ci: fix e2e hostname collision and docker-deploy admin seed
CI / Architecture Guardrails (push) Has started running
CI / Typecheck (push) Has started running
CI / Lint (push) Has started running
CI / Assistant Split Regression (push) Has started running
CI / Unit Tests (push) Has been cancelled
CI / Build (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
CI / Fresh-Linux Docker Deploy (push) Has been cancelled
CI / Release Images (push) Has been cancelled
CI / Architecture Guardrails (push) Has started running
CI / Typecheck (push) Has started running
CI / Lint (push) Has started running
CI / Assistant Split Regression (push) Has started running
CI / Unit Tests (push) Has been cancelled
CI / Build (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
CI / Fresh-Linux Docker Deploy (push) Has been cancelled
CI / Release Images (push) Has been cancelled
E2E: rename service hosts postgres/redis to e2epg/e2eredis — the gitea_gitea network has multiple containers answering to 'postgres' (Gitea core + concurrent job services), causing split-brain where prisma db push and db:seed connected to different databases and audit_logs ended up missing. docker-compose.ci.yml: stop attaching postgres/redis to gitea_gitea for the docker-deploy-test job — only the app needs cross-network reachability; the compose services talk to each other on the internal default network. Docker Deploy: setup-admin.mjs imports @prisma/client and @node-rs/argon2 which only live in packages/db/node_modules. Node resolves bare specifiers from the script's directory (/app/scripts), not cwd, so pnpm --filter wrappers did not help. Set NODE_PATH to packages/db/node_modules as a fallback resolution root.
This commit is contained in:
Submodule
+1
Submodule .claude/worktrees/agent-a0063a64 added at b9fd7fdb03
Submodule
+1
Submodule .claude/worktrees/agent-a06ee6f2 added at dda049075f
Submodule
+1
Submodule .claude/worktrees/agent-a2939317 added at b2c8d98b25
Submodule
+1
Submodule .claude/worktrees/agent-a74dc5bc added at fbca017eaa
Submodule
+1
Submodule .claude/worktrees/agent-a7de1005 added at d7a35b2d7a
Submodule
+1
Submodule .claude/worktrees/agent-a8de1898 added at 999626cf70
Submodule
+1
Submodule .claude/worktrees/agent-a90e1bc2 added at 9a42615a21
Submodule
+1
Submodule .claude/worktrees/agent-acdb74a3 added at aebe5bc57d
Submodule
+1
Submodule .claude/worktrees/agent-aed43cff added at 6f3bdd81e8
+20
-16
@@ -284,7 +284,11 @@ jobs:
|
|||||||
needs: [build]
|
needs: [build]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
services:
|
services:
|
||||||
postgres:
|
# Unique hostnames — "postgres"/"redis" collide with Gitea's own core
|
||||||
|
# containers and concurrent job service containers on the shared
|
||||||
|
# gitea_gitea network, producing split-brain where push hits one DB and
|
||||||
|
# seed hits another. See audit_logs-missing bug from commit f856dd26.
|
||||||
|
e2epg:
|
||||||
image: postgres:16
|
image: postgres:16
|
||||||
env:
|
env:
|
||||||
POSTGRES_DB: capakraken_test
|
POSTGRES_DB: capakraken_test
|
||||||
@@ -295,7 +299,7 @@ jobs:
|
|||||||
--health-interval=10s
|
--health-interval=10s
|
||||||
--health-timeout=5s
|
--health-timeout=5s
|
||||||
--health-retries=5
|
--health-retries=5
|
||||||
redis:
|
e2eredis:
|
||||||
image: redis:7
|
image: redis:7
|
||||||
options: >-
|
options: >-
|
||||||
--health-cmd="redis-cli ping"
|
--health-cmd="redis-cli ping"
|
||||||
@@ -303,15 +307,15 @@ jobs:
|
|||||||
--health-timeout=5s
|
--health-timeout=5s
|
||||||
--health-retries=5
|
--health-retries=5
|
||||||
env:
|
env:
|
||||||
DATABASE_URL: postgresql://capakraken:capakraken_test@postgres:5432/capakraken_test
