4 Commits

Author SHA1 Message Date
18f77530ec Fix Docker container Python dependencies issue
Some checks failed
Release - Northern Thailand Ping River Monitor / Create Release (push) Successful in 6s
Security & Dependency Updates / Dependency Security Scan (push) Successful in 37s
Security & Dependency Updates / License Compliance (push) Successful in 17s
Security & Dependency Updates / Code Quality Metrics (push) Has been cancelled
Security & Dependency Updates / Check for Dependency Updates (push) Has been cancelled
Security & Dependency Updates / Security Summary (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.11) (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.12) (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.9) (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Build Release Images (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Security Scan (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Deployment (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Notify Release (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.10) (push) Has been cancelled
Dockerfile Fixes:
- Copy Python packages to /home/appuser/.local instead of /root/.local
- Create appuser home directory before copying packages
- Update PATH to use /home/appuser/.local/bin
- Set proper ownership of .local directory for appuser
- Ensure appuser has access to installed Python packages

 Problem Solved:
- Container was failing with 'ModuleNotFoundError: No module named requests'
- appuser couldn't access packages installed in /root/.local
- Python dependencies now properly accessible to non-root user

 Docker container should now start successfully with all dependencies
2025-08-13 11:50:03 +07:00
f21d05f404 fixed docker deploy
Some checks failed
Release - Northern Thailand Ping River Monitor / Create Release (push) Successful in 4s
Security & Dependency Updates / Dependency Security Scan (push) Successful in 19s
Security & Dependency Updates / License Compliance (push) Successful in 11s
Security & Dependency Updates / Check for Dependency Updates (push) Successful in 17s
Security & Dependency Updates / Code Quality Metrics (push) Successful in 14s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.10) (push) Successful in 12s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.11) (push) Successful in 12s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.12) (push) Successful in 13s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.9) (push) Successful in 16s
Security & Dependency Updates / Security Summary (push) Successful in 7s
Release - Northern Thailand Ping River Monitor / Build Release Images (push) Successful in 50s
Release - Northern Thailand Ping River Monitor / Security Scan (push) Successful in 6s
Release - Northern Thailand Ping River Monitor / Test Release Deployment (push) Failing after 3m48s
Release - Northern Thailand Ping River Monitor / Notify Release (push) Successful in 2s
2025-08-13 11:37:36 +07:00
ff447292f0 Improve release workflow: Local testing instead of production deployment
Some checks failed
Release - Northern Thailand Ping River Monitor / Create Release (push) Successful in 5s
Security & Dependency Updates / License Compliance (push) Has been cancelled
Security & Dependency Updates / Check for Dependency Updates (push) Has been cancelled
Security & Dependency Updates / Code Quality Metrics (push) Has been cancelled
Security & Dependency Updates / Security Summary (push) Has been cancelled
Security & Dependency Updates / Dependency Security Scan (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.11) (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.12) (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.9) (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Build Release Images (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Security Scan (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Deployment (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Notify Release (push) Has been cancelled
Release - Northern Thailand Ping River Monitor / Test Release Build (3.10) (push) Has been cancelled
Release Workflow Changes:
- Replace production deployment with local container testing
- Spin up Docker container on same machine (port 8080)
- Run comprehensive health checks against local container
- Test all API endpoints (health, docs, stations, metrics)
- Clean up test container after validation

 Removed Redundant Validation:
- Remove validate-release job (redundant with local testing)
- Consolidate all testing into deploy-release job
- Update notification dependencies (validate-release  deploy-release)
- Remove external URL dependencies

 Benefits:
- No external production system required
- Safer testing approach (isolated container)
- Comprehensive API validation before any real deployment
- Container logs available for debugging
- Ready-to-deploy image verification

