| 80fafdf | | | 1 | name: Deploy Hub |
| 409bc79 | | | 2 | concurrency: 1 |
| 80fafdf | | | 3 | on: |
| 80fafdf | | | 4 | push: |
| 80fafdf | | | 5 | branches: |
| 80fafdf | | | 6 | - main |
| 80fafdf | | | 7 | paths: |
| 36387cc | | | 8 | - "web/**" |
| 36387cc | | | 9 | - "hub-api/**" |
| 36387cc | | | 10 | - "api/**" |
| 6dd74de | | | 11 | - "collab/mermaid/**" |
| e4f07b8 | | | 12 | - "hub/Caddyfile" |
| c35d0b6 | | | 13 | - "hub/docker-compose.yml" |
| 36387cc | | | 14 | - "docker/Dockerfile.grove-web" |
| 36387cc | | | 15 | - "docker/Dockerfile.grove-hub-api" |
| 36387cc | | | 16 | - "docker/Dockerfile.grove-api" |
| 80fafdf | | | 17 | |
| 80fafdf | | | 18 | steps: |
| 6dd74de | | | 19 | - name: Build mermaid |
| 6dd74de | | | 20 | image: node:22-alpine |
| 6dd74de | | | 21 | run: | |
| 6dd74de | | | 22 | cd collab/mermaid |
| 6dd74de | | | 23 | npm install -g pnpm |
| 04a7f43 | | | 24 | pnpm install --frozen-lockfile --ignore-scripts |
| 6dd74de | | | 25 | pnpm build:mermaid |
| 6dd74de | | | 26 | cp -R packages/mermaid/dist ../../web/mermaid/dist |
| 6dd74de | | | 27 | |
| 80fafdf | | | 28 | - name: Build web image |
| 80fafdf | | | 29 | image: docker:27-dind |
| 77ad681 | | | 30 | timeout: 1200 |
| 80fafdf | | | 31 | run: | |
| 80fafdf | | | 32 | docker build \ |
| 36387cc | | | 33 | -f docker/Dockerfile.grove-web \ |
| 80fafdf | | | 34 | --build-arg GROVE_HUB_API_URL=http://hub-api:4000 \ |
| f0bb192 | | | 35 | --build-arg GROVE_API_URL=http://grove-api:4000 \ |
| 5f0fbcf | | | 36 | -t $GROVE_REGISTRY/grove-web:latest \ |
| 36387cc | | | 37 | . |
| 5f0fbcf | | | 38 | docker push $GROVE_REGISTRY/grove-web:latest |
| 80fafdf | | | 39 | |
| 80fafdf | | | 40 | - name: Build hub-api image |
| 80fafdf | | | 41 | image: docker:27-dind |
| 80fafdf | | | 42 | run: | |
| 80fafdf | | | 43 | docker build \ |
| 36387cc | | | 44 | -f docker/Dockerfile.grove-hub-api \ |
| 5f0fbcf | | | 45 | -t $GROVE_REGISTRY/grove-hub-api:latest \ |
| 36387cc | | | 46 | . |
| 5f0fbcf | | | 47 | docker push $GROVE_REGISTRY/grove-hub-api:latest |
| 80fafdf | | | 48 | |
| 5f0fbcf | | | 49 | - name: Build api image |
| 5f0fbcf | | | 50 | image: docker:27-dind |
| 5f0fbcf | | | 51 | run: | |
| 5f0fbcf | | | 52 | docker build \ |
| 36387cc | | | 53 | -f docker/Dockerfile.grove-api \ |
| 5f0fbcf | | | 54 | -t $GROVE_REGISTRY/grove-api:latest \ |
| 36387cc | | | 55 | . |
| 5f0fbcf | | | 56 | docker push $GROVE_REGISTRY/grove-api:latest |
| 5f0fbcf | | | 57 | |
| 5f0fbcf | | | 58 | - name: Deploy |
| 5f0fbcf | | | 59 | image: docker:27-dind |
| 80fafdf | | | 60 | run: | |
| e693163 | | | 61 | REGISTRY=localhost:5000 |
| e693163 | | | 62 | # Save current API image as :previous BEFORE pulling the new one |
| e693163 | | | 63 | docker tag $REGISTRY/grove-api:latest $REGISTRY/grove-api:previous 2>/dev/null || true |
| e693163 | | | 64 | docker push $REGISTRY/grove-api:previous 2>/dev/null || true |
| e693163 | | | 65 | |
| c35d0b6 | | | 66 | # Update docker-compose.yml and Caddyfile on host |
