klevze/SkinbaseNova
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
SkinbaseNova/scripts/rollback-production.sh

360 lines
9.6 KiB
Bash
Raw Permalink Blame History

#!/bin/bash
set -euo pipefail
remote_folder="${REMOTE_FOLDER:-/opt/www/virtual/SkinbaseNova}"
remote_server="${REMOTE_SERVER:-klevze@server3.klevze.si}"
remote_release_root="${REMOTE_RELEASE_ROOT:-${REMOTE_FOLDER:-/opt/www/virtual/SkinbaseNova}.releases}"
remote_shared_root="${REMOTE_SHARED_ROOT:-${REMOTE_RELEASE_ROOT:-/opt/www/virtual/SkinbaseNova.releases}/shared}"
php_bin="${PHP_BIN:-php}"
composer_bin="${COMPOSER_BIN:-composer}"
ssh_bin="${SSH_BIN:-ssh}"
dry_run=0
list_only=0
rollback_release_id=""
use_previous=0
skip_maintenance=0
usage() {
cat <<'EOF'
Usage: bash scripts/rollback-production.sh [options]
Options:
--previous Switch to the previous retained release on the production server.
--release-id ID Switch to a specific retained release ID.
--list List retained releases and exit.
--dry-run Preview the release switch without changing the active release.
--no-maintenance Skip php artisan down/up during the switch.
--help Show this help.
Environment overrides:
REMOTE_FOLDER, REMOTE_SERVER, REMOTE_RELEASE_ROOT, REMOTE_SHARED_ROOT, PHP_BIN, COMPOSER_BIN, SSH_BIN
Notes:
- Rollback changes the active server release; it does not re-upload files from local.
- Database migrations are not reversed automatically.
EOF
}
log_step() {
printf '\n==> %s\n' "$1"
}
log_info() {
printf ' -> %s\n' "$1"
}
die() {
printf 'ERROR: %s\n' "$1" >&2
exit 1
}
require_command() {
local command_name="$1"
local description="$2"
command -v "$command_name" >/dev/null 2>&1 || die "$description is required but was not found in PATH ($command_name)."
}
sanitize_release_fragment() {
local value="$1"
value="${value//[^A-Za-z0-9._-]/-}"
value="${value#-}"
value="${value%-}"
printf '%s' "$value"
}
while [[ $# -gt 0 ]]; do
case "$1" in
--previous)
use_previous=1
;;
--release-id)
shift
rollback_release_id="$(sanitize_release_fragment "${1:?Missing value for --release-id}")"
;;
--release-id=*)
rollback_release_id="$(sanitize_release_fragment "${1#*=}")"
;;
--list)
list_only=1
;;
--dry-run)
dry_run=1
;;
--no-maintenance)
skip_maintenance=1
;;
--help|-h)
usage
exit 0
;;
*)
die "Unknown option: $1"
;;
esac
shift
done
require_command "$ssh_bin" "SSH"
if [[ "$list_only" -eq 0 && "$use_previous" -eq 0 && -z "$rollback_release_id" ]]; then
die "Choose either --previous or --release-id, or use --list to inspect retained releases."
fi
if [[ "$use_previous" -eq 1 && -n "$rollback_release_id" ]]; then
die "Use either --previous or --release-id, not both."