 Workflow now tests locally and confirms image is ready for production
2025-08-13 11:27:38 +07:00
da4545c6d8 fixed actions username var
Some checks failed
Release - Northern Thailand Ping River Monitor / Create Release (push) Successful in 6s
Security & Dependency Updates / Dependency Security Scan (push) Successful in 26s
Security & Dependency Updates / License Compliance (push) Successful in 12s
Security & Dependency Updates / Check for Dependency Updates (push) Successful in 18s
Security & Dependency Updates / Code Quality Metrics (push) Successful in 15s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.10) (push) Successful in 18s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.11) (push) Successful in 13s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.12) (push) Successful in 14s
Release - Northern Thailand Ping River Monitor / Test Release Build (3.9) (push) Successful in 13s
Security & Dependency Updates / Security Summary (push) Successful in 7s
Release - Northern Thailand Ping River Monitor / Build Release Images (push) Successful in 59s
Release - Northern Thailand Ping River Monitor / Security Scan (push) Successful in 5s
Release - Northern Thailand Ping River Monitor / Deploy Release (push) Failing after 1m3s
Release - Northern Thailand Ping River Monitor / Validate Release (push) Has been skipped
Release - Northern Thailand Ping River Monitor / Notify Release (push) Successful in 1s
2025-08-13 11:04:43 +07:00
2 changed files with 81 additions and 87 deletions

View File

@@ -126,7 +126,7 @@ jobs:
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: B4L-Bot
username: ${{ vars.WORKER_USERNAME}}
password: ${{ secrets.CI_BOT_TOKEN }}
- name: Build and push release images
@@ -163,14 +163,14 @@ jobs:
# Deploy release to production
# Test release deployment locally
deploy-release:
name: Deploy Release
name: Test Release Deployment
runs-on: ubuntu-latest
needs: [create-release, build-release, security-scan]
environment:
name: production
url: https://ping-river-monitor.b4l.co.th
name: testing
url: http://localhost:8080
steps:
- name: Checkout code
@@ -178,114 +178,107 @@ jobs:
with:
token: ${{ secrets.GITEA_TOKEN }}
- name: Deploy to production
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ vars.WORKER_USERNAME}}
password: ${{ secrets.CI_BOT_TOKEN }}
- name: Deploy to production (Local Test)
run: |
echo "🚀 Deploying ${{ needs.create-release.outputs.version }} to production..."
echo "🚀 Testing ${{ needs.create-release.outputs.version }} deployment locally..."
# Example deployment commands (customize for your infrastructure)
# kubectl set image deployment/ping-river-monitor app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}
# docker-compose pull && docker-compose up -d
# Or webhook call to your deployment system
# Pull the built image
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}
echo "✅ Deployment initiated"
# Stop any existing containers
docker stop ping-river-monitor-test || true
docker rm ping-river-monitor-test || true
# Start the container for testing
docker run -d \
--name ping-river-monitor-test \
-p 8080:8000 \
-e LOG_LEVEL=INFO \
-e DB_TYPE=sqlite \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}
echo "✅ Container started for testing"
- name: Health check after deployment
run: |
echo "⏳ Waiting for deployment to stabilize..."
sleep 60
echo "⏳ Waiting for application to start..."
sleep 30
echo "🔍 Running health checks..."
curl -f https://ping-river-monitor.b4l.co.th/health
curl -f https://ping-river-monitor.b4l.co.th/stations
echo "🔍 Running health checks against local container..."
echo "✅ Health checks passed!"
# Wait for the application to be ready
for i in {1..12}; do
if curl -f http://localhost:8080/health; then
echo "✅ Health endpoint responding"
break
else
echo "⏳ Waiting for health endpoint... (attempt $i/12)"
sleep 10
fi
done
- name: Update deployment status
# Test API endpoints
echo "🧪 Testing API endpoints..."
curl -f http://localhost:8080/health || exit 1
curl -f http://localhost:8080/docs || exit 1
curl -f http://localhost:8080/stations || exit 1
curl -f http://localhost:8080/metrics || exit 1
echo "✅ All health checks passed!"
- name: Container logs and cleanup
if: always()
run: |
echo "📊 Deployment Summary:"
echo "📋 Container logs:"
docker logs ping-river-monitor-test || true
echo "🧹 Cleaning up test container..."
docker stop ping-river-monitor-test || true
docker rm ping-river-monitor-test || true
echo "📊 Deployment Test Summary:"
