diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index ef6fbd8..58d4fd5 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -1,3 +1,4 @@ +# .gitea/workflows/deploy.yml name: Deploy to K3s on: @@ -15,6 +16,7 @@ jobs: env: IMAGE_TAG: ${{ github.sha }} KUBECONFIG: /tmp/.kube/config + NODE_ENV: production steps: - name: Write kubeconfig @@ -52,6 +54,20 @@ jobs: -t localhost:5000/frontend:${IMAGE_TAG} . docker push localhost:5000/frontend:${IMAGE_TAG} + - name: Run database migration job + run: | + cd /workspace/tone/tonePage/apps/deploy + + kubectl delete job backend-migration --ignore-not-found + + sed "s|IMAGE_TAG|${IMAGE_TAG}|g" backend-migration-job.yaml \ + | kubectl apply -f - + + kubectl wait \ + --for=condition=complete \ + job/backend-migration \ + --timeout=120s + - name: Deploy to K3s run: | cd /workspace/tone/tonePage/apps/deploy diff --git a/apps/backend/Dockerfile b/apps/backend/Dockerfile index e5bd854..ec58dff 100644 --- a/apps/backend/Dockerfile +++ b/apps/backend/Dockerfile @@ -1,19 +1,21 @@ FROM node:22-alpine AS builder RUN npm install -g pnpm WORKDIR /app + COPY package.json pnpm-lock.yaml ./ RUN pnpm install --frozen-lockfile -COPY . . +COPY . . RUN pnpm run build FROM node:22-alpine RUN npm install -g pnpm WORKDIR /app + COPY package.json pnpm-lock.yaml ./ RUN pnpm install --frozen-lockfile --prod + COPY --from=builder /app/dist ./dist -COPY --from=builder /app/node_modules ./node_modules EXPOSE 3001 -CMD ["pnpm", "run", "start:prod"] \ No newline at end of file +CMD ["node", "dist/main.js"] \ No newline at end of file diff --git a/apps/backend/package.json b/apps/backend/package.json index 3e4140b..29acfd8 100644 --- a/apps/backend/package.json +++ b/apps/backend/package.json @@ -17,7 +17,10 @@ "test:watch": "jest --watch", "test:cov": "jest --coverage", "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand", - "test:e2e": "jest --config ./test/jest-e2e.json" + "test:e2e": "jest --config ./test/jest-e2e.json", + "migration:generate": "typeorm migration:generate -d src/data-source.ts", + "migration:run": "typeorm migration:run -d dist/data-source.js", + "migration:revert": "typeorm migration:revert -d dist/data-source.js" }, "dependencies": { "@alicloud/credentials": "^2.4.3", @@ -39,6 +42,7 @@ "class-transformer": "^0.5.1", "class-validator": "^0.14.2", "cookie-parser": "^1.4.7", + "dotenv": "^17.2.3", "jsonwebtoken": "^9.0.2", "pg": "^8.15.6", "reflect-metadata": "^0.2.0", @@ -87,4 +91,4 @@ "coverageDirectory": "../coverage", "testEnvironment": "node" } -} +} \ No newline at end of file diff --git a/apps/backend/pnpm-lock.yaml b/apps/backend/pnpm-lock.yaml index 193e9fd..17954f0 100644 --- a/apps/backend/pnpm-lock.yaml +++ b/apps/backend/pnpm-lock.yaml @@ -65,6 +65,9 @@ importers: cookie-parser: specifier: ^1.4.7 version: 1.4.7 + dotenv: + specifier: ^17.2.3 + version: 17.2.3 jsonwebtoken: specifier: ^9.0.2 version: 9.0.2 @@ -1483,6 +1486,10 @@ packages: resolution: {integrity: sha512-47qPchRCykZC03FhkYAhrvwU4xDBFIj1QPqaarj6mdM/hgUzfPHcpkHJOn3mJAufFeeAxAzeGsr5X0M4k6fLZQ==} engines: {node: '>=12'} + dotenv@17.2.3: + resolution: {integrity: sha512-JVUnt+DUIzu87TABbhPmNfVdBDt18BLOWjMUFJMSi/Qqg7NTYtabbvSNJGOJ7afbRuv9D/lngizHtP7QyLQ+9w==} + engines: {node: '>=12'} + dunder-proto@1.0.1: resolution: {integrity: sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==} engines: {node: '>= 0.4'} @@ -5229,6 +5236,8 @@ snapshots: dotenv@16.4.7: {} + dotenv@17.2.3: {} + dunder-proto@1.0.1: dependencies: call-bind-apply-helpers: 1.0.2 diff --git a/apps/backend/src/app.module.ts b/apps/backend/src/app.module.ts index 18b836e..fdc85ee 100644 --- a/apps/backend/src/app.module.ts +++ b/apps/backend/src/app.module.ts @@ -15,20 +15,13 @@ import { ThrottlerModule } from '@nestjs/throttler'; import { CaptchaModule } from './captcha/captcha.module'; import { SmsModule } from './sms/sms.module'; import { CommonModule } from './common/common.module'; +import { AppDataSource } from './data-source'; @Module({ imports: [ ConfigModule.forRoot({ isGlobal: true }), - TypeOrmModule.forRoot({ - type: 'postgres', - host: process.env.DATABASE_HOST, - port: parseInt(process.env.DATABASE_PORT, 10) || 5432, - username: process.env.DATABASE_USERNAME, - password: process.env.DATABASE_PASSWORD, - database: process.env.DATABASE_NAME, - autoLoadEntities: true, - entities: [], - synchronize: process.env.NODE_ENV !== 'production', // Set to false in production + TypeOrmModule.forRootAsync({ + useFactory: () => AppDataSource.options, }), ThrottlerModule.forRoot({ ignoreUserAgents: [/googlebot/i, /bingbot/i], diff --git a/apps/backend/src/data-source.ts b/apps/backend/src/data-source.ts new file mode 100644 index 0000000..48165ac --- /dev/null +++ b/apps/backend/src/data-source.ts @@ -0,0 +1,20 @@ +import 'reflect-metadata'; +import { DataSource } from 'typeorm'; +import * as dotenv from 'dotenv'; + +dotenv.config(); + +export const AppDataSource = new DataSource({ + type: 'postgres', + host: process.env.DATABASE_HOST, + port: Number(process.env.DATABASE_PORT ?? 5432), + username: process.env.DATABASE_USERNAME, + password: process.env.DATABASE_PASSWORD, + database: process.env.DATABASE_NAME, + + synchronize: false, + logging: false, + + entities: ['dist/**/*.entity.js'], + migrations: ['dist/migrations/*.js'], +}); \ No newline at end of file diff --git a/apps/deploy/backend-migration-job.yaml b/apps/deploy/backend-migration-job.yaml new file mode 100644 index 0000000..8079bf0 --- /dev/null +++ b/apps/deploy/backend-migration-job.yaml @@ -0,0 +1,28 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: backend-migration +spec: + backoffLimit: 0 # 失败不自动重试(防止重复执行) + template: + spec: + restartPolicy: Never + containers: + - name: migration + image: localhost:5000/backend:IMAGE_TAG + imagePullPolicy: Always + + command: + - sh + - -c + - | + echo "Running database migrations..." + node ./node_modules/typeorm/cli.js migration:run \ + -d dist/data-source.js + + envFrom: + # 和 backend Deployment 用同一套 + - secretRef: + name: backend-secret + - secretRef: + name: postgres-secret