egullickson/motovaultpro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: egullickson:3321d826a24d569fad311c7d42efcd7521bbe6ec
Branches Tags
egullickson:main egullickson:issue-223-replace-nhtsa-vin-decode-gemini
...
compare: egullickson:3ac2be852a24c9b3fbab39dbd99243d26517ce9a
Branches Tags
egullickson:main egullickson:issue-223-replace-nhtsa-vin-decode-gemini

2 Commits
3321d826a2 ... 3ac2be852a

Author SHA1 Message Date
Eric Gullickson
3ac2be852a fix: updated README.md
All checks were successful
Deploy to Staging / Build Images (push) Successful in 22s
Details
Deploy to Staging / Deploy to Staging (push) Successful in 26s
Details
Deploy to Staging / Verify Staging (push) Successful in 5s
Details
Deploy to Staging / Notify Staging Ready (push) Successful in 5s
Details
Deploy to Staging / Notify Staging Failure (push) Has been skipped
Details
2025-12-31 10:39:27 -06:00
Eric Gullickson
13abbc16d7 fix: CI/CD blue-green deployment path bug causing stale production content 
Root cause: switch-traffic.sh was modifying Traefik config in the CI checkout
directory ($GITHUB_WORKSPACE) instead of the deployment directory ($DEPLOY_PATH).
Traefik never saw the weight changes, so traffic stayed on old containers.

Changes:
- Add DEPLOY_PATH environment variable support to all CI scripts
- Add --force-recreate flag to ensure containers are recreated with new images
- Add image verification step to confirm containers use expected images
- Add weight verification to confirm Traefik routing was updated
- Add routing validation step to verify traffic switch succeeded

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2025-12-31 10:37:18 -06:00
6 changed files with 138 additions and 15 deletions
Expand all files Collapse all files

