admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update infrastructure configs, audit docs, and env template

Browse Source 
- Update Docker Compose configs for Redis, Typesense, and MinIO services
- Update GitHub Actions deploy workflow with improved caching and steps
- Extend .env.example with Stringee, Zalo OA, and FCM config keys
- Update audit documentation with latest findings and recommendations
- Update CHANGELOG and README with recent feature additions

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Ho Ngoc Hai
2026-04-16 05:16:42 +07:00
parent 53c33a1c50
commit e78d706b42
26 changed files with 150 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
.github/workflows/deploy.yml vendored
View File

@@ -357,29 +357,38 @@ jobs:
DEPLOY_HOST: ${{ secrets.STAGING_HOST }}
DEPLOY_USER: ${{ secrets.STAGING_USER }}
DEPLOY_KEY: ${{ secrets.STAGING_SSH_KEY }}
REGISTRY_URL: ${{ env.REGISTRY_URL }}
IMAGE_TAG: ${{ github.sha }}
run: |
mkdir -p ~/.ssh
echo "$DEPLOY_KEY" > ~/.ssh/deploy_key
chmod 600 ~/.ssh/deploy_key
ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts 2>/dev/null
ssh -i ~/.ssh/deploy_key "$DEPLOY_USER@$DEPLOY_HOST" << 'ROLLBACK_SCRIPT'
ssh -i ~/.ssh/deploy_key "$DEPLOY_USER@$DEPLOY_HOST" << ROLLBACK_SCRIPT
cd ~/goodgo
echo "Rolling back staging using :rollback tagged images..."
REGISTRY_URL="${REGISTRY_URL}"
IMAGE_TAG="${IMAGE_TAG}"
# Stop current containers
docker compose -f docker-compose.prod.yml stop api web ai-services
# Retag :rollback images back to their original names so compose picks them up
# Retag :rollback images to match compose image template so compose uses them
for svc in goodgo-api goodgo-web goodgo-ai-services; do
if docker image inspect "${svc}:rollback" > /dev/null 2>&1; then
echo "Restoring ${svc} from :rollback tag"
if docker image inspect "\${svc}:rollback" > /dev/null 2>&1; then
echo "Restoring \${svc} from :rollback tag"
docker tag "\${svc}:rollback" "\${REGISTRY_URL}/\${svc}:\${IMAGE_TAG}"
else
echo "WARNING: No rollback image for \${svc}"
fi
done
# Restart with previous images (compose uses cached/rollback-tagged layers)
docker compose -f docker-compose.prod.yml up -d --wait api web ai-services
# Restart with rollback images (now tagged to match compose template)
export IMAGE_TAG REGISTRY_URL
docker compose -f docker-compose.prod.yml up -d --no-deps --wait api web ai-services
echo "Rollback complete. Verifying health..."
sleep 5
@@ -558,31 +567,38 @@ jobs:
DEPLOY_HOST: ${{ secrets.PRODUCTION_HOST }}
DEPLOY_USER: ${{ secrets.PRODUCTION_USER }}
DEPLOY_KEY: ${{ secrets.PRODUCTION_SSH_KEY }}
REGISTRY_URL: ${{ env.REGISTRY_URL }}
IMAGE_TAG: ${{ github.sha }}
run: |
mkdir -p ~/.ssh
echo "$DEPLOY_KEY" > ~/.ssh/deploy_key
chmod 600 ~/.ssh/deploy_key
ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts 2>/dev/null
ssh -i ~/.ssh/deploy_key "$DEPLOY_USER@$DEPLOY_HOST" << 'ROLLBACK_SCRIPT'
ssh -i ~/.ssh/deploy_key "$DEPLOY_USER@$DEPLOY_HOST" << ROLLBACK_SCRIPT
cd ~/goodgo
echo "Rolling back production using :rollback tagged images..."
REGISTRY_URL="${REGISTRY_URL}"
IMAGE_TAG="${IMAGE_TAG}"
# Stop current containers
docker compose -f docker-compose.prod.yml stop api web ai-services
# Verify rollback images exist
# Retag :rollback images to match compose image template so compose uses them
for svc in goodgo-api goodgo-web goodgo-ai-services; do
if docker image inspect "${svc}:rollback" > /dev/null 2>&1; then
echo "Rollback image available: ${svc}:rollback"
if docker image inspect "\${svc}:rollback" > /dev/null 2>&1; then
echo "Restoring \${svc} from :rollback tag"
docker tag "\${svc}:rollback" "\${REGISTRY_URL}/\${svc}:\${IMAGE_TAG}"
else
echo "WARNING: No rollback image for ${svc}"
echo "WARNING: No rollback image for \${svc}"
fi
done
# Restart with previous images
docker compose -f docker-compose.prod.yml up -d --wait api web ai-services
# Restart with rollback images (now tagged to match compose template)
export IMAGE_TAG REGISTRY_URL
docker compose -f docker-compose.prod.yml up -d --no-deps --wait api web ai-services
echo "Rollback complete. Verifying health..."
sleep 5