Compare commits
	
		
			4 Commits
		
	
	
		
			e0ff8c89fb
			...
			v3.1.13
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 18f77530ec | |||
| f21d05f404 | |||
| ff447292f0 | |||
| da4545c6d8 | 
| @@ -126,7 +126,7 @@ jobs: | |||||||
|       uses: docker/login-action@v3 |       uses: docker/login-action@v3 | ||||||
|       with:  |       with:  | ||||||
|         registry: ${{ env.REGISTRY }} |         registry: ${{ env.REGISTRY }} | ||||||
|         username: B4L-Bot |         username: ${{ vars.WORKER_USERNAME}} | ||||||
|         password: ${{ secrets.CI_BOT_TOKEN }} |         password: ${{ secrets.CI_BOT_TOKEN }} | ||||||
|          |          | ||||||
|     - name: Build and push release images |     - name: Build and push release images | ||||||
| @@ -163,14 +163,14 @@ jobs: | |||||||
|        |        | ||||||
|  |  | ||||||
|  |  | ||||||
|   # Deploy release to production |   # Test release deployment locally | ||||||
|   deploy-release: |   deploy-release: | ||||||
|     name: Deploy Release |     name: Test Release Deployment | ||||||
|     runs-on: ubuntu-latest |     runs-on: ubuntu-latest | ||||||
|     needs: [create-release, build-release, security-scan] |     needs: [create-release, build-release, security-scan] | ||||||
|     environment: |     environment: | ||||||
|       name: production |       name: testing | ||||||
|       url: https://ping-river-monitor.b4l.co.th |       url: http://localhost:8080 | ||||||
|        |        | ||||||
|     steps: |     steps: | ||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
| @@ -178,114 +178,107 @@ jobs: | |||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.GITEA_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Deploy to production |     - name: Log in to Container Registry | ||||||
|  |       uses: docker/login-action@v3 | ||||||
|  |       with:  | ||||||
|  |         registry: ${{ env.REGISTRY }} | ||||||
|  |         username: ${{ vars.WORKER_USERNAME}} | ||||||
|  |         password: ${{ secrets.CI_BOT_TOKEN }} | ||||||
|  |          | ||||||
|  |     - name: Deploy to production (Local Test) | ||||||
|       run: | |       run: | | ||||||
|         echo "🚀 Deploying ${{ needs.create-release.outputs.version }} to production..." |         echo "🚀 Testing ${{ needs.create-release.outputs.version }} deployment locally..." | ||||||
|          |          | ||||||
|         # Example deployment commands (customize for your infrastructure) |         # Pull the built image | ||||||
|         # kubectl set image deployment/ping-river-monitor app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} |         docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} | ||||||
|         # docker-compose pull && docker-compose up -d |  | ||||||
|         # Or webhook call to your deployment system |  | ||||||
|          |          | ||||||
|         echo "✅ Deployment initiated" |         # Stop any existing containers | ||||||
|  |         docker stop ping-river-monitor-test || true | ||||||
|  |         docker rm ping-river-monitor-test || true | ||||||
|  |          | ||||||
|  |         # Start the container for testing | ||||||
|  |         docker run -d \ | ||||||
|  |           --name ping-river-monitor-test \ | ||||||
|  |           -p 8080:8000 \ | ||||||
|  |           -e LOG_LEVEL=INFO \ | ||||||
|  |           -e DB_TYPE=sqlite \ | ||||||
|  |           ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} | ||||||
|  |          | ||||||
|  |         echo "✅ Container started for testing" | ||||||
|          |          | ||||||
|     - name: Health check after deployment |     - name: Health check after deployment | ||||||
|       run: | |       run: | | ||||||
|         echo "⏳ Waiting for deployment to stabilize..." |         echo "⏳ Waiting for application to start..." | ||||||
|         sleep 60 |         sleep 30 | ||||||
|          |          | ||||||
|         echo "🔍 Running health checks..." |         echo "🔍 Running health checks against local container..." | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/health |  | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/stations |  | ||||||
|          |          | ||||||
|         echo "✅ Health checks passed!" |         # Wait for the application to be ready | ||||||
|  |         for i in {1..12}; do | ||||||
|  |           if curl -f http://localhost:8080/health; then | ||||||
|  |             echo "✅ Health endpoint responding" | ||||||
|  |             break | ||||||
|  |           else | ||||||
|  |             echo "⏳ Waiting for health endpoint... (attempt $i/12)" | ||||||
|  |             sleep 10 | ||||||
|  |           fi | ||||||
|  |         done | ||||||
|          |          | ||||||
|     - name: Update deployment status |         # Test API endpoints | ||||||
|  |         echo "🧪 Testing API endpoints..." | ||||||
|  |         curl -f http://localhost:8080/health || exit 1 | ||||||
|  |         curl -f http://localhost:8080/docs || exit 1 | ||||||
|  |         curl -f http://localhost:8080/stations || exit 1 | ||||||
|  |         curl -f http://localhost:8080/metrics || exit 1 | ||||||
|  |          | ||||||
|  |         echo "✅ All health checks passed!" | ||||||
|  |          | ||||||
|  |     - name: Container logs and cleanup | ||||||
|  |       if: always() | ||||||
|       run: | |       run: | | ||||||
|         echo "📊 Deployment Summary:" |         echo "📋 Container logs:" | ||||||
|  |         docker logs ping-river-monitor-test || true | ||||||
|  |          | ||||||
|  |         echo "🧹 Cleaning up test container..." | ||||||
|  |         docker stop ping-river-monitor-test || true | ||||||
|  |         docker rm ping-river-monitor-test || true | ||||||
|  |          | ||||||
|  |         echo "📊 Deployment Test Summary:" | ||||||
|         echo "Version: ${{ needs.create-release.outputs.version }}" |         echo "Version: ${{ needs.create-release.outputs.version }}" | ||||||