fi
if [[ "$list_only" -eq 1 ]]; then
log_step "Retained releases on $remote_server"
"$ssh_bin" "$remote_server" \
REMOTE_RELEASE_ROOT="$(printf '%q' "$remote_release_root")" \
'bash -s' <<'EOF'
set -euo pipefail
current_release="unknown"
if [[ -f "${REMOTE_RELEASE_ROOT}/current-release.txt" ]]; then
current_release="$(cat "${REMOTE_RELEASE_ROOT}/current-release.txt")"
fi
printf 'Current release: %s\n' "$current_release"
if [[ ! -d "${REMOTE_RELEASE_ROOT}/releases" ]]; then
printf 'No retained releases found in %s\n' "$REMOTE_RELEASE_ROOT"
exit 0
fi
find "${REMOTE_RELEASE_ROOT}/releases" -mindepth 1 -maxdepth 1 -type d | sort -r | while read -r path; do
release_id="$(basename "$path")"
marker=" "
if [[ "$release_id" == "$current_release" ]]; then
marker="*"
fi
printf '%s %s\n' "$marker" "$release_id"
done
EOF
exit 0
fi
log_step "Switching production release on $remote_server"
if [[ "$dry_run" -eq 1 ]]; then
log_info "Dry-run mode enabled; remote current release will not be changed"
fi
"$ssh_bin" "$remote_server" \
REMOTE_FOLDER="$(printf '%q' "$remote_folder")" \
REMOTE_RELEASE_ROOT="$(printf '%q' "$remote_release_root")" \
REMOTE_SHARED_ROOT="$(printf '%q' "$remote_shared_root")" \
PHP_BIN="$(printf '%q' "$php_bin")" \
COMPOSER_BIN="$(printf '%q' "$composer_bin")" \
ROLLBACK_RELEASE_ID="$(printf '%q' "$rollback_release_id")" \
USE_PREVIOUS="$use_previous" \
DRY_RUN="$dry_run" \
SKIP_MAINTENANCE="$skip_maintenance" \
'bash -s' <<'EOF'
set -euo pipefail
current_link="${REMOTE_RELEASE_ROOT}/current"
log_step() {
printf '\n==> %s\n' "$1"
}
log_info() {
printf ' -> %s\n' "$1"
}
log_warn() {
printf 'WARN: %s\n' "$1" >&2
}
die() {
printf 'ERROR: %s\n' "$1" >&2
exit 1
}
current_release_id() {
if [[ -L "$current_link" ]]; then
basename "$(readlink "$current_link")"
return 0
fi
printf '%s\n' ''
}
resolve_target_release() {
local current_release
local target_release
local -a releases=()
[[ -d "${REMOTE_RELEASE_ROOT}/releases" ]] || die "No retained releases exist under ${REMOTE_RELEASE_ROOT}/releases"
current_release="$(current_release_id)"
if [[ "$USE_PREVIOUS" -eq 1 ]]; then
mapfile -t releases < <(find "${REMOTE_RELEASE_ROOT}/releases" -mindepth 1 -maxdepth 1 -type d | sort -r)
for release_path in "${releases[@]}"; do
target_release="$(basename "$release_path")"
if [[ "$target_release" != "$current_release" ]]; then
printf '%s\n' "$target_release"
return 0
fi
done
die "No previous retained release is available."
fi
printf '%s\n' "$ROLLBACK_RELEASE_ID"
}
ensure_dir() {
mkdir -p "$1"
}
ensure_php_runtime_dir() {
local target_dir="$1"
local -a privileged_cmd=()
if command -v sudo >/dev/null 2>&1 && sudo -n true >/dev/null 2>&1; then
privileged_cmd=(sudo -n)
elif [[ "$(id -u)" -eq 0 ]]; then
privileged_cmd=()
fi
if [[ ! -d "$target_dir" ]]; then
if [[ ${#privileged_cmd[@]} -gt 0 ]]; then
"${privileged_cmd[@]}" mkdir -p "$target_dir"
else
mkdir -p "$target_dir"
fi
fi
if [[ ${#privileged_cmd[@]} -gt 0 || "$(id -u)" -eq 0 ]]; then
"${privileged_cmd[@]}" chown -R skinbase:skinbase "$target_dir"
"${privileged_cmd[@]}" chmod 770 "$target_dir"
return
fi
chmod 770 "$target_dir" >/dev/null 2>&1 || true
}
link_shared_paths() {
local target_release="$1"
ensure_dir "$target_release/public" "$target_release/var"
rm -f "$target_release/.env"
ln -sfn "${REMOTE_SHARED_ROOT}/.env" "$target_release/.env"
rm -rf "$target_release/storage"
ln -sfn "${REMOTE_SHARED_ROOT}/storage" "$target_release/storage"
rm -rf "$target_release/public/files"
ln -sfn "${REMOTE_SHARED_ROOT}/public/files" "$target_release/public/files"
rm -rf "$target_release/public/sitemaps"
ln -sfn "${REMOTE_SHARED_ROOT}/public/sitemaps" "$target_release/public/sitemaps"
rm -rf "$target_release/var/php-tmp"
ln -sfn "${REMOTE_SHARED_ROOT}/var/php-tmp" "$target_release/var/php-tmp"
rm -rf "$target_release/var/php-sessions"
ln -sfn "${REMOTE_SHARED_ROOT}/var/php-sessions" "$target_release/var/php-sessions"
}
bring_app_up() {
if [[ "$SKIP_MAINTENANCE" -eq 0 && -f "$REMOTE_FOLDER/artisan" ]]; then
"$PHP_BIN" "$REMOTE_FOLDER/artisan" up >/dev/null 2>&1 || true
fi
}
target_release="$(resolve_target_release)"
[[ -n "$target_release" ]] || die "Unable to resolve a target release."