|
DATABASE_URL: postgresql://capakraken:capakraken_test@e2epg:5432/capakraken_test
|
||||||
# Playwright test-server.mjs requires an explicit test DB URL.
|
# Playwright test-server.mjs requires an explicit test DB URL.
|
||||||
PLAYWRIGHT_DATABASE_URL: postgresql://capakraken:capakraken_test@postgres:5432/capakraken_test
|
PLAYWRIGHT_DATABASE_URL: postgresql://capakraken:capakraken_test@e2epg:5432/capakraken_test
|
||||||
# prisma-with-env.mjs refuses to run unless DATABASE_URL's db name matches
|
# prisma-with-env.mjs refuses to run unless DATABASE_URL's db name matches
|
||||||
# the expected target; default is "capakraken", CI uses capakraken_test.
|
# the expected target; default is "capakraken", CI uses capakraken_test.
|
||||||
CAPAKRAKEN_EXPECTED_DB_NAME: capakraken_test
|
CAPAKRAKEN_EXPECTED_DB_NAME: capakraken_test
|
||||||
ALLOW_DESTRUCTIVE_DB_TOOLS: "true"
|
ALLOW_DESTRUCTIVE_DB_TOOLS: "true"
|
||||||
CONFIRM_DESTRUCTIVE_DB_NAME: capakraken_test
|
CONFIRM_DESTRUCTIVE_DB_NAME: capakraken_test
|
||||||
REDIS_URL: redis://redis:6379
|
REDIS_URL: redis://e2eredis:6379
|
||||||
PORT: 3100
|
PORT: 3100
|
||||||
NEXTAUTH_URL: ${{ env.CI_AUTH_URL }}
|
NEXTAUTH_URL: ${{ env.CI_AUTH_URL }}
|
||||||
AUTH_URL: ${{ env.CI_AUTH_URL }}
|
AUTH_URL: ${{ env.CI_AUTH_URL }}
|
||||||
@@ -364,15 +368,15 @@ jobs:
|
|||||||
# postgres hosts reachable as "postgres" on gitea_gitea (the Gitea
|
# postgres hosts reachable as "postgres" on gitea_gitea (the Gitea
|
||||||
# core DB plus the service container) and push/seed hit different
|
# core DB plus the service container) and push/seed hit different
|
||||||
# ones. Verify via direct psql.
|
# ones. Verify via direct psql.
|
||||||
echo "--- hosts resolving to 'postgres' ---"
|
echo "--- hosts resolving to 'e2epg' ---"
|
||||||
getent hosts postgres || true
|
getent hosts e2epg || true
|
||||||
echo "--- DROP SCHEMA ---"
|
echo "--- DROP SCHEMA ---"
|
||||||
psql -h postgres -U capakraken -d capakraken_test -v ON_ERROR_STOP=1 \
|
psql -h e2epg -U capakraken -d capakraken_test -v ON_ERROR_STOP=1 \
|
||||||
-c "DROP SCHEMA IF EXISTS public CASCADE; CREATE SCHEMA public; GRANT ALL ON SCHEMA public TO capakraken; GRANT ALL ON SCHEMA public TO public;"
|
-c "DROP SCHEMA IF EXISTS public CASCADE; CREATE SCHEMA public; GRANT ALL ON SCHEMA public TO capakraken; GRANT ALL ON SCHEMA public TO public;"
|
||||||
echo "--- prisma db push ---"
|
echo "--- prisma db push ---"
|
||||||
pnpm --filter @capakraken/db exec prisma db push --schema ./prisma/schema.prisma --accept-data-loss --skip-generate
|
pnpm --filter @capakraken/db exec prisma db push --schema ./prisma/schema.prisma --accept-data-loss --skip-generate
|
||||||
echo "--- tables in public after push ---"
|
echo "--- tables in public after push ---"
|
||||||
psql -h postgres -U capakraken -d capakraken_test -v ON_ERROR_STOP=1 \
|
psql -h e2epg -U capakraken -d capakraken_test -v ON_ERROR_STOP=1 \
|
||||||
-c "\dt public.*" | tee /tmp/tables.txt
|
-c "\dt public.*" | tee /tmp/tables.txt
|
||||||
if ! grep -q 'audit_logs' /tmp/tables.txt; then
|
if ! grep -q 'audit_logs' /tmp/tables.txt; then
|
||||||
echo "ERROR: audit_logs table missing after push!"