| c35d0b6 | | | 67 | cat hub/docker-compose.yml | docker run --rm -i -v /opt/grove:/opt/grove alpine sh -c 'cat > /opt/grove/docker-compose.yml' |
| c35d0b6 | | | 68 | cat hub/Caddyfile | docker run --rm -i -v /opt/grove:/opt/grove alpine sh -c 'cat > /opt/grove/Caddyfile' |
| c35d0b6 | | | 69 | |
| 0b4b582 | | | 70 | docker compose -f /opt/grove/docker-compose.yml pull hub-api grove-web grove-api |
| 0b4b582 | | | 71 | docker compose -f /opt/grove/docker-compose.yml up -d --no-deps hub-api grove-web |
| 2e17669 | | | 72 | docker compose -f /opt/grove/docker-compose.yml exec -T caddy caddy reload --config /etc/caddy/Caddyfile |
| 5f0fbcf | | | 73 | docker image prune -f |
| 7422c65 | | | 74 | |
| 7422c65 | | | 75 | - name: Restart API |
| 7422c65 | | | 76 | image: docker:27-dind |
| 7422c65 | | | 77 | run: | |
| fb964da | | | 78 | # grove-api IS the Canopy runner — restarting it kills this pipeline. |
| fb964da | | | 79 | # We fire-and-forget a detached container that does a health-checked |
| fb964da | | | 80 | # restart with automatic rollback on failure. |
| 7422c65 | | | 81 | docker run -d --rm \ |
| 7422c65 | | | 82 | -v /var/run/docker.sock:/var/run/docker.sock \ |
| 7422c65 | | | 83 | -v /opt/grove:/opt/grove:ro \ |
| 7422c65 | | | 84 | --network host \ |
| 7422c65 | | | 85 | docker:27-dind \ |
| fb964da | | | 86 | sh -c ' |
| fb964da | | | 87 | COMPOSE="docker compose -f /opt/grove/docker-compose.yml" |
| fb964da | | | 88 | REGISTRY=localhost:5000 |
| fb964da | | | 89 | IMAGE=$REGISTRY/grove-api |
| e693163 | | | 90 | CONTAINER=grove-grove-api-1 |
| fb964da | | | 91 | |
| e693163 | | | 92 | # 1. Restart with new image |
| fb964da | | | 93 | sleep 5 |
| fb964da | | | 94 | $COMPOSE up -d grove-api |
| fb964da | | | 95 | |
| e693163 | | | 96 | # 2. Health check — poll for 30s using docker exec |
| fb964da | | | 97 | ok=false |
| fb964da | | | 98 | for i in $(seq 1 15); do |
| fb964da | | | 99 | sleep 2 |
| e693163 | | | 100 | if docker exec $CONTAINER wget -qO- http://127.0.0.1:4000/health 2>/dev/null; then |
| fb964da | | | 101 | ok=true |
| fb964da | | | 102 | break |
| fb964da | | | 103 | fi |
| fb964da | | | 104 | done |
| fb964da | | | 105 | |
| fb964da | | | 106 | if $ok; then |
| fb964da | | | 107 | echo "API healthy after restart" |
| fb964da | | | 108 | else |
| fb964da | | | 109 | echo "API unhealthy — rolling back to previous image" |
| fb964da | | | 110 | docker tag $IMAGE:previous $IMAGE:latest |
| fb964da | | | 111 | docker push $IMAGE:latest |
| e693163 | | | 112 | $COMPOSE pull grove-api |
| fb964da | | | 113 | $COMPOSE up -d grove-api |
| fb964da | | | 114 | |
| fb964da | | | 115 | # Wait for rollback to come up |
| fb964da | | | 116 | for i in $(seq 1 10); do |
| fb964da | | | 117 | sleep 2 |
| e693163 | | | 118 | if docker exec $CONTAINER wget -qO- http://127.0.0.1:4000/health 2>/dev/null; then |
| fb964da | | | 119 | echo "Rollback successful" |
| fb964da | | | 120 | break |
| fb964da | | | 121 | fi |
| fb964da | | | 122 | done |
| fb964da | | | 123 | fi |
| fb964da | | | 124 | ' |