diff --git a/infra/staging/README.md b/infra/staging/README.md index 489d646..d9f09e9 100644 --- a/infra/staging/README.md +++ b/infra/staging/README.md @@ -4,38 +4,40 @@ Staging-miljø for WPP i Proxmox LXC, så release-klar kode kan deployes og smoke-testes sikkert. ## Miljø -- LXC: `CT 143` (`wpp-staging`) -- App path: `/opt/wpp-staging/app` -- Service: `wpp-staging.service` -- Health endpoint: `GET /healthz` +- LXC: CT 143 (wpp-staging) +- App path: /opt/wpp-staging/app +- Service: wpp-staging.service +- Health endpoint: GET /healthz ## Verifikation Kør fra devops-shell med Proxmox-adgang: -```bash -ssh proxmox-lan "sudo -n pct status 143" -ssh proxmox-lan "sudo -n pct exec 143 -- systemctl is-active wpp-staging.service" -ssh proxmox-lan "sudo -n pct exec 143 -- curl -fsS http://127.0.0.1:8000/healthz" -``` + ssh proxmox-lan "sudo -n pct status 143" + ssh proxmox-lan "sudo -n pct exec 143 -- systemctl is-active wpp-staging.service" + ssh proxmox-lan "sudo -n pct exec 143 -- curl -fsS http://127.0.0.1:8000/healthz" Forventet: -- CT er `running` -- service er `active` -- healthz returnerer JSON med `ok: true` +- CT er running +- service er active +- healthz returnerer JSON med ok=true -## Deploy -Script: `infra/staging/deploy_staging.sh` +## Deploy (canonical execution context) +Deploy skal altid køres via Proxmox host over SSH (ikke fra lokal coder-shell med direkte sudo pct). -```bash -# deploy main -./infra/staging/deploy_staging.sh +Officiel kommando: -# deploy bestemt tag/branch -./infra/staging/deploy_staging.sh v0.3.0 -``` + ./infra/staging/deploy_staging.sh [ref] + +Scriptet bruger default PROXMOX_HOST=proxmox-lan og kører sudo -n pct exec på hosten. + +Eksempler: + + ./infra/staging/deploy_staging.sh + ./infra/staging/deploy_staging.sh v0.3.0 + PROXMOX_HOST=proxmox-prod ./infra/staging/deploy_staging.sh main ## Policy-kobling Før deploy: -1. Bekræft at tester **ikke** er aktiv (ingen aktiv smoke-run). +1. Bekræft at tester ikke er aktiv (ingen aktiv smoke-run). 2. Deploy til staging skal lykkes. -3. Først derefter må release-tag oprettes (se `docs/RELEASE_POLICY.md`). +3. Først derefter må release-tag oprettes (se docs/RELEASE_POLICY.md). diff --git a/infra/staging/deploy_staging.sh b/infra/staging/deploy_staging.sh index d756570..b440c3c 100755 --- a/infra/staging/deploy_staging.sh +++ b/infra/staging/deploy_staging.sh @@ -4,14 +4,15 @@ set -euo pipefail CT_ID="${CT_ID:-143}" REF_NAME="${1:-main}" ARCHIVE_URL="https://gitea.weircon.dk/wpp/weirsoe-party-protocol/archive/${REF_NAME}.tar.gz" +PROXMOX_HOST="${PROXMOX_HOST:-proxmox-lan}" -echo "[deploy] CT_ID=${CT_ID} REF=${REF_NAME}" +echo "[deploy] host=${PROXMOX_HOST} CT_ID=${CT_ID} REF=${REF_NAME}" echo "[deploy] extracting source + installing deps + migrate + restart" -sudo -n pct exec "${CT_ID}" -- bash -lc "set -euo pipefail +ssh "${PROXMOX_HOST}" "sudo -n /usr/sbin/pct exec ${CT_ID} -- bash -lc \"set -euo pipefail mkdir -p /opt/wpp-staging/releases/src cd /opt/wpp-staging/releases -curl -fsSL "${ARCHIVE_URL}" -o app.tar.gz +curl -fsSL \\\"${ARCHIVE_URL}\\\" -o app.tar.gz rm -rf src && mkdir src tar -xzf app.tar.gz -C src --strip-components=1 rm -rf /opt/wpp-staging/app/* @@ -22,7 +23,6 @@ runuser -u wpp -- .venv/bin/pip install -U pip >/dev/null runuser -u wpp -- .venv/bin/pip install -r requirements.txt >/dev/null runuser -u wpp -- .venv/bin/python manage.py migrate --noinput systemctl restart wpp-staging.service -curl -fsS http://127.0.0.1:8000/healthz -" +curl -fsS http://127.0.0.1:8000/healthz\"" echo "[deploy] OK: staging deploy complete for CT ${CT_ID} (${REF_NAME})"