Compare commits
	
		
			22 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 730cbac7ae | |||
| 9c36be162f | |||
| c3498bda76 | |||
| 4336e99e0c | |||
| 455259a852 | |||
| d8709c0849 | |||
| b753866b98 | |||
| 6141140beb | |||
| c62ee5f699 | |||
| cd59236473 | |||
| 18f77530ec | |||
| f21d05f404 | |||
| ff447292f0 | |||
| da4545c6d8 | |||
| e0ff8c89fb | |||
| 5579637995 | |||
| 1816b6e14a | |||
| 8dedc9303b | |||
| 94c6db9b72 | |||
| 0afb57789b | |||
| 02a0f479dc | |||
| 841a5a492c | 
| @@ -29,7 +29,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Set up Python ${{ matrix.python-version }} |     - name: Set up Python ${{ matrix.python-version }} | ||||||
|       uses: actions/setup-python@v4 |       uses: actions/setup-python@v4 | ||||||
| @@ -101,7 +101,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Set up Python |     - name: Set up Python | ||||||
|       uses: actions/setup-python@v4 |       uses: actions/setup-python@v4 | ||||||
| @@ -139,7 +139,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Set up Docker Buildx |     - name: Set up Docker Buildx | ||||||
|       uses: docker/setup-buildx-action@v3 |       uses: docker/setup-buildx-action@v3 | ||||||
| @@ -200,7 +200,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Wait for VictoriaMetrics |     - name: Wait for VictoriaMetrics | ||||||
|       run: | |       run: | | ||||||
| @@ -253,7 +253,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Deploy to staging |     - name: Deploy to staging | ||||||
|       run: | |       run: | | ||||||
| @@ -280,7 +280,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Deploy to production |     - name: Deploy to production | ||||||
|       run: | |       run: | | ||||||
| @@ -309,7 +309,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Install Apache Bench |     - name: Install Apache Bench | ||||||
|       run: | |       run: | | ||||||
|   | |||||||
| @@ -28,7 +28,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Set up Python |     - name: Set up Python | ||||||
|       uses: actions/setup-python@v4 |       uses: actions/setup-python@v4 | ||||||
| @@ -130,7 +130,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Set up Python |     - name: Set up Python | ||||||
|       uses: actions/setup-python@v4 |       uses: actions/setup-python@v4 | ||||||
| @@ -229,7 +229,7 @@ jobs: | |||||||
|     - name: Checkout code |     - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |       uses: actions/checkout@v4 | ||||||
|       with: |       with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |         token: ${{ secrets.GITEA_TOKEN }} | ||||||
|        |        | ||||||
|     - name: Set up Python |     - name: Set up Python | ||||||
|       uses: actions/setup-python@v4 |       uses: actions/setup-python@v4 | ||||||
|   | |||||||
| @@ -3,16 +3,16 @@ name: Release - Northern Thailand Ping River Monitor | |||||||
| on: | on: | ||||||
|   push: |   push: | ||||||
|     tags: |     tags: | ||||||
|       - 'v*.*.*' |       - "v*.*.*" | ||||||
|   workflow_dispatch: |   workflow_dispatch: | ||||||
|     inputs: |     inputs: | ||||||
|       version: |       version: | ||||||
|         description: 'Release version (e.g., v3.1.3)' |         description: "Release version (e.g., v3.1.3)" | ||||||
|         required: true |         required: true | ||||||
|         type: string |         type: string | ||||||
|  |  | ||||||
| env: | env: | ||||||
|   PYTHON_VERSION: '3.11' |   PYTHON_VERSION: "3.11" | ||||||
|   REGISTRY: git.b4l.co.th |   REGISTRY: git.b4l.co.th | ||||||
|   IMAGE_NAME: b4l/northern-thailand-ping-river-monitor |   IMAGE_NAME: b4l/northern-thailand-ping-river-monitor | ||||||
|   # GitHub token for better rate limits and authentication |   # GitHub token for better rate limits and authentication | ||||||
| @@ -27,42 +27,42 @@ jobs: | |||||||
|       version: ${{ steps.version.outputs.version }} |       version: ${{ steps.version.outputs.version }} | ||||||
|  |  | ||||||
|     steps: |     steps: | ||||||
|     - name: Checkout code |       - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|       with: |         with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|         fetch-depth: 0 |           fetch-depth: 0 | ||||||
|  |  | ||||||
|     - name: Get version |       - name: Get version | ||||||