echo "Version: ${{ needs.create-release.outputs.version }}"
echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}"
echo "URL: https://ping-river-monitor.b4l.co.th"
echo "Grafana: https://grafana.ping-river-monitor.b4l.co.th"
echo "API Docs: https://ping-river-monitor.b4l.co.th/docs"
echo "Status: Container tested successfully"
echo "Ready for production deployment"
# Post-release validation
validate-release:
name: Validate Release
runs-on: ubuntu-latest
needs: deploy-release
steps:
- name: Comprehensive API test
run: |
echo "🧪 Running comprehensive API tests..."
# Test all major endpoints
curl -f https://ping-river-monitor.b4l.co.th/health
curl -f https://ping-river-monitor.b4l.co.th/metrics
curl -f https://ping-river-monitor.b4l.co.th/stations
curl -f https://ping-river-monitor.b4l.co.th/measurements/latest?limit=5
curl -f https://ping-river-monitor.b4l.co.th/scraping/status
echo "✅ All API endpoints responding correctly"
- name: Performance validation
run: |
echo "⚡ Running performance validation..."
# Install Apache Bench
sudo apt-get update && sudo apt-get install -y apache2-utils
# Test response times
ab -n 10 -c 2 https://ping-river-monitor.b4l.co.th/health
ab -n 10 -c 2 https://ping-river-monitor.b4l.co.th/stations
echo "✅ Performance validation completed"
- name: Data validation
run: |
echo "📊 Validating data collection..."
# Check if recent data is available
response=$(curl -s https://ping-river-monitor.b4l.co.th/measurements/latest?limit=1)
echo "Latest measurement: $response"
# Validate data structure (basic check)
if echo "$response" | grep -q "water_level"; then
echo "✅ Data structure validation passed"
else
echo "❌ Data structure validation failed"
exit 1
fi
# Notify stakeholders
notify:
name: Notify Release
runs-on: ubuntu-latest
needs: [create-release, validate-release]
needs: [create-release, deploy-release]
if: always()
steps:
- name: Notify success
if: needs.validate-release.result == 'success'
if: needs.deploy-release.result == 'success'
run: |
echo "🎉 Release ${{ needs.create-release.outputs.version }} deployed successfully!"
echo "🌐 Production URL: https://ping-river-monitor.b4l.co.th"
echo "📊 Grafana: https://grafana.ping-river-monitor.b4l.co.th"
echo "📚 API Docs: https://ping-river-monitor.b4l.co.th/docs"
echo "🎉 Release ${{ needs.create-release.outputs.version }} tested successfully!"
echo "🧪 Local Test: Passed all health checks"
echo "<EFBFBD> GDocker Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}"
echo "✅ Ready for production deployment"
# Add notification to Slack, Discord, email, etc.
# curl -X POST -H 'Content-type: application/json' \
# --data '{"text":"🎉 Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} deployed successfully!"}' \
# --data '{"text":"🎉 Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} tested and ready for deployment!"}' \
# ${{ secrets.SLACK_WEBHOOK_URL }}
- name: Notify failure
if: needs.validate-release.result == 'failure'
if: needs.deploy-release.result == 'failure'
run: |
echo "❌ Release ${{ needs.create-release.outputs.version }} deployment failed!"
echo "Please check the logs and take corrective action."
echo "❌ Release ${{ needs.create-release.outputs.version }} testing failed!"
echo "Please check the logs and fix issues before production deployment."
# Add failure notification
# curl -X POST -H 'Content-type: application/json' \
# --data '{"text":"❌ Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} deployment failed!"}' \
# --data '{"text":"❌ Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} testing failed!"}' \
# ${{ secrets.SLACK_WEBHOOK_URL }}

View File

@@ -22,26 +22,27 @@ FROM python:3.11-slim
# Set working directory
WORKDIR /app
# Install runtime dependencies
# Install runtime dependencies and create user
RUN apt-get update && apt-get install -y \
wget \
curl \
&& rm -rf /var/lib/apt/lists/* \
&& groupadd -r appuser && useradd -r -g appuser appuser
&& groupadd -r appuser && useradd -r -g appuser appuser \
&& mkdir -p /home/appuser/.local
# Copy Python packages from builder stage
COPY --from=builder /root/.local /root/.local
COPY --from=builder /root/.local /home/appuser/.local
# Copy application code
COPY . .
# Create logs directory and set permissions
RUN mkdir -p logs && chown -R appuser:appuser /app
RUN mkdir -p logs && chown -R appuser:appuser /app /home/appuser/.local
# Set environment variables
ENV PYTHONUNBUFFERED=1
ENV TZ=Asia/Bangkok
ENV PATH=/root/.local/bin:$PATH
ENV PATH=/home/appuser/.local/bin:$PATH
# Switch to non-root user
USER appuser