Compare commits
8 Commits
main
...
1b2ce263e5
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
1b2ce263e5 | ||
|
|
b32f5d56db | ||
|
|
8d0cef08b1 | ||
|
|
80d450207c | ||
|
|
2dc40f72ce | ||
|
|
a81798cffe | ||
|
|
926af91389 | ||
|
|
37ac4b47f2 |
7
.dockerignore
Normal file
7
.dockerignore
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
**/bin/
|
||||||
|
**/obj/
|
||||||
|
**/node_modules/
|
||||||
|
**/dist/
|
||||||
|
.git/
|
||||||
|
.husky/
|
||||||
|
docs/
|
||||||
11
.github/workflows/ci.yml
vendored
11
.github/workflows/ci.yml
vendored
@@ -6,7 +6,7 @@ name: CI
|
|||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: [main]
|
branches: [main, build-runner-fix]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build-and-push:
|
build-and-push:
|
||||||
@@ -42,7 +42,14 @@ jobs:
|
|||||||
JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }}
|
JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }}
|
||||||
QA_ADMIN_PORT: ${{ vars.QA_ADMIN_PORT }}
|
QA_ADMIN_PORT: ${{ vars.QA_ADMIN_PORT }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
# actions/checkout@v4 is a Node-based action; this runner has no node
|
||||||
|
# in PATH, so checkout plain git instead of via marketplace action.
|
||||||
|
- name: Checkout
|
||||||
|
run: |
|
||||||
|
git init -q .
|
||||||
|
git remote add origin "${{ github.server_url }}/${{ github.repository }}.git"
|
||||||
|
git -c http.extraheader="AUTHORIZATION: bearer ${{ github.token }}" fetch --depth=1 origin "${{ github.sha }}"
|
||||||
|
git checkout -q FETCH_HEAD
|
||||||
|
|
||||||
- name: Deploy to QA
|
- name: Deploy to QA
|
||||||
run: ./scripts/ci/deploy-qa.sh
|
run: ./scripts/ci/deploy-qa.sh
|
||||||
|
|||||||
3
.gitignore
vendored
3
.gitignore
vendored
@@ -468,3 +468,6 @@ lerna-debug.log*
|
|||||||
# Windows thumbnail cache
|
# Windows thumbnail cache
|
||||||
Thumbs.db
|
Thumbs.db
|
||||||
ehthumbs.db
|
ehthumbs.db
|
||||||
|
|
||||||
|
# Self-installed .NET SDK (scripts/ci/lib.sh ensure_dotnet, used when a CI runner lacks the SDK)
|
||||||
|
/.dotnet/
|
||||||
|
|||||||
@@ -36,7 +36,7 @@ services:
|
|||||||
db:
|
db:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD-SHELL", "wget -qO- http://localhost:8080/api/v1/health 2>/dev/null || exit 1"]
|
test: ["CMD-SHELL", "curl -fsS http://localhost:8080/health || exit 1"]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
retries: 5
|
retries: 5
|
||||||
|
|||||||
@@ -6,6 +6,8 @@ set -euo pipefail
|
|||||||
cd "$(dirname "${BASH_SOURCE[0]}")" && source ./lib.sh
|
cd "$(dirname "${BASH_SOURCE[0]}")" && source ./lib.sh
|
||||||
cd "$CI_ROOT"
|
cd "$CI_ROOT"
|
||||||
|
|
||||||
|
ensure_dotnet
|
||||||
|
|
||||||
log "Restoring and publishing MicCheck.Api (Release)"
|
log "Restoring and publishing MicCheck.Api (Release)"
|
||||||
dotnet publish src/api/MicCheck.Api/MicCheck.Api.csproj -c Release
|
dotnet publish src/api/MicCheck.Api/MicCheck.Api.csproj -c Release
|
||||||
|
|
||||||
|
|||||||
@@ -24,9 +24,14 @@ $COMPOSE down -v
|
|||||||
log "Starting QA stack"
|
log "Starting QA stack"
|
||||||
$COMPOSE up -d
|
$COMPOSE up -d
|
||||||
|
|
||||||
log "Waiting for API health check via admin proxy on port $QA_ADMIN_PORT"
|
log "Waiting for API health check via admin proxy"
|
||||||
|
# Checked with `docker compose exec` rather than curling the published host
|
||||||
|
# port: CI runs this script inside a runner container on its own bridge
|
||||||
|
# network, where "localhost:$QA_ADMIN_PORT" is the runner's own loopback, not
|
||||||
|
# the docker host's - it can never reach a host-published port. Exec'ing into
|
||||||
|
# the admin container and curling its own localhost sidesteps that entirely.
|
||||||
attempts=30
|
attempts=30
|
||||||
until curl -fsS "http://localhost:${QA_ADMIN_PORT}/api/v1/health" >/dev/null 2>&1; do
|
until $COMPOSE exec -T admin curl -fsS http://localhost/health >/dev/null 2>&1; do
|
||||||
attempts=$((attempts - 1))
|
attempts=$((attempts - 1))
|
||||||
if [[ "$attempts" -le 0 ]]; then
|
if [[ "$attempts" -le 0 ]]; then
|
||||||
fail "QA stack did not become healthy in time"
|
fail "QA stack did not become healthy in time"
|
||||||
|
|||||||
@@ -37,6 +37,23 @@ image_names() {
|
|||||||
ADMIN_IMAGE="$REGISTRY/$REGISTRY_OWNER/miccheck-admin"
|
ADMIN_IMAGE="$REGISTRY/$REGISTRY_OWNER/miccheck-admin"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Installs .NET into $CI_ROOT/.dotnet via the vendored dotnet-install.sh if
