fix: updates to CI/CD Paths

2025-12-30 09:15:41 -06:00
parent c2514984bb
commit 20696ccbf0
6 changed files with 40 additions and 25 deletions
--- a/.gitea/workflows/staging.yaml
+++ b/.gitea/workflows/staging.yaml
@@ -145,7 +145,7 @@ jobs:
      - name: Checkout code
        uses: actions/checkout@v4

-      - name: Check container status
+      - name: Check container status and health
        run: |
          for service in mvp-frontend-staging mvp-backend-staging mvp-postgres-staging mvp-redis-staging; do
            status=$(docker inspect --format='{{.State.Status}}' $service 2>/dev/null || echo "not found")
@@ -157,6 +157,36 @@ jobs:
            echo "OK: $service is running"
          done

+          # Wait for Docker healthchecks to complete (services with healthcheck defined)
+          echo ""
+          echo "Waiting for Docker healthchecks..."
+          for service in mvp-frontend-staging mvp-backend-staging mvp-postgres-staging mvp-redis-staging; do
+            # Check if service has a healthcheck defined
+            has_healthcheck=$(docker inspect --format='{{if .Config.Healthcheck}}true{{else}}false{{end}}' $service 2>/dev/null || echo "false")
+            if [ "$has_healthcheck" = "true" ]; then
+              for i in 1 2 3 4 5 6 7 8 9 10; do
+                health=$(docker inspect --format='{{.State.Health.Status}}' $service 2>/dev/null || echo "unknown")
+                if [ "$health" = "healthy" ]; then
+                  echo "OK: $service is healthy"
+                  break
+                elif [ "$health" = "unhealthy" ]; then
+                  echo "ERROR: $service is unhealthy"
+                  docker logs $service --tail 50 2>/dev/null || true
+                  exit 1
+                fi
+                if [ $i -eq 10 ]; then
+                  echo "ERROR: $service health check timed out (status: $health)"
+                  docker logs $service --tail 50 2>/dev/null || true
+                  exit 1
+                fi
+                echo "Waiting for $service healthcheck... (attempt $i/10, status: $health)"
+                sleep 5
+              done
+            else
+              echo "SKIP: $service has no healthcheck defined"
+            fi
+          done
+
      - name: Wait for backend health
        run: |
          for i in 1 2 3 4 5 6; do
--- a/docker-compose.staging.yml
+++ b/docker-compose.staging.yml
@@ -62,7 +62,7 @@ services:
    container_name: mvp-postgres-staging
    volumes:
      - mvp_postgres_staging_data:/var/lib/postgresql/data
-      - ./secrets/staging/postgres-password.txt:/run/secrets/postgres-password:ro
+      - ./secrets/app/postgres-password.txt:/run/secrets/postgres-password:ro

  # ========================================
  # Redis (Staging)
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -69,7 +69,7 @@ services:
    depends_on:
      - mvp-backend
    healthcheck:
-      test: ["CMD-SHELL", "curl -s http://localhost:3000 || exit 1"]
+      test: ["CMD-SHELL", "curl -sf http://localhost:3000 || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 3
--- a/docs/BUILD-SERVER-SETUP.md
+++ b/docs/BUILD-SERVER-SETUP.md
@@ -155,12 +155,13 @@ sudo chown act_runner:act_runner /opt/motovaultpro
 sudo -u act_runner git clone https://git.motovaultpro.com/egullickson/motovaultpro.git /opt/motovaultpro
 ```

-### 2. Create Staging Secrets Directory
+### 2. Set Secrets Directory Permissions
+
+The `secrets/app` directory exists in the repository. Set proper permissions:

 ```bash
-sudo mkdir -p /opt/motovaultpro/secrets/staging
 sudo chown -R act_runner:act_runner /opt/motovaultpro/secrets
-sudo chmod 700 /opt/motovaultpro/secrets/staging
+sudo chmod 700 /opt/motovaultpro/secrets/app
 ```

 ### 3. Configure DNS
@@ -325,7 +326,7 @@ curl -vI https://staging.motovaultpro.com
 | Path | Description |
 |------|-------------|
 | `/opt/motovaultpro` | Application root |
-| `/opt/motovaultpro/secrets/staging` | Staging secrets |
+| `/opt/motovaultpro/secrets/app` | Application secrets |
 | `/etc/act_runner/config.yaml` | Runner configuration |
 | `/home/act_runner/.docker/config.json` | Registry credentials |

--- a/scripts/ci/ansible/deploy-production-runner.yml
+++ b/scripts/ci/ansible/deploy-production-runner.yml
@@ -228,14 +228,6 @@
      args:
        creates: "{{ app_root }}/.git"

-    - name: Create production secrets directory
-      file:
-        path: "{{ app_root }}/secrets/production"
-        state: directory
-        owner: act_runner
-        group: act_runner
-        mode: '0700'
-
    - name: Create data directories
      file:
        path: "{{ app_root }}/{{ item }}"
@@ -343,6 +335,6 @@
            sudo journalctl -u act_runner -f
            docker ps

-          IMPORTANT: Ensure production secrets are configured in:
-            {{ app_root }}/secrets/production/
+          IMPORTANT: Ensure secrets are configured in:
+            {{ app_root }}/secrets/app/
          ================================================
--- a/scripts/ci/ansible/deploy-staging-runner.yml
+++ b/scripts/ci/ansible/deploy-staging-runner.yml
@@ -258,14 +258,6 @@
      args:
        creates: "{{ app_root }}/.git"

-    - name: Create staging secrets directory
-      file:
-        path: "{{ app_root }}/secrets/staging"
-        state: directory
-        owner: act_runner
-        group: act_runner
-        mode: '0700'
-
    - name: Create data directories
      file:
        path: "{{ app_root }}/{{ item }}"