73
.gitea/workflows/production.yaml
View File

@@ -136,21 +136,59 @@ jobs:
docker pull $BACKEND_IMAGE docker pull $BACKEND_IMAGE
docker pull $FRONTEND_IMAGE docker pull $FRONTEND_IMAGE
- name: Record expected image IDs
id: expected-images
run: |
# Get the image IDs we just pulled - these are what containers should use
FRONTEND_ID=$(docker images --format '{{.ID}}' $FRONTEND_IMAGE | head -1)
BACKEND_ID=$(docker images --format '{{.ID}}' $BACKEND_IMAGE | head -1)
echo "Expected frontend image ID: $FRONTEND_ID"
echo "Expected backend image ID: $BACKEND_ID"
echo "frontend_id=$FRONTEND_ID" >> $GITHUB_OUTPUT
echo "backend_id=$BACKEND_ID" >> $GITHUB_OUTPUT
- name: Start target stack - name: Start target stack
run: | run: |
cd "$DEPLOY_PATH" cd "$DEPLOY_PATH"
export BACKEND_IMAGE=$BACKEND_IMAGE export BACKEND_IMAGE=$BACKEND_IMAGE
export FRONTEND_IMAGE=$FRONTEND_IMAGE export FRONTEND_IMAGE=$FRONTEND_IMAGE
docker compose -f $COMPOSE_FILE -f $COMPOSE_BLUE_GREEN up -d \ # --force-recreate ensures containers are recreated even if image tag is same
# This prevents stale container content when image digest changes
docker compose -f $COMPOSE_FILE -f $COMPOSE_BLUE_GREEN up -d --force-recreate \
mvp-frontend-$TARGET_STACK mvp-backend-$TARGET_STACK mvp-frontend-$TARGET_STACK mvp-backend-$TARGET_STACK
- name: Wait for stack initialization - name: Wait for stack initialization
run: sleep 10 run: sleep 10
- name: Verify container images
run: |
# Verify containers are running the expected images
EXPECTED_FRONTEND="${{ steps.expected-images.outputs.frontend_id }}"
EXPECTED_BACKEND="${{ steps.expected-images.outputs.backend_id }}"
RUNNING_FRONTEND=$(docker inspect --format='{{.Image}}' mvp-frontend-$TARGET_STACK | sed 's/sha256://' | cut -c1-12)
RUNNING_BACKEND=$(docker inspect --format='{{.Image}}' mvp-backend-$TARGET_STACK | sed 's/sha256://' | cut -c1-12)
echo "Frontend - Expected: $EXPECTED_FRONTEND, Running: $RUNNING_FRONTEND"
echo "Backend - Expected: $EXPECTED_BACKEND, Running: $RUNNING_BACKEND"
if [[ "$RUNNING_FRONTEND" != "$EXPECTED_FRONTEND" ]]; then
echo "ERROR: Frontend container not using expected image!"
echo "Container may be stale. Force recreate should have prevented this."
exit 1
fi
if [[ "$RUNNING_BACKEND" != "$EXPECTED_BACKEND" ]]; then
echo "ERROR: Backend container not using expected image!"
exit 1
fi
echo "OK: All containers using correct images"
- name: Run health check - name: Run health check
run: | run: |
chmod +x "$GITHUB_WORKSPACE/scripts/ci/health-check.sh" chmod +x "$GITHUB_WORKSPACE/scripts/ci/health-check.sh"
"$GITHUB_WORKSPACE/scripts/ci/health-check.sh" $TARGET_STACK $HEALTH_CHECK_TIMEOUT DEPLOY_PATH="$DEPLOY_PATH" "$GITHUB_WORKSPACE/scripts/ci/health-check.sh" $TARGET_STACK $HEALTH_CHECK_TIMEOUT
- name: Start Traefik - name: Start Traefik
run: | run: |
@@ -171,7 +209,8 @@ jobs:
- name: Switch traffic - name: Switch traffic
run: | run: |
chmod +x "$GITHUB_WORKSPACE/scripts/ci/switch-traffic.sh" chmod +x "$GITHUB_WORKSPACE/scripts/ci/switch-traffic.sh"
"$GITHUB_WORKSPACE/scripts/ci/switch-traffic.sh" $TARGET_STACK instant # DEPLOY_PATH ensures script modifies config at /opt/motovaultpro, not checkout dir
DEPLOY_PATH="$DEPLOY_PATH" "$GITHUB_WORKSPACE/scripts/ci/switch-traffic.sh" $TARGET_STACK instant
- name: Update deployment state - name: Update deployment state
run: | run: |
@@ -250,6 +289,32 @@ jobs:
echo "OK: $service is running and healthy" echo "OK: $service is running and healthy"
done done
- name: Validate Traefik routing weights
run: |
# Verify traffic has actually switched to the new stack
BLUE_GREEN_CONFIG="$DEPLOY_PATH/config/traefik/dynamic/blue-green.yml"
if [[ "$TARGET_STACK" == "green" ]]; then
EXPECTED_TARGET_WEIGHT=100
EXPECTED_OTHER_WEIGHT=0
TARGET_SVC="mvp-frontend-green-svc"
else
EXPECTED_TARGET_WEIGHT=100
EXPECTED_OTHER_WEIGHT=0
TARGET_SVC="mvp-frontend-blue-svc"
fi
ACTUAL_WEIGHT=$(grep -A1 "$TARGET_SVC" "$BLUE_GREEN_CONFIG" | grep weight | grep -oE '[0-9]+' | head -1)
if [[ "$ACTUAL_WEIGHT" != "$EXPECTED_TARGET_WEIGHT" ]]; then
echo "ERROR: Traffic not routed to $TARGET_STACK stack!"
echo "Expected weight for $TARGET_SVC: $EXPECTED_TARGET_WEIGHT, Actual: $ACTUAL_WEIGHT"
cat "$BLUE_GREEN_CONFIG" | grep -A2 weight
exit 1
fi
echo "OK: Traffic correctly routed to $TARGET_STACK (weight: $ACTUAL_WEIGHT)"
# ============================================ # ============================================
# ROLLBACK - Auto-rollback on failure # ROLLBACK - Auto-rollback on failure
# ============================================ # ============================================
@@ -269,7 +334,7 @@ jobs:
- name: Execute rollback - name: Execute rollback
run: | run: |
chmod +x "$GITHUB_WORKSPACE/scripts/ci/auto-rollback.sh" chmod +x "$GITHUB_WORKSPACE/scripts/ci/auto-rollback.sh"
"$GITHUB_WORKSPACE/scripts/ci/auto-rollback.sh" "Production verification failed - automatic rollback" DEPLOY_PATH="$DEPLOY_PATH" "$GITHUB_WORKSPACE/scripts/ci/auto-rollback.sh" "Production verification failed - automatic rollback"
- name: Update state - name: Update state
run: | run: |