|       id: version |         id: version | ||||||
|       run: | |         run: | | ||||||
|         if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then |           if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then | ||||||
|           echo "version=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT |             echo "version=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT | ||||||
|         else |           else | ||||||
|           echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT |             echo "version=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT | ||||||
|         fi |           fi | ||||||
|  |  | ||||||
|     - name: Generate changelog |       - name: Generate changelog | ||||||
|       id: changelog |         id: changelog | ||||||
|       run: | |         run: | | ||||||
|         # Generate changelog from git commits |           # Generate changelog from git commits | ||||||
|         echo "## Changes" > CHANGELOG.md |           echo "## Changes" > CHANGELOG.md | ||||||
|         git log --pretty=format:"- %s" $(git describe --tags --abbrev=0 HEAD^)..HEAD >> CHANGELOG.md || echo "- Initial release" >> CHANGELOG.md |           git log --pretty=format:"- %s" $(git describe --tags --abbrev=0 HEAD^)..HEAD >> CHANGELOG.md || echo "- Initial release" >> CHANGELOG.md | ||||||
|         echo "" >> CHANGELOG.md |           echo "" >> CHANGELOG.md | ||||||
|         echo "## Docker Images" >> CHANGELOG.md |           echo "## Docker Images" >> CHANGELOG.md | ||||||
|         echo "- \`${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.version }}\`" >> CHANGELOG.md |           echo "- \`${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.version }}\`" >> CHANGELOG.md | ||||||
|         echo "- \`${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest\`" >> CHANGELOG.md |           echo "- \`${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest\`" >> CHANGELOG.md | ||||||
|  |  | ||||||
|     - name: Create Release |       - name: Create Release | ||||||
|       uses: actions/create-release@v1 |         uses: actions/create-release@v1 | ||||||
|       env: |         env: | ||||||
|         GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN }} |           GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN }} | ||||||
|       with: |         with: | ||||||
|         tag_name: ${{ steps.version.outputs.version }} |           tag_name: ${{ steps.version.outputs.version }} | ||||||
|         release_name: Northern Thailand Ping River Monitor ${{ steps.version.outputs.version }} |           release_name: Northern Thailand Ping River Monitor ${{ steps.version.outputs.version }} | ||||||
|         body_path: CHANGELOG.md |           body_path: CHANGELOG.md | ||||||
|         draft: false |           draft: false | ||||||
|         prerelease: false |           prerelease: false | ||||||
|  |  | ||||||
|   # Build and test for release |   # Build and test for release | ||||||
|   test-release: |   test-release: | ||||||
| @@ -71,41 +71,41 @@ jobs: | |||||||
|     needs: create-release |     needs: create-release | ||||||
|     strategy: |     strategy: | ||||||
|       matrix: |       matrix: | ||||||
|         python-version: ['3.9', '3.10', '3.11', '3.12'] |         python-version: ["3.9", "3.10", "3.11", "3.12"] | ||||||
|  |  | ||||||
|     steps: |     steps: | ||||||
|     - name: Checkout code |       - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|       with: |         with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|     - name: Set up Python ${{ matrix.python-version }} |       - name: Set up Python ${{ matrix.python-version }} | ||||||
|       uses: actions/setup-python@v4 |         uses: actions/setup-python@v4 | ||||||
|       with: |         with: | ||||||
|         python-version: ${{ matrix.python-version }} |           python-version: ${{ matrix.python-version }} | ||||||
|  |  | ||||||
|     - name: Install dependencies |       - name: Install dependencies | ||||||
|       run: | |         run: | | ||||||
|         python -m pip install --upgrade pip --root-user-action=ignore |           python -m pip install --upgrade pip --root-user-action=ignore | ||||||
|         pip install --root-user-action=ignore -r requirements.txt |           pip install --root-user-action=ignore -r requirements.txt | ||||||