|
echo "ERROR: audit_logs table missing after push!"
|
||||||
@@ -457,15 +461,15 @@ jobs:
|
|||||||
echo "$BODY" | grep '"status":"ok"'
|
echo "$BODY" | grep '"status":"ok"'
|
||||||
|
|
||||||
- name: Seed admin user
|
- name: Seed admin user
|
||||||
# setup-admin.mjs imports @prisma/client, which only lives in
|
# setup-admin.mjs imports @prisma/client and @node-rs/argon2, both of
|
||||||
# packages/db/node_modules in pnpm workspaces. Run via pnpm so Node
|
# which live only in packages/db/node_modules under pnpm workspaces.
|
||||||
# resolution finds it.
|
# Node's bare-specifier resolution walks up from the *script's*
|
||||||
|
# directory (/app/scripts), not cwd, and the root /app/node_modules
|
||||||
|
# has neither. NODE_PATH adds packages/db/node_modules as a fallback
|
||||||
|
# resolution root so the imports succeed.
|
||||||
run: |
|
run: |
|
||||||
docker compose -f docker-compose.yml -f docker-compose.ci.yml exec -T app \
|
docker compose -f docker-compose.yml -f docker-compose.ci.yml exec -T app \
|
||||||
pnpm --filter @capakraken/db exec node /app/scripts/setup-admin.mjs \
|
sh -c 'NODE_PATH=/app/packages/db/node_modules node /app/scripts/setup-admin.mjs --email admin@capakraken.dev --name Admin --password admin123'
|
||||||
--email admin@capakraken.dev \
|
|
||||||
--name "Admin" \
|
|
||||||
--password admin123
|
|
||||||
|
|
||||||
- name: Set up Node.js 20
|
- name: Set up Node.js 20
|
||||||
uses: actions/setup-node@v4.0.4
|
uses: actions/setup-node@v4.0.4
|
||||||
|
|||||||
+8
-12
@@ -13,18 +13,14 @@
|
|||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
volumes: !reset []
|
volumes: !reset []
|
||||||
# Attach to the gitea_gitea network too so the act_runner job container
|
# Attach only the app to gitea_gitea so the act_runner job container
|
||||||
# (which lives on gitea_gitea) can reach the compose services by name.
|
# (which lives on gitea_gitea) can reach the compose app by service name.
|
||||||
# Otherwise "localhost:3100" from inside the job container resolves to
|
# Do NOT attach postgres/redis here — doing so causes hostname collisions
|
||||||
# the job container itself, not the compose-network app.
|
# with other containers already on gitea_gitea (Gitea core + concurrent
|
||||||
networks:
|
# job service containers all answer to "postgres"), producing split-brain
|
||||||
- default
|
# where different clients hit different DBs. The app talks to postgres/
|
||||||
- gitea_gitea
|
# redis by service name on the internal compose network, which works
|
||||||
postgres:
|
# regardless of gitea_gitea.
|
||||||
networks:
|
|
||||||
- default
|
|
||||||
- gitea_gitea
|
|
||||||
redis:
|
|
||||||
networks:
|
networks:
|
||||||
- default
|
- default
|
||||||
- gitea_gitea
|
- gitea_gitea
|
||||||
|
|||||||
Reference in New Issue
Block a user