7
README.md
View File

@@ -25,4 +25,9 @@ make migrate # run DB migrations
## URLs and Hosts ## URLs and Hosts
- Frontend: `https://motovaultpro.com` - Frontend: `https://motovaultpro.com`
- Backend health: `https://motovaultpro.com/api/health` - Backend health: `https://motovaultpro.com/api/health`
## Operational Commands
- View active environment on production: `sudo cat /opt/motovaultpro/config/deployment/state.json`
- Switch traffic between environments on production: `sudo ./scripts/ci/switch-traffic.sh blue instant`
- View which container images are running: `docker ps --format 'table {{.Names}}\t{{.Image}}'`

31
docs/PROMPTS.md
View File

@@ -44,22 +44,43 @@ You are a senior software engineer specializsing in NodeJS, Typescript, front en
- Make no assumptions. - Make no assumptions.
- Ask clarifying questions. - Ask clarifying questions.
- Ultrathink - Ultrathink
- This application is ready to go into production. - Debug why staging and production websites dont' match even though the docker image ID's match
- Analysis needs to be done on the CI/CD pipeline - Analysis needs to be done on the CI/CD pipeline
*** CONTEXT *** *** CONTEXT ***
- Read README.md CLAUDE.md and AI-INDEX.md and follow relevant instructions to understand this code repository in the context of this change. - Read README.md CLAUDE.md and AI-INDEX.md and follow relevant instructions to understand this code repository in the context of this change.
- The current deployment does not take into account no downtime or miniimal downtime updates. - The staging site runs on staging.motovaultpro.com and production runs on motovaultpro.com
- The same runner's build the software that run the software - These sites are local so use an MCP that will work with local sites to gather a snapshot.
- There needs to be a balance of uptime and complexity - Example: Staging has the correct title in About Us "Built by enthusiasts. Made for your collection."
- production will run on a single server to start - Exaxmple: Production has the old title in About us "Overall, our goal is to meet each individual's needs with quality, passion, and professionalism."
*** ACTION - CHANGES TO IMPLEMENT *** *** ACTION - CHANGES TO IMPLEMENT ***
- Research this code base and ask iterative questions to compile a complete plan. - Research this code base and ask iterative questions to compile a complete plan.
- We will pair plan this. Ask me for options for various levels of redundancy and automation - We will pair plan this. Ask me for options for various levels of redundancy and automation
*** STAGING CONTAINER IMAGES ***
egullickson@mvp-build:~$ sudo docker image ls
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
git.motovaultpro.com/egullickson/backend:3321d82 67b2480ddac5 485MB 76.3MB U
git.motovaultpro.com/egullickson/frontend:3321d82 e3e1ee18df42 96.1MB 28.7MB U
git.motovaultpro.com/egullickson/mirrors/postgres:18-alpine 6723ec6d445f 402MB 112MB U
git.motovaultpro.com/egullickson/mirrors/redis:8.4-alpine 8360960f5fb5 130MB 33.4MB U
git.motovaultpro.com/egullickson/mirrors/traefik:v3.6 13e903c820df 239MB 52MB U
egullickson@mvp-build:~$
*** PRODUCTION CONTAINER IMAGES ***
egullickson@mvp-prod:~$ sudo docker image ls
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
git.motovaultpro.com/egullickson/backend:latest 67b2480ddac5 485MB 76.3MB U
git.motovaultpro.com/egullickson/frontend:latest e3e1ee18df42 96.1MB 28.7MB U
git.motovaultpro.com/egullickson/mirrors/postgres:18-alpine 6723ec6d445f 402MB 112MB U
git.motovaultpro.com/egullickson/mirrors/redis:8.4-alpine 8360960f5fb5 130MB 33.4MB U
git.motovaultpro.com/egullickson/mirrors/traefik:v3.6 13e903c820df 239MB 52MB U
egullickson@mvp-prod:~$