|         pip install --root-user-action=ignore -r requirements-dev.txt |           pip install --root-user-action=ignore -r requirements-dev.txt | ||||||
|  |  | ||||||
|     - name: Run full test suite |       - name: Run full test suite | ||||||
|       run: | |         run: | | ||||||
|         python tests/test_integration.py |           python tests/test_integration.py | ||||||
|         python tests/test_station_management.py |           python tests/test_station_management.py | ||||||
|         python run.py --test |           python run.py --test | ||||||
|  |  | ||||||
|     - name: Build Python package |       - name: Build Python package | ||||||
|       run: | |         run: | | ||||||
|         pip install --root-user-action=ignore build |           pip install --root-user-action=ignore build | ||||||
|         python -m build |           python -m build | ||||||
|  |  | ||||||
|     - name: Upload Python package |       - name: Upload Python package | ||||||
|       uses: actions/upload-artifact@v3 |         uses: actions/upload-artifact@v3 | ||||||
|       with: |         with: | ||||||
|         name: python-package-${{ matrix.python-version }} |           name: python-package-${{ matrix.python-version }} | ||||||
|         path: dist/ |           path: dist/ | ||||||
|  |  | ||||||
|   # Build release Docker images |   # Build release Docker images | ||||||
|   build-release: |   build-release: | ||||||
| @@ -114,40 +114,40 @@ jobs: | |||||||
|     needs: [create-release, test-release] |     needs: [create-release, test-release] | ||||||
|  |  | ||||||
|     steps: |     steps: | ||||||
|     - name: Checkout code |       - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|       with: |         with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|     - name: Set up Docker Buildx |       - name: Set up Docker Buildx | ||||||
|       uses: docker/setup-buildx-action@v3 |         uses: docker/setup-buildx-action@v3 | ||||||
|  |  | ||||||
|     - name: Log in to Container Registry |       - name: Log in to Container Registry | ||||||
|       uses: docker/login-action@v3 |         uses: docker/login-action@v3 | ||||||
|       with: |         with: | ||||||
|         registry: ${{ env.REGISTRY }} |           registry: ${{ env.REGISTRY }} | ||||||
|         username: ${{ github.actor }} |           username: ${{ vars.WORKER_USERNAME}} | ||||||
|         password: ${{ secrets.GITEA_TOKEN }} |           password: ${{ secrets.CI_BOT_TOKEN }} | ||||||
|  |  | ||||||
|     - name: Build and push release images |       - name: Build and push release images | ||||||
|       uses: docker/build-push-action@v5 |         uses: docker/build-push-action@v5 | ||||||
|       with: |         with: | ||||||
|         context: . |           context: . | ||||||
|         platforms: linux/amd64,linux/arm64 |           platforms: linux/amd64,linux/arm64 | ||||||
|         push: true |           push: true | ||||||
|         tags: | |           tags: | | ||||||
|           ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} |             ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} | ||||||
|           ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest |             ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | ||||||
|         labels: | |           labels: | | ||||||
|           org.opencontainers.image.title=Northern Thailand Ping River Monitor |             org.opencontainers.image.title=Northern Thailand Ping River Monitor | ||||||
|           org.opencontainers.image.description=Real-time water level monitoring for Ping River Basin |             org.opencontainers.image.description=Real-time water level monitoring for Ping River Basin | ||||||
|           org.opencontainers.image.version=${{ needs.create-release.outputs.version }} |             org.opencontainers.image.version=${{ needs.create-release.outputs.version }} | ||||||
|           org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }} |             org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }} | ||||||
|           org.opencontainers.image.revision=${{ github.sha }} |             org.opencontainers.image.revision=${{ github.sha }} | ||||||
