esdras/sistema-de-chamados
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ci(stack): usar APP_DIR efetivo e fallback para pasta no /home/renan\n\n- Determina diretório gravável (fallback /home/renan/apps/sistema) e usa em rsync e stack deploy.\n- stack.yml aceita com default para /srv/apps/sistema.\n- Evita necessidade de sudo e problemas de permissão no /srv.

Browse source
This commit is contained in:
Esdras Renan 2025-10-09 16:58:17 -03:00
parent c99c9bfe78
commit 82c16533da
2 changed files with 40 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

50
.github/workflows/ci-cd-web-desktop.yml vendored
View file

@ -58,6 +58,20 @@ jobs:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Determine writable APP_DIR
id: appdir
run: |
DEFAULT_DIR="${APP_DIR:-/srv/apps/sistema}"
FALLBACK_DIR="$HOME/apps/sistema"
TARGET_DIR="$DEFAULT_DIR"
mkdir -p "$TARGET_DIR" 2>/dev/null || true
if ! (test -d "$TARGET_DIR" && test -w "$TARGET_DIR"); then
TARGET_DIR="$FALLBACK_DIR"
mkdir -p "$TARGET_DIR"
fi
echo "Using APP_DIR=$TARGET_DIR"
echo "EFFECTIVE_APP_DIR=$TARGET_DIR" >> "$GITHUB_ENV"
- name: Setup pnpm - name: Setup pnpm
uses: pnpm/action-setup@v4 uses: pnpm/action-setup@v4
with: with:
@ -71,7 +85,7 @@ jobs:
- name: Sync workspace to APP_DIR (preserving local env) - name: Sync workspace to APP_DIR (preserving local env)
run: | run: |
mkdir -p "$APP_DIR" mkdir -p "$EFFECTIVE_APP_DIR"
RSYNC_FLAGS="-az --inplace --no-times --no-perms --no-owner --no-group --delete" RSYNC_FLAGS="-az --inplace --no-times --no-perms --no-owner --no-group --delete"
rsync $RSYNC_FLAGS \ rsync $RSYNC_FLAGS \
--filter='protect node_modules' \ --filter='protect node_modules' \
@ -91,8 +105,8 @@ jobs:
--exclude '.env*' \ --exclude '.env*' \
--exclude 'apps/desktop/.env*' \ --exclude 'apps/desktop/.env*' \
--exclude 'convex/.env*' \ --exclude 'convex/.env*' \
./ "$APP_DIR"/ \ ./ "$EFFECTIVE_APP_DIR"/ \
|| sudo -n rsync $RSYNC_FLAGS \ || rsync $RSYNC_FLAGS \
--filter='protect node_modules' \ --filter='protect node_modules' \
--filter='protect node_modules/**' \ --filter='protect node_modules/**' \
--filter='protect .pnpm-store' \ --filter='protect .pnpm-store' \
@ -110,7 +124,7 @@ jobs:
--exclude '.env*' \ --exclude '.env*' \
--exclude 'apps/desktop/.env*' \ --exclude 'apps/desktop/.env*' \
--exclude 'convex/.env*' \ --exclude 'convex/.env*' \
./ "$APP_DIR"/ ./ "$EFFECTIVE_APP_DIR"/
- name: Install and build (Next.js) - name: Install and build (Next.js)
run: | run: |
@ -122,8 +136,8 @@ jobs:
- name: Swarm deploy (stack.yml) - name: Swarm deploy (stack.yml)
run: | run: |
cd "$APP_DIR" cd "$EFFECTIVE_APP_DIR"
RELEASE_SHA=${{ github.sha }} docker stack deploy --with-registry-auth -c stack.yml sistema APP_DIR="$EFFECTIVE_APP_DIR" RELEASE_SHA=${{ github.sha }} docker stack deploy --with-registry-auth -c stack.yml sistema
- name: Restart web service with new code - name: Restart web service with new code
run: | run: |
@ -144,9 +158,23 @@ jobs:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Determine writable APP_DIR
id: appdir
run: |
DEFAULT_DIR="${APP_DIR:-/srv/apps/sistema}"
FALLBACK_DIR="$HOME/apps/sistema"
TARGET_DIR="$DEFAULT_DIR"
mkdir -p "$TARGET_DIR" 2>/dev/null || true
if ! (test -d "$TARGET_DIR" && test -w "$TARGET_DIR"); then
TARGET_DIR="$FALLBACK_DIR"
mkdir -p "$TARGET_DIR"
fi
echo "Using APP_DIR=$TARGET_DIR"
echo "EFFECTIVE_APP_DIR=$TARGET_DIR" >> "$GITHUB_ENV"
- name: Sync workspace to APP_DIR (preserving local env) - name: Sync workspace to APP_DIR (preserving local env)
run: | run: |
mkdir -p "$APP_DIR" mkdir -p "$EFFECTIVE_APP_DIR"
RSYNC_FLAGS="-az --inplace --no-times --no-perms --no-owner --no-group --delete" RSYNC_FLAGS="-az --inplace --no-times --no-perms --no-owner --no-group --delete"
rsync $RSYNC_FLAGS \ rsync $RSYNC_FLAGS \
--filter='protect node_modules' \ --filter='protect node_modules' \
@ -166,8 +194,8 @@ jobs:
--exclude '.env*' \ --exclude '.env*' \
--exclude 'apps/desktop/.env*' \ --exclude 'apps/desktop/.env*' \
--exclude 'convex/.env*' \ --exclude 'convex/.env*' \
./ "$APP_DIR"/ \ ./ "$EFFECTIVE_APP_DIR"/ \
|| sudo -n rsync $RSYNC_FLAGS \ || rsync $RSYNC_FLAGS \
--filter='protect node_modules' \ --filter='protect node_modules' \
--filter='protect node_modules/**' \ --filter='protect node_modules/**' \
--filter='protect .pnpm-store' \ --filter='protect .pnpm-store' \
@ -185,11 +213,11 @@ jobs:
--exclude '.env*' \ --exclude '.env*' \
--exclude 'apps/desktop/.env*' \ --exclude 'apps/desktop/.env*' \
--exclude 'convex/.env*' \ --exclude 'convex/.env*' \
./ "$APP_DIR"/ ./ "$EFFECTIVE_APP_DIR"/
- name: Deploy functions to Convex self-hosted - name: Deploy functions to Convex self-hosted
run: | run: |
docker run --rm -i \ docker run --rm -i \
-v "$APP_DIR":/app \ -v "$EFFECTIVE_APP_DIR":/app \
-w /app \ -w /app \
-e CONVEX_SELF_HOSTED_URL="${{ secrets.CONVEX_SELF_HOSTED_URL }}" \ -e CONVEX_SELF_HOSTED_URL="${{ secrets.CONVEX_SELF_HOSTED_URL }}" \
-e CONVEX_SELF_HOSTED_ADMIN_KEY="${{ secrets.CONVEX_SELF_HOSTED_ADMIN_KEY }}" \ -e CONVEX_SELF_HOSTED_ADMIN_KEY="${{ secrets.CONVEX_SELF_HOSTED_ADMIN_KEY }}" \

2
stack.yml
View file

@ -12,7 +12,7 @@ services:
&& pnpm auth:seed \ && pnpm auth:seed \
&& pnpm start -p 3000" && pnpm start -p 3000"
volumes: volumes:
- /srv/apps/sistema:/app - ${APP_DIR:-/srv/apps/sistema}:/app
- sistema_db:/app/data - sistema_db:/app/data
environment: environment:
NODE_ENV: "production" NODE_ENV: "production"