a21790d58d
All checks were successful
Deploy SOLUTION_ERP / build-deploy (push) Successful in 3m0s
Run #111 (commit 29eb5d9) FAIL với `'tsc' is not recognized` ở step Build fe-admin.
Symptoms confusing:
- VPS check: cache dir C:\npm-cache-erp\ chưa có (cold)
- Log: KHÔNG có Write-Host "cache MISS" hay "added 239 packages"
- Timing: 1.6s từ end-of-BE-build → start-of-fe-admin-build (impossible cho npm install 49s)
- Test gate (Domain 54 + Infra 17) PASS nên không phải code regression
Khả năng cao: junction Move-Item disrupted node_modules .bin/ structure HOẶC
act_runner PowerShell stream capture có quirk với cache MISS branch. Cần debug
riêng — không nên block deploy chính.
Decision:
- Rollback npm cache logic về fresh install như cũ (49s + 33s)
- GIỮ path filter on:push:paths-ignore (đây mới là win lớn nhất — 100% saving cho MD-only commit)
- Document gotcha cho session sau (sẽ thử robocopy thay vì junction, hoặc dùng act_runner cache server local)
Path filter behavior (giữ lại):
- Commit chỉ docs/MD/skill/gitignore → SKIP CI hoàn toàn (~196s/commit saved)
- Commit code OR cùng commit có code+docs → vẫn trigger (đúng)
Verify dotnet test local: 71 pass / 1s (BE không thay đổi).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
184 lines
8.3 KiB
YAML
184 lines
8.3 KiB
YAML
# Gitea Actions CI/CD - build + deploy SOLUTION_ERP to IIS on same VPS.
|
|
# Trigger: push to main, or manual dispatch.
|
|
#
|
|
# Self-hosted Windows runner on VPS (shared with VIETREPORT). Runner has:
|
|
# - git, .NET 10 SDK, Node 20, IIS
|
|
# - Can deploy locally (no WinRM needed)
|
|
#
|
|
# Secrets required in Gitea repo settings:
|
|
# - JWT_SECRET (64+ chars random)
|
|
# - DB_CONNECTION (full connection string with vrapp password)
|
|
|
|
name: Deploy SOLUTION_ERP
|
|
|
|
# Path filter — skip CI khi commit chỉ docs/MD/skill (~110s saved per docs commit).
|
|
# Commit MD-only như "Docs: chốt session" sẽ KHÔNG trigger workflow.
|
|
# Lưu ý: nếu cùng 1 commit thay đổi cả MD + code → vẫn trigger (đúng behavior).
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
paths-ignore:
|
|
- 'docs/**'
|
|
- '**/*.md'
|
|
- '.claude/skills/**'
|
|
- '.gitignore'
|
|
- 'scripts/**.md'
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
build-deploy:
|
|
runs-on: windows-latest
|
|
steps:
|
|
# Manual checkout thay vì `uses: actions/checkout@v4` — tránh phụ thuộc
|
|
# github.com (act_runner mỗi run đều `git fetch` để check update action,
|
|
# khi VPS → github.com TCP timeout 21s thì toàn job fail trước khi tới
|
|
# test gate). Gitea internal network luôn ổn định, nên clone trực tiếp.
|
|
# Token `${{ github.token }}` (Gitea cũng dùng tên này) tự sẵn cho job.
|
|
- name: Checkout (manual git, bypass github.com)
|
|
shell: powershell
|
|
run: |
|
|
git config --global --add safe.directory '*'
|
|
git init -q
|
|
git remote add origin "https://gitea-actions:${{ github.token }}@git.baocaogiaoduc.vn/${{ github.repository }}.git"
