diff --git a/.github/workflows/ci-cd-web-desktop.yml b/.github/workflows/ci-cd-web-desktop.yml index 84aaa73..761c11e 100644 --- a/.github/workflows/ci-cd-web-desktop.yml +++ b/.github/workflows/ci-cd-web-desktop.yml @@ -234,13 +234,29 @@ jobs: echo "Heartbeat HTTP=$HB" if [ "$HB" != "200" ]; then echo "Heartbeat failed"; exit 1; fi - - name: Cleanup old build workdirs (keep last 3) + - name: Cleanup current build workdir run: | set -e - find "$HOME/apps" -maxdepth 1 -type d -name 'sistema.build.*' | sort -r | tail -n +4 | while read dir; do + if [ -n "${EFFECTIVE_APP_DIR:-}" ] && [ -d "$EFFECTIVE_APP_DIR" ]; then + echo "Removing current build dir: $EFFECTIVE_APP_DIR" + rm -rf "$EFFECTIVE_APP_DIR" || echo "Failed to remove $EFFECTIVE_APP_DIR (will try old dirs next)" + fi + + - name: Cleanup old build workdirs (keep last 2) + run: | + set -e + ROOT="$HOME/apps" + KEEP=2 + echo "Scanning $ROOT for old sistema.build.* dirs" + LIST=$(find "$ROOT" -maxdepth 1 -type d -name 'sistema.build.*' | sort -r || true) + echo "$LIST" | sed -n "1,${KEEP}p" | sed 's/^/Keeping: /' || true + echo "$LIST" | sed "1,${KEEP}d" | while read dir; do + [ -z "$dir" ] && continue echo "Removing $dir" - sudo rm -rf "$dir" - done || true + rm -rf "$dir" || echo "Failed to remove $dir" + done + echo "Disk usage (top 10 under $ROOT):" + du -sh "$ROOT"/* 2>/dev/null | sort -rh | head -n 10 || true - name: Restart web service with new code run: | @@ -271,6 +287,15 @@ jobs: echo "Using APP_DIR (fallback)=$FALLBACK_DIR" echo "EFFECTIVE_APP_DIR=$FALLBACK_DIR" >> "$GITHUB_ENV" + - name: Validate secrets present (Convex) + env: + CONVEX_SELF_HOSTED_URL: ${{ secrets.CONVEX_SELF_HOSTED_URL }} + CONVEX_SELF_HOSTED_ADMIN_KEY: ${{ secrets.CONVEX_SELF_HOSTED_ADMIN_KEY }} + run: | + set -e + if [ -z "${CONVEX_SELF_HOSTED_URL:-}" ]; then echo "Missing secret: CONVEX_SELF_HOSTED_URL" >&2; exit 1; fi + if [ -z "${CONVEX_SELF_HOSTED_ADMIN_KEY:-}" ]; then echo "Missing secret: CONVEX_SELF_HOSTED_ADMIN_KEY" >&2; exit 1; fi + - name: Sync workspace to APP_DIR (preserving local env) run: | mkdir -p "$EFFECTIVE_APP_DIR" @@ -336,6 +361,27 @@ jobs: -e CONVEX_SELF_HOSTED_ADMIN_KEY \ node:20-bullseye bash -lc "set -euo pipefail; unset CONVEX_DEPLOYMENT; corepack enable; corepack prepare pnpm@9 --activate; pnpm install --frozen-lockfile --prod=false; pnpm exec convex deploy" + - name: Cleanup current build workdir (convex) + run: | + set -e + if [ -n "${EFFECTIVE_APP_DIR:-}" ] && [ -d "$EFFECTIVE_APP_DIR" ]; then + echo "Removing current build dir: $EFFECTIVE_APP_DIR" + rm -rf "$EFFECTIVE_APP_DIR" || echo "Failed to remove $EFFECTIVE_APP_DIR" + fi + + - name: Cleanup old convex build workdirs (keep last 2) + run: | + set -e + ROOT="$HOME/apps" + KEEP=2 + LIST=$(find "$ROOT" -maxdepth 1 -type d -name 'sistema.build.*' | sort -r || true) + echo "$LIST" | sed -n "1,${KEEP}p" | sed 's/^/Keeping: /' || true + echo "$LIST" | sed "1,${KEEP}d" | while read dir; do + [ -z "$dir" ] && continue + echo "Removing $dir" + rm -rf "$dir" || echo "Failed to remove $dir" + done + desktop_release: name: Desktop Release (Windows) if: ${{ startsWith(github.ref, 'refs/tags/v') }} diff --git a/scripts/start-web.sh b/scripts/start-web.sh new file mode 100644 index 0000000..b540e39 --- /dev/null +++ b/scripts/start-web.sh @@ -0,0 +1,30 @@ +#!/usr/bin/env bash +set -euo pipefail + +echo "[start-web] Starting web service..." +echo "[start-web] Node: $(node -v || true)" + +cd /app + +# Ensure pnpm available in this base image +corepack enable >/dev/null 2>&1 || true +corepack prepare pnpm@9 --activate >/dev/null 2>&1 || true + +echo "[start-web] Using APP_DIR=$(pwd)" +echo "[start-web] NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-}" +echo "[start-web] NEXT_PUBLIC_CONVEX_URL=${NEXT_PUBLIC_CONVEX_URL:-}" + +# Prisma generate (idempotent) and apply DB migrations +echo "[start-web] prisma generate" +pnpm prisma:generate + +echo "[start-web] prisma migrate deploy" +pnpm exec prisma migrate deploy + +# Seed Better Auth users safely (ensure-only by default) +echo "[start-web] seeding Better Auth users (ensure-only)" +pnpm auth:seed || true + +echo "[start-web] launching Next.js" +exec pnpm start -p 3000 + diff --git a/stack.yml b/stack.yml index 990d808..3e14a95 100644 --- a/stack.yml +++ b/stack.yml @@ -14,8 +14,9 @@ services: NODE_ENV: "production" # Garante instalação de devDependencies para o build (prisma CLI) NPM_CONFIG_PRODUCTION: "false" - # Use service-to-service no overlay para o Convex - NEXT_PUBLIC_CONVEX_URL: "http://sistema_convex_backend:3210" + # IMPORTANTE: "NEXT_PUBLIC_*" é consumida pelo navegador (cliente). Use a URL pública do Convex. + # Não use o hostname interno do Swarm aqui, pois o browser não consegue resolvê-lo. + NEXT_PUBLIC_CONVEX_URL: "${NEXT_PUBLIC_CONVEX_URL}" # URLs públicas do app (evita fallback para localhost) NEXT_PUBLIC_APP_URL: "${NEXT_PUBLIC_APP_URL}" BETTER_AUTH_URL: "${BETTER_AUTH_URL}" @@ -91,7 +92,7 @@ services: healthcheck: test: ["CMD-SHELL", "curl -sf http://localhost:3210/version >/dev/null || exit 1"] interval: 10s - timeout: 3s + timeout: 10s retries: 5 start_period: 20s