|         cache-from: type=gha |           cache-from: type=gha | ||||||
|         cache-to: type=gha,mode=max |           cache-to: type=gha,mode=max | ||||||
|       env: |         env: | ||||||
|         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |           GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|   # Security scan for release |   # Security scan for release | ||||||
|   security-scan: |   security-scan: | ||||||
| @@ -156,136 +156,159 @@ jobs: | |||||||
|     needs: build-release |     needs: build-release | ||||||
|  |  | ||||||
|     steps: |     steps: | ||||||
|     - name: Checkout code |       - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|       with: |         with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN}} | ||||||
|  |  | ||||||
|  |   # Test release deployment locally | ||||||
|  |  | ||||||
|   # Deploy release to production |  | ||||||
|   deploy-release: |   deploy-release: | ||||||
|     name: Deploy Release |     name: Test Release Deployment | ||||||
|     runs-on: ubuntu-latest |     runs-on: ubuntu-latest | ||||||
|     needs: [create-release, build-release, security-scan] |     needs: [create-release, build-release, security-scan] | ||||||
|     environment: |     environment: | ||||||
|       name: production |       name: testing | ||||||
|       url: https://ping-river-monitor.b4l.co.th |       url: http://localhost:8080 | ||||||
|  |  | ||||||
|     steps: |     steps: | ||||||
|     - name: Checkout code |       - name: Checkout code | ||||||
|       uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|       with: |         with: | ||||||
|         token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|     - name: Deploy to production |       - name: Log in to Container Registry | ||||||
|       run: | |         uses: docker/login-action@v3 | ||||||
|         echo "🚀 Deploying ${{ needs.create-release.outputs.version }} to production..." |         with: | ||||||
|  |           registry: ${{ env.REGISTRY }} | ||||||
|  |           username: ${{ vars.WORKER_USERNAME}} | ||||||
|  |           password: ${{ secrets.CI_BOT_TOKEN }} | ||||||
|  |  | ||||||
|         # Example deployment commands (customize for your infrastructure) |       - name: Deploy to production (Local Test) | ||||||
|         # kubectl set image deployment/ping-river-monitor app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} |         run: | | ||||||
|         # docker-compose pull && docker-compose up -d |           set -euo pipefail | ||||||
|         # Or webhook call to your deployment system |           echo "🚀 Testing ${{ needs.create-release.outputs.version }} deployment locally..." | ||||||
|  |  | ||||||
|         echo "✅ Deployment initiated" |           # Create a dedicated network so we can resolve by container name | ||||||
|  |           docker network create ci_net || true | ||||||
|  |  | ||||||
|     - name: Health check after deployment |           # Pull the built image | ||||||
|       run: | |           docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} | ||||||
|         echo "⏳ Waiting for deployment to stabilize..." |  | ||||||
|         sleep 60 |  | ||||||
|  |  | ||||||
|         echo "🔍 Running health checks..." |           # Stop & remove any existing container | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/health |           docker rm -f ping-river-monitor-test 2>/dev/null || true | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/stations |  | ||||||
|  |  | ||||||
|         echo "✅ Health checks passed!" |           # Start the container on the user-defined network | ||||||
|  |           docker run -d \ | ||||||
|  |             --name ping-river-monitor-test \ | ||||||
|  |             --network ci_net \ | ||||||
|  |             -p 8080:8000 \ | ||||||
|  |             -e LOG_LEVEL=INFO \ | ||||||
|  |             -e DB_TYPE=sqlite \ | ||||||
|  |             ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }} | ||||||
|  |  | ||||||
|     - name: Update deployment status |           echo "✅ Container started for testing" | ||||||
|       run: | |  | ||||||
|         echo "📊 Deployment Summary:" |  | ||||||
|         echo "Version: ${{ needs.create-release.outputs.version }}" |  | ||||||
|         echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}" |  | ||||||