|
|
# Fetch ref (branch) thay vì SHA — không cần Gitea allow SHA fetch.
|
|
# Depth 30 đủ buffer nếu main đã commit thêm sau khi job pickup.
|
|
$ref = "${{ github.ref }}"
|
|
if ($ref -like "refs/heads/*") { $ref = $ref.Substring(11) }
|
|
git fetch --depth=30 origin $ref
|
|
git checkout --quiet "${{ github.sha }}"
|
|
git log -1 --oneline
|
|
|
|
- name: Show tool versions
|
|
shell: powershell
|
|
run: |
|
|
& 'C:\Program Files\dotnet\dotnet.exe' --version
|
|
& 'C:\Program Files\nodejs\node.exe' --version
|
|
& 'C:\Program Files\nodejs\npm.cmd' --version
|
|
|
|
# ============== TEST GATE ==============
|
|
# Run tests TRƯỚC build/publish/deploy. Fail → exit non-zero → no deploy.
|
|
# Phase 1: Domain (54 test policy state machine).
|
|
# Phase 2: Infrastructure (17 test code generators format/sequence/year scope).
|
|
- name: Run unit tests (Domain)
|
|
shell: powershell
|
|
run: |
|
|
& 'C:\Program Files\dotnet\dotnet.exe' test tests/SolutionErp.Domain.Tests/SolutionErp.Domain.Tests.csproj `
|
|
--configuration Release `
|
|
--logger "trx;LogFileName=domain-tests.trx" `
|
|
--results-directory test-results
|
|
if ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE }
|
|
|
|
- name: Run integration tests (Infrastructure - SQLite in-memory)
|
|
shell: powershell
|
|
run: |
|
|
& 'C:\Program Files\dotnet\dotnet.exe' test tests/SolutionErp.Infrastructure.Tests/SolutionErp.Infrastructure.Tests.csproj `
|
|
--configuration Release `
|
|
--logger "trx;LogFileName=infra-tests.trx" `
|
|
--results-directory test-results
|
|
if ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE }
|
|
|
|
# Upload test results — bỏ vì `actions/upload-artifact@v4` cũng phụ thuộc
|
|
# github.com fetch (cùng vấn đề như actions/checkout). TRX file vẫn save
|
|
# local trong workspace `test-results/` cho debug khi cần.
|
|
- name: List test results (local debug)
|
|
if: always()
|
|
shell: powershell
|
|
run: |
|
|
if (Test-Path test-results) {
|
|
Get-ChildItem test-results -Recurse | Format-Table FullName, Length
|
|
} else {
|
|
Write-Host "No test-results directory."
|
|
}
|
|
|
|
# ============== BUILD ==============
|
|
- name: Build backend
|
|
shell: powershell
|
|
run: |
|
|
& 'C:\Program Files\dotnet\dotnet.exe' restore SolutionErp.slnx
|
|
& 'C:\Program Files\dotnet\dotnet.exe' publish src/Backend/SolutionErp.Api/SolutionErp.Api.csproj `
