From c3249e523d425e606c684d87d883e5e2cb660f53 Mon Sep 17 00:00:00 2001 From: Esdras Renan Date: Thu, 9 Oct 2025 19:48:04 -0300 Subject: [PATCH] ci: adicionar job manual de diagnostico do Convex (env set/list + teste de registro) --- .github/workflows/ci-cd-web-desktop.yml | 48 +++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/.github/workflows/ci-cd-web-desktop.yml b/.github/workflows/ci-cd-web-desktop.yml index 5107ddc..655049a 100644 --- a/.github/workflows/ci-cd-web-desktop.yml +++ b/.github/workflows/ci-cd-web-desktop.yml @@ -347,3 +347,51 @@ jobs: **/bundle/**/* target: ${{ env.VPS_UPDATES_DIR }} overwrite: true + + diagnose_convex: + name: Diagnose Convex (env + register test) + if: ${{ github.event_name == 'workflow_dispatch' }} + runs-on: [ self-hosted, linux, vps ] + steps: + - name: Print service env and .env subset + run: | + echo "=== Convex service env ===" + docker service inspect sistema_convex_backend --format '{{range .Spec.TaskTemplate.ContainerSpec.Env}}{{println .}}{{end}}' || true + echo + echo "=== /srv/apps/sistema/.env subset ===" + [ -f /srv/apps/sistema/.env ] && grep -E '^(MACHINE_PROVISIONING_SECRET|MACHINE_TOKEN_TTL_MS|FLEET_SYNC_SECRET|NEXT_PUBLIC_CONVEX_URL)=' -n /srv/apps/sistema/.env || echo '(no .env)' + - name: Acquire Convex admin key + id: key + run: | + CID=$(docker ps --format '{{.ID}} {{.Names}}' | awk '/sistema_convex_backend/{print $1; exit}') + if [ -z "$CID" ]; then echo "No convex container"; exit 1; fi + KEY=$(docker exec -i "$CID" /bin/sh -lc './generate_admin_key.sh' | tr -d '\r' | grep -o 'convex-self-hosted|[^ ]*' | tail -n1) + echo "ADMIN_KEY=$KEY" >> $GITHUB_OUTPUT + echo "Admin key acquired? $([ -n "$KEY" ] && echo yes || echo no)" + - name: List Convex env and set missing + env: + CONVEX_SELF_HOSTED_URL: https://convex.esdrasrenan.com.br + ADMIN_KEY: ${{ steps.key.outputs.ADMIN_KEY }} + run: | + set -e + if [ -f /srv/apps/sistema/.env ]; then + set -o allexport + . /srv/apps/sistema/.env + set +o allexport + fi + docker run --rm -i \ + -v /srv/apps/sistema:/app -w /app \ + -e CONVEX_SELF_HOSTED_URL -e CONVEX_SELF_HOSTED_ADMIN_KEY="$ADMIN_KEY" \ + -e MACHINE_PROVISIONING_SECRET -e MACHINE_TOKEN_TTL_MS -e FLEET_SYNC_SECRET \ + node:20-bullseye bash -lc "set -euo pipefail; corepack enable; corepack prepare pnpm@9 --activate; pnpm i --frozen-lockfile --prod=false; \ + unset CONVEX_DEPLOYMENT; pnpm exec convex env list; \ + if [ -n \"$MACHINE_PROVISIONING_SECRET\" ]; then pnpm exec convex env set MACHINE_PROVISIONING_SECRET \"$MACHINE_PROVISIONING_SECRET\" -y; fi; \ + if [ -n \"$MACHINE_TOKEN_TTL_MS\" ]; then pnpm exec convex env set MACHINE_TOKEN_TTL_MS \"$MACHINE_TOKEN_TTL_MS\" -y; fi; \ + if [ -n \"$FLEET_SYNC_SECRET\" ]; then pnpm exec convex env set FLEET_SYNC_SECRET \"$FLEET_SYNC_SECRET\" -y; fi; \ + pnpm exec convex env list" + - name: Test register from runner + run: | + HOST="vm-teste-$(date +%s)" + DATA='{"provisioningSecret":"'"${MACHINE_PROVISIONING_SECRET:-"71daa9ef54cb224547e378f8121ca898b614446c142a132f73c2221b4d53d7d6"}"'","tenantId":"tenant-atlas","hostname":"'"$HOST"'","os":{"name":"Linux","version":"6.1.0","architecture":"x86_64"},"macAddresses":["AA:BB:CC:DD:EE:FF"],"serialNumbers":[],"metadata":{"inventario":{"cpu":"i7","ramGb":16}},"registeredBy":"diag-test"}' + HTTP=$(curl -sS -o resp.json -w "%{http_code}" -H 'Content-Type: application/json' -d "$DATA" https://tickets.esdrasrenan.com.br/api/machines/register || true) + echo "Register HTTP=$HTTP" && tail -c 400 resp.json || true