|         echo "URL: https://ping-river-monitor.b4l.co.th" |  | ||||||
|         echo "Grafana: https://grafana.ping-river-monitor.b4l.co.th" |  | ||||||
|         echo "API Docs: https://ping-river-monitor.b4l.co.th/docs" |  | ||||||
|  |  | ||||||
|   # Post-release validation |       - name: Health check after deployment | ||||||
|   validate-release: |         run: | | ||||||
|     name: Validate Release |           set -euo pipefail | ||||||
|     runs-on: ubuntu-latest |           echo "⏳ Waiting for application to start..." | ||||||
|     needs: deploy-release |  | ||||||
|  |  | ||||||
|     steps: |           # Pull a curl-only image for probing (keeps your app image slim) | ||||||
|     - name: Comprehensive API test |           docker pull curlimages/curl:8.10.1 | ||||||
|       run: | |  | ||||||
|         echo "🧪 Running comprehensive API tests..." |  | ||||||
|  |  | ||||||
|         # Test all major endpoints |           # Helper: curl via a sibling container on the SAME Docker network | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/health |           probe() { | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/metrics |             local url="$1" | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/stations |             docker run --rm --network ci_net curlimages/curl:8.10.1 \ | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/measurements/latest?limit=5 |               -sS --max-time 5 --connect-timeout 3 -w "HTTP_CODE:%{http_code}" "$url" || true | ||||||
|         curl -f https://ping-river-monitor.b4l.co.th/scraping/status |           } | ||||||
|  |  | ||||||
|         echo "✅ All API endpoints responding correctly" |           # Wait for /health (up to ~3m 45s) | ||||||
|  |           for i in {1..15}; do | ||||||
|  |             echo "🔍 Attempt $i/15: checking http://ping-river-monitor-test:8000/health" | ||||||
|  |             resp="$(probe http://ping-river-monitor-test:8000/health)" | ||||||
|  |             code="$(echo "$resp" | sed -n 's/.*HTTP_CODE:\([0-9]\+\).*/\1/p')" | ||||||
|  |             body="$(echo "$resp" | sed 's/HTTP_CODE:[0-9]*$//')" | ||||||
|              |              | ||||||
|     - name: Performance validation |             echo "HTTP: ${code:-<none>} | Body: ${body:-<empty>}" | ||||||
|       run: | |  | ||||||
|         echo "⚡ Running performance validation..." |  | ||||||
|              |              | ||||||
|         # Install Apache Bench |             if [ "${code:-}" = "200" ] && [ -n "${body:-}" ]; then | ||||||
|         sudo apt-get update && sudo apt-get install -y apache2-utils |               echo "✅ Health endpoint responding successfully" | ||||||
|  |               break | ||||||
|  |             fi | ||||||
|              |              | ||||||
|         # Test response times |             echo "❌ Not ready yet. Showing recent logs…" | ||||||
|         ab -n 10 -c 2 https://ping-river-monitor.b4l.co.th/health |             docker logs --tail 20 ping-river-monitor-test || true | ||||||
|         ab -n 10 -c 2 https://ping-river-monitor.b4l.co.th/stations |             sleep 15 | ||||||
|              |              | ||||||
|         echo "✅ Performance validation completed" |             if [ "$i" -eq 15 ]; then | ||||||
|  |               echo "❌ Health never reached 200. Failing." | ||||||
|  |               exit 1 | ||||||
|  |             fi | ||||||
|  |           done | ||||||
|  |  | ||||||
|     - name: Data validation |           echo "🧪 Testing API endpoints…" | ||||||
|       run: | |           endpoints=("health" "docs" "stations" "metrics") | ||||||
|         echo "📊 Validating data collection..." |           for ep in "${endpoints[@]}"; do | ||||||
|  |             url="http://ping-river-monitor-test:8000/$ep" | ||||||
|  |             resp="$(probe "$url")" | ||||||
|  |             code="$(echo "$resp" | sed -n 's/.*HTTP_CODE:\([0-9]\+\).*/\1/p')" | ||||||
|              |              | ||||||
|         # Check if recent data is available |             if [ "${code:-}" = "200" ]; then | ||||||
|         response=$(curl -s https://ping-river-monitor.b4l.co.th/measurements/latest?limit=1) |               echo "✅ /$ep: OK" | ||||||
|         echo "Latest measurement: $response" |             else | ||||||