|
|
--configuration Release `
|
|
--output out/api `
|
|
--runtime win-x64 `
|
|
--self-contained false
|
|
|
|
# FE build — npm install fresh mỗi run (Vite 8 rolldown gotcha #20).
|
|
# NOTE: Junction-based npm cache đã thử ở commit 29eb5d9 nhưng FAIL — `tsc not found`,
|
|
# script không hiện Write-Host log. Cần debug riêng (xem gotcha #39 mới).
|
|
# Tạm dùng fresh install như cũ (49s + 33s = 82s/run). Path filter ở trên đã
|
|
# save 100% time cho commit MD-only — đó là win lớn nhất.
|
|
- name: Build fe-admin
|
|
shell: powershell
|
|
working-directory: fe-admin
|
|
run: |
|
|
# Vite 8 rolldown native binding must match platform; fresh resolve on Windows
|
|
Remove-Item node_modules, package-lock.json -Recurse -Force -ErrorAction SilentlyContinue
|
|
& 'C:\Program Files\nodejs\npm.cmd' install --no-audit --no-fund
|
|
& 'C:\Program Files\nodejs\npm.cmd' run build
|
|
|
|
- name: Build fe-user
|
|
shell: powershell
|
|
working-directory: fe-user
|
|
run: |
|
|
Remove-Item node_modules, package-lock.json -Recurse -Force -ErrorAction SilentlyContinue
|
|
& 'C:\Program Files\nodejs\npm.cmd' install --no-audit --no-fund
|
|
& 'C:\Program Files\nodejs\npm.cmd' run build
|
|
|
|
- name: Deploy to IIS (local)
|
|
if: github.ref == 'refs/heads/main'
|
|
shell: powershell
|
|
env:
|
|
JWT_SECRET: ${{ secrets.JWT_SECRET }}
|
|
DB_CONNECTION: ${{ secrets.DB_CONNECTION }}
|
|
run: |
|
|
Import-Module WebAdministration
|
|
|
|
# Stop app pool (if running) so DLLs are writable
|
|
$poolState = (Get-WebAppPoolState -Name SolutionErp-Api -ErrorAction SilentlyContinue).Value
|
|
if ($poolState -eq 'Started') {
|
|
Stop-WebAppPool -Name SolutionErp-Api
|
|
Start-Sleep -Seconds 3
|
|
}
|
|
|
|
# Deploy API
|
|
Remove-Item -Path 'C:\inetpub\solution-erp\api\*' -Recurse -Force -Exclude 'appsettings.Production.json','logs','uploads','wwwroot' -ErrorAction SilentlyContinue
|
|
Copy-Item -Path 'out\api\*' -Destination 'C:\inetpub\solution-erp\api\' -Recurse -Force
|
|
|
|
# Write appsettings.Production.json from source template + secrets.
|
|
# Template is in source workspace (not in publish output - dotnet publish
|
|
# doesn't copy .example files).
|
|
$example = 'src\Backend\SolutionErp.Api\appsettings.Production.json.example'
|
|
$prod = 'C:\inetpub\solution-erp\api\appsettings.Production.json'
|
|
$settings = Get-Content $example -Raw | ConvertFrom-Json
|
|
$settings.ConnectionStrings.Default = $env:DB_CONNECTION
|
|
$settings.Jwt.Secret = $env:JWT_SECRET
|
|
$settings | ConvertTo-Json -Depth 10 | Set-Content -Path $prod -Encoding UTF8
|
|
Write-Host "Wrote appsettings.Production.json"
|
|
|
|
# Restrict ACL
|
|
icacls $prod /inheritance:r | Out-Null
|
|
icacls $prod /grant:r 'Administrators:(R,W)' 'IIS AppPool\SolutionErp-Api:(R)' | Out-Null
|
|
|
|
# Deploy fe-admin
|
|
Remove-Item -Path 'C:\inetpub\solution-erp\fe-admin\*' -Recurse -Force -Exclude 'web.config' -ErrorAction SilentlyContinue
|
|
Copy-Item -Path 'fe-admin\dist\*' -Destination 'C:\inetpub\solution-erp\fe-admin\' -Recurse -Force
|
|
|
|
# Deploy fe-user
|
|
Remove-Item -Path 'C:\inetpub\solution-erp\fe-user\*' -Recurse -Force -Exclude 'web.config' -ErrorAction SilentlyContinue
|
|
Copy-Item -Path 'fe-user\dist\*' -Destination 'C:\inetpub\solution-erp\fe-user\' -Recurse -Force
|
|
|
|
# Restart app pool
|
|
Start-WebAppPool -Name SolutionErp-Api
|
|
Write-Host "Deploy done. App pool started."
|
|
|
|
- name: Smoke test
|
|
if: github.ref == 'refs/heads/main'
|
|
shell: powershell
|
|
run: |
|
|
Start-Sleep -Seconds 10
|
|
try {
|
|
$r = Invoke-WebRequest -Uri 'https://api.solutions.com.vn/health/live' -TimeoutSec 30 -UseBasicParsing
|
|
Write-Host "API /health/live -> $($r.StatusCode)"
|
|
} catch {
|
|
Write-Warning "API smoke test: $_"
|
|
}
|