|         echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}" |         echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}" | ||||||
|         echo "URL: https://ping-river-monitor.b4l.co.th" |         echo "Status: Container tested successfully" | ||||||
|         echo "Grafana: https://grafana.ping-river-monitor.b4l.co.th" |         echo "Ready for production deployment" | ||||||
|         echo "API Docs: https://ping-river-monitor.b4l.co.th/docs" |  | ||||||
|  |  | ||||||
|   # Post-release validation |  | ||||||
|   validate-release: |  | ||||||
|     name: Validate Release |  | ||||||
|     runs-on: ubuntu-latest |  | ||||||
|     needs: deploy-release |  | ||||||
|  |  | ||||||
|     steps: |  | ||||||
|     - name: Comprehensive API test |  | ||||||
|       run: | |  | ||||||
|         echo "🧪 Running comprehensive API tests..." |  | ||||||
|          |  | ||||||
|         # Test all major endpoints |  | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/health |  | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/metrics |  | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/stations |  | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/measurements/latest?limit=5 |  | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/scraping/status |  | ||||||
|          |  | ||||||
|         echo "✅ All API endpoints responding correctly" |  | ||||||
|          |  | ||||||
|     - name: Performance validation |  | ||||||
|       run: | |  | ||||||
|         echo "⚡ Running performance validation..." |  | ||||||
|          |  | ||||||
|         # Install Apache Bench |  | ||||||
|         sudo apt-get update && sudo apt-get install -y apache2-utils |  | ||||||
|          |  | ||||||
|         # Test response times |  | ||||||
|         ab -n 10 -c 2 https://ping-river-monitor.b4l.co.th/health |  | ||||||
|         ab -n 10 -c 2 https://ping-river-monitor.b4l.co.th/stations |  | ||||||
|          |  | ||||||
|         echo "✅ Performance validation completed" |  | ||||||
|          |  | ||||||
|     - name: Data validation |  | ||||||
|       run: | |  | ||||||
|         echo "📊 Validating data collection..." |  | ||||||
|          |  | ||||||
|         # Check if recent data is available |  | ||||||
|         response=$(curl -s https://ping-river-monitor.b4l.co.th/measurements/latest?limit=1) |  | ||||||
|         echo "Latest measurement: $response" |  | ||||||
|          |  | ||||||
|         # Validate data structure (basic check) |  | ||||||
|         if echo "$response" | grep -q "water_level"; then |  | ||||||
|           echo "✅ Data structure validation passed" |  | ||||||
|         else |  | ||||||
|           echo "❌ Data structure validation failed" |  | ||||||
|           exit 1 |  | ||||||
|         fi |  | ||||||
|  |  | ||||||
|   # Notify stakeholders |   # Notify stakeholders | ||||||
|   notify: |   notify: | ||||||
|     name: Notify Release |     name: Notify Release | ||||||
|     runs-on: ubuntu-latest |     runs-on: ubuntu-latest | ||||||
|     needs: [create-release, validate-release] |     needs: [create-release, deploy-release] | ||||||
|     if: always() |     if: always() | ||||||
|      |      | ||||||
|     steps: |     steps: | ||||||
|     - name: Notify success |     - name: Notify success | ||||||
|       if: needs.validate-release.result == 'success' |       if: needs.deploy-release.result == 'success' | ||||||
|       run: | |       run: | | ||||||
|         echo "🎉 Release ${{ needs.create-release.outputs.version }} deployed successfully!" |         echo "🎉 Release ${{ needs.create-release.outputs.version }} tested successfully!" | ||||||
|         echo "🌐 Production URL: https://ping-river-monitor.b4l.co.th" |         echo "🧪 Local Test: Passed all health checks" | ||||||
|         echo "📊 Grafana: https://grafana.ping-river-monitor.b4l.co.th" |         echo "<EFBFBD> GDocker Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}" | ||||||
|         echo "📚 API Docs: https://ping-river-monitor.b4l.co.th/docs" |         echo "✅ Ready for production deployment" | ||||||
|          |          | ||||||
|         # Add notification to Slack, Discord, email, etc. |         # Add notification to Slack, Discord, email, etc. | ||||||
|         # curl -X POST -H 'Content-type: application/json' \ |         # curl -X POST -H 'Content-type: application/json' \ | ||||||
|         #   --data '{"text":"🎉 Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} deployed successfully!"}' \ |         #   --data '{"text":"🎉 Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} tested and ready for deployment!"}' \ | ||||||
|         #   ${{ secrets.SLACK_WEBHOOK_URL }} |         #   ${{ secrets.SLACK_WEBHOOK_URL }} | ||||||
|          |          | ||||||
|     - name: Notify failure |     - name: Notify failure | ||||||
|       if: needs.validate-release.result == 'failure' |       if: needs.deploy-release.result == 'failure' | ||||||
|       run: | |       run: | | ||||||
|         echo "❌ Release ${{ needs.create-release.outputs.version }} deployment failed!" |         echo "❌ Release ${{ needs.create-release.outputs.version }} testing failed!" | ||||||
|         echo "Please check the logs and take corrective action." |         echo "Please check the logs and fix issues before production deployment." | ||||||
|          |          | ||||||
|         # Add failure notification |         # Add failure notification | ||||||
|         # curl -X POST -H 'Content-type: application/json' \ |         # curl -X POST -H 'Content-type: application/json' \ | ||||||
|         #   --data '{"text":"❌ Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} deployment failed!"}' \ |         #   --data '{"text":"❌ Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} testing failed!"}' \ | ||||||
|         #   ${{ secrets.SLACK_WEBHOOK_URL }} |         #   ${{ secrets.SLACK_WEBHOOK_URL }} | ||||||
							