5
scripts/ci/auto-rollback.sh
View File

@@ -11,8 +11,11 @@
set -euo pipefail set -euo pipefail
# Use DEPLOY_PATH if set (CI environment), otherwise calculate from script location
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" PROJECT_ROOT="${DEPLOY_PATH:-$(cd "$SCRIPT_DIR/../.." && pwd)}"
echo "Using PROJECT_ROOT: $PROJECT_ROOT"
REASON="${1:-Automatic rollback triggered}" REASON="${1:-Automatic rollback triggered}"

6
scripts/ci/health-check.sh
View File

@@ -12,8 +12,10 @@
set -euo pipefail set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # Use DEPLOY_PATH if set (CI environment), otherwise calculate from script location
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" PROJECT_ROOT="${DEPLOY_PATH:-$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)}"
echo "Using PROJECT_ROOT: $PROJECT_ROOT"
STACK="${1:-}" STACK="${1:-}"
TIMEOUT="${2:-60}" TIMEOUT="${2:-60}"

31
scripts/ci/switch-traffic.sh
View File

@@ -14,8 +14,12 @@
set -euo pipefail set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # Use DEPLOY_PATH if set (CI environment), otherwise calculate from script location
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" # This is critical: CI workflows must pass DEPLOY_PATH to ensure we modify
# the actual deployment config, not the checkout directory
PROJECT_ROOT="${DEPLOY_PATH:-$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)}"
echo "Using PROJECT_ROOT: $PROJECT_ROOT"
TARGET_STACK="${1:-}" TARGET_STACK="${1:-}"
MODE="${2:-instant}" MODE="${2:-instant}"
@@ -71,6 +75,27 @@ update_weights() {
sleep 1 sleep 1
} }
# Verify weights were actually written to config file
verify_weights_applied() {
local expected_blue="$1"
local expected_green="$2"
# Extract actual weights from the config file
local actual_blue=$(grep -A1 "mvp-frontend-blue-svc" "$TRAEFIK_CONFIG" | grep weight | grep -oE '[0-9]+' | head -1)
local actual_green=$(grep -A1 "mvp-frontend-green-svc" "$TRAEFIK_CONFIG" | grep weight | grep -oE '[0-9]+' | head -1)
if [[ "$actual_blue" != "$expected_blue" ]] || [[ "$actual_green" != "$expected_green" ]]; then
echo " ERROR: Weight verification failed!"
echo " Expected: blue=$expected_blue, green=$expected_green"
echo " Actual: blue=$actual_blue, green=$actual_green"
echo " Config file: $TRAEFIK_CONFIG"
return 1
fi
echo " OK: Weights verified (blue=$actual_blue, green=$actual_green)"
return 0
}
# Verify Traefik has picked up the changes # Verify Traefik has picked up the changes
verify_traefik_reload() { verify_traefik_reload() {
# Give Traefik time to reload config # Give Traefik time to reload config
@@ -123,8 +148,10 @@ else
if [[ "$TARGET_STACK" == "blue" ]]; then if [[ "$TARGET_STACK" == "blue" ]]; then
update_weights 100 0 update_weights 100 0
verify_weights_applied 100 0 || exit 1
else else
update_weights 0 100 update_weights 0 100
verify_weights_applied 0 100 || exit 1
fi fi
verify_traefik_reload verify_traefik_reload