|  |               echo "❌ /$ep: FAILED (HTTP ${code:-<none>})" | ||||||
|  |               echo "Response: $(echo "$resp" | sed 's/HTTP_CODE:[0-9]*$//')" | ||||||
|  |               exit 1 | ||||||
|  |             fi | ||||||
|  |           done | ||||||
|  |  | ||||||
|         # Validate data structure (basic check) |           echo "✅ All health checks passed!" | ||||||
|         if echo "$response" | grep -q "water_level"; then |  | ||||||
|           echo "✅ Data structure validation passed" |       - name: Container logs and cleanup | ||||||
|         else |         if: always() | ||||||
|           echo "❌ Data structure validation failed" |         run: | | ||||||
|           exit 1 |           echo "📋 Container logs:" | ||||||
|         fi |           docker logs ping-river-monitor-test || true | ||||||
|  |  | ||||||
|  |           echo "🧹 Cleaning up test container..." | ||||||
|  |           docker stop ping-river-monitor-test || true | ||||||
|  |           docker rm ping-river-monitor-test || true | ||||||
|  |  | ||||||
|  |           echo "📊 Deployment Test Summary:" | ||||||
|  |           echo "Version: ${{ needs.create-release.outputs.version }}" | ||||||
|  |           echo "Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}" | ||||||
|  |           echo "Status: Container tested successfully" | ||||||
|  |           echo "Ready for production deployment" | ||||||
|  |  | ||||||
|   # Notify stakeholders |   # Notify stakeholders | ||||||
|   notify: |   notify: | ||||||
|     name: Notify Release |     name: Notify Release | ||||||
|     runs-on: ubuntu-latest |     runs-on: ubuntu-latest | ||||||
|     needs: [create-release, validate-release] |     needs: [create-release, deploy-release] | ||||||
|     if: always() |     if: always() | ||||||
|  |  | ||||||
|     steps: |     steps: | ||||||
|     - name: Notify success |       - name: Notify success | ||||||
|       if: needs.validate-release.result == 'success' |         if: needs.deploy-release.result == 'success' | ||||||
|       run: | |         run: | | ||||||
|         echo "🎉 Release ${{ needs.create-release.outputs.version }} deployed successfully!" |           echo "🎉 Release ${{ needs.create-release.outputs.version }} tested successfully!" | ||||||
|         echo "🌐 Production URL: https://ping-river-monitor.b4l.co.th" |           echo "🧪 Local Test: Passed all health checks" | ||||||
|         echo "📊 Grafana: https://grafana.ping-river-monitor.b4l.co.th" |           echo "<EFBFBD> GDocker Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}" | ||||||
|         echo "📚 API Docs: https://ping-river-monitor.b4l.co.th/docs" |           echo "✅ Ready for production deployment" | ||||||
|  |  | ||||||
|         # Add notification to Slack, Discord, email, etc. |           # Add notification to Slack, Discord, email, etc. | ||||||
|         # curl -X POST -H 'Content-type: application/json' \ |           # curl -X POST -H 'Content-type: application/json' \ | ||||||
|         #   --data '{"text":"🎉 Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} deployed successfully!"}' \ |           #   --data '{"text":"🎉 Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} tested and ready for deployment!"}' \ | ||||||
|         #   ${{ secrets.SLACK_WEBHOOK_URL }} |           #   ${{ secrets.SLACK_WEBHOOK_URL }} | ||||||
|  |  | ||||||
|     - name: Notify failure |       - name: Notify failure | ||||||
|       if: needs.validate-release.result == 'failure' |         if: needs.deploy-release.result == 'failure' | ||||||
|       run: | |         run: | | ||||||
|         echo "❌ Release ${{ needs.create-release.outputs.version }} deployment failed!" |           echo "❌ Release ${{ needs.create-release.outputs.version }} testing failed!" | ||||||
|         echo "Please check the logs and take corrective action." |           echo "Please check the logs and fix issues before production deployment." | ||||||
|  |  | ||||||
|         # Add failure notification |           # Add failure notification | ||||||
|         # curl -X POST -H 'Content-type: application/json' \ |           # curl -X POST -H 'Content-type: application/json' \ | ||||||
|         #   --data '{"text":"❌ Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} deployment failed!"}' \ |           #   --data '{"text":"❌ Northern Thailand Ping River Monitor ${{ needs.create-release.outputs.version }} testing failed!"}' \ | ||||||
