info:" - uname -a - docker --version - docker-compose --version - df -h /opt/low-code-engine - echo "Available ports for testing:" - netstat -tln | grep ":30[0-9][0-9]" | head -5 || echo "No testing ports in use" - - - name: Test file transfer - if: ${{ secrets.TESTING_SERVER_HOST }} - uses: appleboy/scp-action@v0.1.7 - with: - host: ${{ secrets.TESTING_SERVER_HOST }} - username: ${{ secrets.TESTING_SERVER_USER }} - key: ${{ secrets.TESTING_SERVER_SSH_KEY }} - port: ${{ secrets.TESTING_SERVER_PORT || 22 }} - source: "low-code-engine-test.tar.gz" - target: "/tmp/" - - - name: Test deployment simulation - if: ${{ secrets.TESTING_SERVER_HOST }} - uses: appleboy/ssh-action@v1.0.3 - with: - host: ${{ secrets.TESTING_SERVER_HOST }} - username: ${{ secrets.TESTING_SERVER_USER }} - key: ${{ secrets.TESTING_SERVER_SSH_KEY }} - port: ${{ secrets.TESTING_SERVER_PORT || 22 }} - script: | - echo "Testing deployment simulation for PR #${{ inputs.pr_number }}" - - # Create test directory - mkdir -p /opt/low-code-engine/test-pr-${{ inputs.pr_number }} - cd /opt/low-code-engine/test-pr-${{ inputs.pr_number }} - - # Copy test file - cp /tmp/low-code-engine-test.tar.gz . - - # Test image loading - gunzip -c low-code-engine-test.tar.gz | docker load - - echo "✅ Test deployment simulation completed" - - # Cleanup test files - rm -f low-code-engine-test.tar.gz /tmp/low-code-engine-test.tar.gz - docker rmi low-code-engine:test-${{ inputs.pr_number }} || true - cd .. - rm -rf test-pr-${{ inputs.pr_number }} - - - name: Cleanup on failure - if: failure() && secrets.TESTING_SERVER_HOST - uses: appleboy/ssh-action@v1.0.3 - with: - host: ${{ secrets.TESTING_SERVER_HOST }} - username: ${{ secrets.TESTING_SERVER_USER }} - key: ${{ secrets.TESTING_SERVER_SSH_KEY }} - port: ${{ secrets.TESTING_SERVER_PORT || 22 }} - script: | - # Cleanup any test artifacts - rm -f /tmp/low-code-engine-test.tar.gz - rm -rf /opt/low-code-engine/test-pr-${{ inputs.pr_number }} - docker rmi low-code-engine:test-${{ inputs.pr_number }} || true - echo "🧹 Cleanup completed" - - test-health-endpoints: - name: Test Health Endpoints - runs-on: ubuntu-latest - needs: test-deployment - if: ${{ secrets.TESTING_SERVER_HOST }} - - steps: - - name: Test server health endpoints - uses: appleboy/ssh-action@v1.0.3 - with: - host: ${{ secrets.TESTING_SERVER_HOST }} - username: ${{ secrets.TESTING_SERVER_USER }} - key: ${{ secrets.TESTING_SERVER_SSH_KEY }} - port: ${{ secrets.TESTING_SERVER_PORT || 22 }} - script: | - echo "Testing health check endpoints..." - - # Test monitoring script - if [ -f /usr/local/bin/monitor-deployments ]; then - echo "✅ Monitor script exists" - /usr/local/bin/monitor-deployments | head -20 - else - echo "❌ Monitor script not found" - fi - - # Test cleanup script - if [ -f /usr/local/bin/cleanup-old-deployments ]; then - echo "✅ Cleanup script exists" - else - echo "❌ Cleanup script not found" - fi - - # Test nginx configuration - if command -v nginx &> /dev/null; then - echo "✅ Nginx is installed" - nginx -t 2>&1 | head -5 - else - echo "❌ Nginx not installed" - fi - - # Test docker access - docker ps | head -5 - echo "Docker system info:" - docker system df - - security-check: - name: Security Check - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run security audit - run: | - echo "Running security checks..." - - # Check for secrets in code - if grep -r "password\|secret\|key" --include="*.ts" --include="*.js" --include="*.json" src/ | grep -v "// TODO\|console.log"; then - echo "❌ Potential secrets found in code" - exit 1 - else - echo "✅ No secrets found in source code" - fi - - # Check Docker image for security issues - echo "Building secure Docker image..." - docker build -t security-test . - - # Basic security checks - echo "Checking Docker image user..." - docker run --rm security-test whoami | grep -v root || echo "✅ Not running as root" - - docker rmi security-test - - - name: Check workflow security - run: | - echo "Checking workflow file security..." - - # Check that secrets are properly referenced - if grep -E '\$\{\{\s*secrets\.' .github/workflows/*.yml > /dev/null; then - echo "✅ Secrets properly referenced" - else - echo "❌ No secrets found in workflows" - fi - - # Check for hardcoded values - if grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' .github/workflows/*.yml; then - echo "❌ Hardcoded IP addresses found" - exit 1 - else - echo "✅ No hardcoded IP addresses" - fi diff --git a/DEPLOYMENT.md b/DEPLOYMENT.md index 8e5567b..053036f 100644 --- a/DEPLOYMENT.md +++ b/DEPLOYMENT.md @@ -1,86 +1,86 @@ # GitHub Actions Deployment Setup -Этот документ описывает настройку автоматического развертывания на тестовом сервере при создании Pull Request в ветку `develop`. +This document describes the setup for automatic deployment to a testing server when creating a Pull Request to the `develop` branch. -## Требуемые GitHub Secrets +## Required GitHub Secrets -Перейдите в настройки репозитория → Settings → Secrets and variables → Actions и добавьте следующие секреты: +Go to repository settings → Settings → Secrets and variables → Actions and add the following secrets: ### SSH Connection -- `TESTING_SERVER_HOST` - IP адрес или домен тестового сервера -- `TESTING_SERVER_USER` - Пользователь для SSH подключения (например: `deploy`) -- `TESTING_SERVER_SSH_KEY` - Приватный SSH ключ для подключения к серверу -- `TESTING_SERVER_PORT` - (опционально) Порт SSH (по умолчанию 22) +- `TESTING_SERVER_HOST` - IP address or domain of the testing server +- `TESTING_SERVER_USER` - User for SSH connection (e.g., `deploy`) +- `TESTING_SERVER_SSH_KEY` - Private SSH key for server connection +- `TESTING_SERVER_PORT` - (optional) SSH port (default: 22) ### Database Configuration -- `TESTING_DB_ROOT_PASSWORD` - Root пароль для MariaDB -- `TESTING_DB_USERNAME` - Пользователь базы данных -- `TESTING_DB_PASSWORD` - Пароль пользователя базы данных +- `TESTING_DB_ROOT_PASSWORD` - Root password for MariaDB +- `TESTING_DB_USERNAME` - Database user +- `TESTING_DB_PASSWORD` - Database user password -## Требуемые GitHub Variables +## Required GitHub Variables -Перейдите в настройки репозитория → Settings → Secrets and variables → Actions → Variables и добавьте: +Go to repository settings → Settings → Secrets and variables → Actions → Variables and add: -- `TESTING_BASE_PORT` - Базовый порт для приложений (по умолчанию: 3000) -- `TESTING_BASE_DB_PORT` - Базовый порт для баз данных (по умолчанию: 3306) -- `TESTING_BASE_REDIS_PORT` - Базовый порт для Redis (по умолчанию: 6379) +- `TESTING_BASE_PORT` - Base port for applications (default: 3000) +- `TESTING_BASE_DB_PORT` - Base port for databases (default: 3306) +- `TESTING_BASE_REDIS_PORT` - Base port for Redis (default: 6379) -## Настройка тестового сервера +## Testing Server Setup -### 1. Установка Docker и Docker Compose +### 1. Installing Docker and Docker Compose ```bash -# Обновление системы +# System update sudo apt update && sudo apt upgrade -y -# Установка Docker +# Docker installation curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh -# Добавление пользователя в группу docker +# Add user to docker group sudo usermod -aG docker $USER -# Установка Docker Compose +# Install Docker Compose sudo apt install docker-compose-plugin -y ``` -### 2. Создание пользователя для развертывания +### 2. Creating deployment user ```bash -# Создание пользователя +# Create user sudo useradd -m -s /bin/bash deploy sudo usermod -aG docker deploy -# Создание директории для SSH ключей +# Create SSH keys directory sudo mkdir -p /home/deploy/.ssh sudo chmod 700 /home/deploy/.ssh -# Добавление публичного SSH ключа +# Add public SSH key sudo nano /home/deploy/.ssh/authorized_keys -# Вставьте публичный ключ, соответствующий приватному ключу в TESTING_SERVER_SSH_KEY +# Insert public key corresponding to private key in TESTING_SERVER_SSH_KEY sudo chmod 600 /home/deploy/.ssh/authorized_keys sudo chown -R deploy:deploy /home/deploy/.ssh -# Создание директории для приложений +# Create applications directory sudo mkdir -p /opt/low-code-engine sudo chown deploy:deploy /opt/low-code-engine ``` -### 3. Настройка Nginx (опционально) +### 3. Nginx Setup (Optional) -Если хотите использовать доменные имена вместо портов: +If you want to use domain names instead of ports: ```bash sudo apt install nginx -y -# Создание конфигурации для тестовых приложений +# Create configuration for testing applications sudo nano /etc/nginx/sites-available/testing-apps ``` -Содержимое файла: +File