|
||||||
|
# `dotnet` isn't already on PATH, then prepends it to PATH for this process.
|
||||||
|
# Keeps bare runners (no SDK preinstalled) working the same as a dev machine.
|
||||||
|
ensure_dotnet() {
|
||||||
|
if command -v dotnet > /dev/null 2>&1; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
local install_dir="$CI_ROOT/.dotnet"
|
||||||
|
if [[ ! -x "$install_dir/dotnet" ]]; then
|
||||||
|
log "dotnet not found on PATH; installing .NET SDK via dotnet-install.sh"
|
||||||
|
bash "$CI_ROOT/dotnet-install.sh" --channel LTS --install-dir "$install_dir"
|
||||||
|
fi
|
||||||
|
export PATH="$install_dir:$PATH"
|
||||||
|
export DOTNET_ROOT="$install_dir"
|
||||||
|
}
|
||||||
|
|
||||||
registry_login() {
|
registry_login() {
|
||||||
require_registry_vars
|
require_registry_vars
|
||||||
[[ -n "$REGISTRY_USER" ]] || fail "REGISTRY_USER env var is required to push images"
|
[[ -n "$REGISTRY_USER" ]] || fail "REGISTRY_USER env var is required to push images"
|
||||||
|
|||||||
@@ -5,6 +5,8 @@ set -euo pipefail
|
|||||||
cd "$(dirname "${BASH_SOURCE[0]}")" && source ./lib.sh
|
cd "$(dirname "${BASH_SOURCE[0]}")" && source ./lib.sh
|
||||||
cd "$CI_ROOT"
|
cd "$CI_ROOT"
|
||||||
|
|
||||||
|
ensure_dotnet
|
||||||
|
|
||||||
log "Building full solution (Debug)"
|
log "Building full solution (Debug)"
|
||||||
dotnet build MicCheck.slnx -c Debug
|
dotnet build MicCheck.slnx -c Debug
|
||||||
|
|
||||||
|
|||||||
@@ -6,6 +6,8 @@ set -euo pipefail
|
|||||||
cd "$(dirname "${BASH_SOURCE[0]}")" && source ./lib.sh
|
cd "$(dirname "${BASH_SOURCE[0]}")" && source ./lib.sh
|
||||||
cd "$CI_ROOT"
|
cd "$CI_ROOT"
|
||||||
|
|
||||||
|
ensure_dotnet
|
||||||
|
|
||||||
log "Running MicCheck.Api.Tests.Unit"
|
log "Running MicCheck.Api.Tests.Unit"
|
||||||
dotnet test tests/api/MicCheck.Api.Tests.Unit/MicCheck.Api.Tests.Unit.csproj -c Release --logger trx
|
dotnet test tests/api/MicCheck.Api.Tests.Unit/MicCheck.Api.Tests.Unit.csproj -c Release --logger trx
|
||||||
|
|
||||||
|
|||||||
@@ -8,6 +8,7 @@
|
|||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<PackageReference Include="Aspire.Hosting.JavaScript" Version="13.4.2" />
|
<PackageReference Include="Aspire.Hosting.JavaScript" Version="13.4.2" />
|
||||||
<PackageReference Include="Aspire.Hosting.PostgreSQL" Version="13.4.0" />
|
<PackageReference Include="Aspire.Hosting.PostgreSQL" Version="13.4.0" />
|
||||||
|
<PackageReference Include="MessagePack" Version="2.5.302" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<PropertyGroup>
|
<PropertyGroup>
|
||||||
|
|||||||
@@ -20,6 +20,14 @@ server {
|
|||||||
proxy_read_timeout 30s;
|
proxy_read_timeout 30s;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Proxy the API's health endpoint, which lives outside the /api prefix.
|
||||||
|
location = /health {
|
||||||
|
resolver 127.0.0.11 valid=10s ipv6=off;
|
||||||
|
set $api_upstream http://api:8080;
|
||||||
|
proxy_pass $api_upstream/health;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
}
|
||||||
|
|
||||||
# SPA fallback — all other paths serve index.html so Vue Router handles them
|
# SPA fallback — all other paths serve index.html so Vue Router handles them
|
||||||
location / {
|
location / {
|
||||||
try_files $uri $uri/ /index.html;
|
try_files $uri $uri/ /index.html;
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ COPY src/api/MicCheck.Api/ src/api/MicCheck.Api/
|
|||||||
RUN dotnet publish src/api/MicCheck.Api/MicCheck.Api.csproj -c Release -o /out --no-restore
|
RUN dotnet publish src/api/MicCheck.Api/MicCheck.Api.csproj -c Release -o /out --no-restore
|
||||||
|
|
||||||
FROM mcr.microsoft.com/dotnet/aspnet:10.0
|
FROM mcr.microsoft.com/dotnet/aspnet:10.0
|
||||||
|
|
||||||
|
# curl is used by the docker-compose healthcheck; the base image ships neither
|
||||||
|
# curl nor wget, so the healthcheck silently fails as "unhealthy" without it.
|
||||||
|
RUN apt-get update && apt-get install -y --no-install-recommends curl && rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY --from=build /out .
|
COPY --from=build /out .
|
||||||
EXPOSE 8080
|
EXPOSE 8080
|
||||||
|
|||||||
@@ -12,6 +12,7 @@
|
|||||||
<PackageReference Include="FluentValidation.AspNetCore" Version="11.3.0" />
|
<PackageReference Include="FluentValidation.AspNetCore" Version="11.3.0" />
|
||||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.5" />
|
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.5" />
|
||||||
<PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
|
<PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.5" />
|
||||||
|
<PackageReference Include="Microsoft.OpenApi" Version="2.9.0" />
|
||||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.5" />
|
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.5" />
|
||||||
<PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.5" />
|
<PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.5" />
|
||||||
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.5">
|
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.5">
|
||||||
|
|||||||
Reference in New Issue
Block a user