|         #   ${{ secrets.SLACK_WEBHOOK_URL }} |           #   ${{ secrets.SLACK_WEBHOOK_URL }} | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ jobs: | |||||||
|       - name: Checkout code |       - name: Checkout code | ||||||
|         uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|         with: |         with: | ||||||
|           token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|       - name: Set up Python |       - name: Set up Python | ||||||
|         uses: actions/setup-python@v4 |         uses: actions/setup-python@v4 | ||||||
| @@ -95,7 +95,7 @@ jobs: | |||||||
|       - name: Checkout code |       - name: Checkout code | ||||||
|         uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|         with: |         with: | ||||||
|           token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|       - name: Set up Python |       - name: Set up Python | ||||||
|         uses: actions/setup-python@v4 |         uses: actions/setup-python@v4 | ||||||
| @@ -142,7 +142,7 @@ jobs: | |||||||
|       - name: Checkout code |       - name: Checkout code | ||||||
|         uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|         with: |         with: | ||||||
|           token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|       - name: Set up Python |       - name: Set up Python | ||||||
|         uses: actions/setup-python@v4 |         uses: actions/setup-python@v4 | ||||||
| @@ -183,7 +183,7 @@ jobs: | |||||||
|       - name: Checkout code |       - name: Checkout code | ||||||
|         uses: actions/checkout@v4 |         uses: actions/checkout@v4 | ||||||
|         with: |         with: | ||||||
|           token: ${{ secrets.CI_BOT_TOKEN }} |           token: ${{ secrets.GITEA_TOKEN }} | ||||||
|  |  | ||||||
|       - name: Set up Python |       - name: Set up Python | ||||||
|         uses: actions/setup-python@v4 |         uses: actions/setup-python@v4 | ||||||
|   | |||||||
							
								
								
									
										11
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										11
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -22,26 +22,27 @@ FROM python:3.11-slim | |||||||
| # Set working directory | # Set working directory | ||||||
| WORKDIR /app | WORKDIR /app | ||||||
|  |  | ||||||
| # Install runtime dependencies | # Install runtime dependencies and create user | ||||||
| RUN apt-get update && apt-get install -y \ | RUN apt-get update && apt-get install -y \ | ||||||
|     wget \ |     wget \ | ||||||
|     curl \ |     curl \ | ||||||
|     && rm -rf /var/lib/apt/lists/* \ |     && rm -rf /var/lib/apt/lists/* \ | ||||||
|     && groupadd -r appuser && useradd -r -g appuser appuser |     && groupadd -r appuser && useradd -r -g appuser appuser \ | ||||||
|  |     && mkdir -p /home/appuser/.local | ||||||
|  |  | ||||||
| # Copy Python packages from builder stage | # Copy Python packages from builder stage | ||||||
| COPY --from=builder /root/.local /root/.local | COPY --from=builder /root/.local /home/appuser/.local | ||||||
|  |  | ||||||
| # Copy application code | # Copy application code | ||||||
| COPY . . | COPY . . | ||||||
|  |  | ||||||
| # Create logs directory and set permissions | # Create logs directory and set permissions | ||||||
| RUN mkdir -p logs && chown -R appuser:appuser /app | RUN mkdir -p logs && chown -R appuser:appuser /app /home/appuser/.local | ||||||
|  |  | ||||||
| # Set environment variables | # Set environment variables | ||||||
| ENV PYTHONUNBUFFERED=1 | ENV PYTHONUNBUFFERED=1 | ||||||
| ENV TZ=Asia/Bangkok | ENV TZ=Asia/Bangkok | ||||||
| ENV PATH=/root/.local/bin:$PATH | ENV PATH=/home/appuser/.local/bin:$PATH | ||||||
|  |  | ||||||
| # Switch to non-root user | # Switch to non-root user | ||||||
| USER appuser | USER appuser | ||||||
|   | |||||||
| @@ -7,6 +7,7 @@ import argparse | |||||||
| import asyncio | import asyncio | ||||||
| import sys | import sys | ||||||
| import signal | import signal | ||||||
|  | import time | ||||||
| from datetime import datetime | from datetime import datetime | ||||||
| from typing import Optional | from typing import Optional | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user