								
								
									
										11
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										11
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -22,26 +22,27 @@ FROM python:3.11-slim | |||||||
| # Set working directory | # Set working directory | ||||||
| WORKDIR /app | WORKDIR /app | ||||||
|  |  | ||||||
| # Install runtime dependencies | # Install runtime dependencies and create user | ||||||
| RUN apt-get update && apt-get install -y \ | RUN apt-get update && apt-get install -y \ | ||||||
|     wget \ |     wget \ | ||||||
|     curl \ |     curl \ | ||||||
|     && rm -rf /var/lib/apt/lists/* \ |     && rm -rf /var/lib/apt/lists/* \ | ||||||
|     && groupadd -r appuser && useradd -r -g appuser appuser |     && groupadd -r appuser && useradd -r -g appuser appuser \ | ||||||
|  |     && mkdir -p /home/appuser/.local | ||||||
|  |  | ||||||
| # Copy Python packages from builder stage | # Copy Python packages from builder stage | ||||||
| COPY --from=builder /root/.local /root/.local | COPY --from=builder /root/.local /home/appuser/.local | ||||||
|  |  | ||||||
| # Copy application code | # Copy application code | ||||||
| COPY . . | COPY . . | ||||||
|  |  | ||||||
| # Create logs directory and set permissions | # Create logs directory and set permissions | ||||||
| RUN mkdir -p logs && chown -R appuser:appuser /app | RUN mkdir -p logs && chown -R appuser:appuser /app /home/appuser/.local | ||||||
|  |  | ||||||
| # Set environment variables | # Set environment variables | ||||||
| ENV PYTHONUNBUFFERED=1 | ENV PYTHONUNBUFFERED=1 | ||||||
| ENV TZ=Asia/Bangkok | ENV TZ=Asia/Bangkok | ||||||
| ENV PATH=/root/.local/bin:$PATH | ENV PATH=/home/appuser/.local/bin:$PATH | ||||||
|  |  | ||||||
| # Switch to non-root user | # Switch to non-root user | ||||||
| USER appuser | USER appuser | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user