target_release_path="${REMOTE_RELEASE_ROOT}/releases/${target_release}"
[[ -d "$target_release_path" ]] || die "Retained release not found: ${target_release_path}"
current_release="$(current_release_id)"
[[ -n "$current_release" ]] || die "No active current release is configured under ${current_link}"
if [[ "$target_release" == "$current_release" ]]; then
die "Target release is already active: ${target_release}"
fi
ensure_php_runtime_dir "${REMOTE_SHARED_ROOT}/var/php-tmp"
ensure_php_runtime_dir "${REMOTE_SHARED_ROOT}/var/php-sessions"
link_shared_paths "$target_release_path"
[[ -f "${REMOTE_SHARED_ROOT}/.env" ]] || die "Shared production .env is missing at ${REMOTE_SHARED_ROOT}/.env"
[[ -f "${target_release_path}/artisan" ]] || die "Target release is missing artisan: ${target_release_path}/artisan"
log_info "Current release: ${current_release}"
log_info "Target release: ${target_release}"
log_info "Target path: ${target_release_path}"
if [[ "$DRY_RUN" -eq 1 ]]; then
exit 0
fi
trap bring_app_up EXIT
if [[ "$SKIP_MAINTENANCE" -eq 0 && -f "$REMOTE_FOLDER/artisan" ]]; then
log_step "Enabling maintenance mode"
"$PHP_BIN" "$REMOTE_FOLDER/artisan" down --retry=60 || true
fi
if [[ ! -f "${target_release_path}/vendor/autoload.php" ]]; then
log_step "Installing Composer dependencies in target release"
(
cd "$target_release_path"
"$COMPOSER_BIN" install --no-dev --prefer-dist --optimize-autoloader --no-interaction
)
fi
log_step "Switching current release to ${target_release}"
ln -sfn "$target_release_path" "$current_link"
ln -sfn "$current_link" "$REMOTE_FOLDER"
cd "$REMOTE_FOLDER"
log_step "Refreshing caches"
"$PHP_BIN" artisan view:clear
"$PHP_BIN" artisan optimize:clear
"$PHP_BIN" artisan optimize
"$PHP_BIN" artisan view:cache
if [[ "$SKIP_MAINTENANCE" -eq 0 ]]; then
log_step "Bringing application back online"
"$PHP_BIN" artisan up
trap - EXIT
fi
if ! "$PHP_BIN" artisan homepage:warm-guest-cache; then
log_warn "Homepage guest cache warm failed during rollback."
fi
if ! "$PHP_BIN" artisan posts:warm-trending; then
log_warn "Post trending cache warm failed during rollback."
fi
log_step "Restarting queue workers"
"$PHP_BIN" artisan queue:restart || true
cat > "${REMOTE_RELEASE_ROOT}/current-release.json" <<JSON
{
"release_id": "${target_release}",
"rolled_back_from_release_id": "${current_release}",
"rolled_back_at": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
"remote_folder": "${REMOTE_FOLDER}",
"release_path": "${target_release_path}"
}
JSON
printf '%s\n' "${target_release}" > "${REMOTE_RELEASE_ROOT}/current-release.txt"
log_step "Release switch complete"
EOF
Reference in New Issue View Git Blame Copy Permalink