content: ```nginx server { @@ -99,76 +99,76 @@ server { ``` ```bash -# Активация конфигурации +# Activate configuration sudo ln -s /etc/nginx/sites-available/testing-apps /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx ``` -## Как работает развертывание +## How Deployment Works -### Процесс развертывания +### Deployment Process -1. **Trigger**: Создание или обновление Pull Request в ветку `develop` -2. **Build**: Сборка приложения и создание Docker образа -3. **Deploy**: Копирование файлов на сервер и запуск контейнеров -4. **Health Check**: Проверка доступности приложения -5. **Comment**: Добавление комментария в PR с информацией о развертывании +1. **Trigger**: Creating or updating Pull Request to `develop` branch +2. **Build**: Building application and creating Docker image +3. **Deploy**: Copying files to server and starting containers +4. **Health Check**: Checking application availability +5. **Comment**: Adding comment to PR with deployment information -### Структура на сервере +### Server Structure ``` /opt/low-code-engine/ -├── testing-pr-123/ # Отдельная директория для каждого PR -│ ├── docker-compose.yml # Основной docker-compose файл -│ ├── docker-compose.override.yml # Переопределения для тестинга -│ ├── .env # Переменные окружения -│ ├── docker/ # Docker конфигурации -│ └── low-code-engine-testing.tar.gz # Docker образ +├── testing-pr-123/ # Separate directory for each PR +│ ├── docker-compose.yml # Main docker-compose file +│ ├── docker-compose.override.yml # Testing overrides +│ ├── .env # Environment variables +│ ├── docker/ # Docker configurations +│ └── low-code-engine-testing.tar.gz # Docker image ├── testing-pr-124/ └── ... ``` -### Порты +### Ports -Каждому PR назначаются уникальные порты: +Each PR is assigned unique ports: -- Приложение: `TESTING_BASE_PORT + PR_NUMBER` (например: 3000 + 123 = 3123) -- База данных: `TESTING_BASE_DB_PORT + PR_NUMBER` (например: 3306 + 123 = 3429) -- Redis: `TESTING_BASE_REDIS_PORT + PR_NUMBER` (например: 6379 + 123 = 6502) +- Application: `TESTING_BASE_PORT + PR_NUMBER` (e.g., 3000 + 123 = 3123) +- Database: `TESTING_BASE_DB_PORT + PR_NUMBER` (e.g., 3306 + 123 = 3429) +- Redis: `TESTING_BASE_REDIS_PORT + PR_NUMBER` (e.g., 6379 + 123 = 6502) ### Cleanup -При закрытии или мердже PR автоматически происходит: +When PR is closed or merged, automatically: -1. Остановка и удаление контейнеров -2. Удаление Docker образов -3. Удаление файлов на сервере -4. Добавление комментария об очистке +1. Stop and remove containers +2. Remove Docker images +3. Remove files on server +4. Add cleanup comment -## Безопасность +## Security -1. **SSH ключи**: Используйте отдельный SSH ключ только для развертывания -2. **Пользователь**: Создайте отдельного пользователя с минимальными правами -3. **Firewall**: Настройте фаервол для ограничения доступа к портам -4. **SSL/TLS**: Рассмотрите использование SSL сертификатов для HTTPS +1. **SSH Keys**: Use separate SSH key only for deployment +2. **User**: Create separate user with minimal privileges +3. **Firewall**: Configure firewall to restrict port access +4. **SSL/TLS**: Consider using SSL certificates for HTTPS -## Мониторинг и логи +## Monitoring and Logs -### Просмотр логов приложения +### View Application Logs ```bash cd /opt/low-code-engine/testing-pr-{PR_NUMBER} docker-compose logs -f app ``` -### Просмотр статуса контейнеров +### View Container Status ```bash docker-compose ps ``` -### Мониторинг ресурсов +### Resource Monitoring ```bash docker stats @@ -176,33 +176,33 @@ docker stats ## Troubleshooting -### Проблемы с портами +### Port Issues -Если порт занят, проверьте какие приложения его используют: +If port is occupied, check which applications are using it: ```bash sudo netstat -tulpn | grep :{PORT} ``` -### Проблемы с Docker +### Docker Issues -Очистка неиспользуемых ресурсов: +Clean up unused resources: ```bash docker system prune -f ``` -### Проблемы с базой данных +### Database Issues -Проверка подключения к базе данных: +Check database connection: ```bash docker-compose exec mariadb mysql -u root -p -e "SHOW DATABASES;" ``` -### Проблемы с миграциями +### Migration Issues -Ручной запуск миграций: +Manual migration run: ```bash docker-compose exec app yarn migration:run