release: v0.1.14 #149
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Production | |
| on: | |
| push: | |
| branches: [main, dev] | |
| workflow_dispatch: | |
| concurrency: | |
| group: deploy-production | |
| cancel-in-progress: false | |
| jobs: | |
| checks: | |
| name: Checks | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:16 | |
| env: | |
| POSTGRES_USER: openlinear | |
| POSTGRES_PASSWORD: openlinear | |
| POSTGRES_DB: openlinear_test | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| env: | |
| DATABASE_URL: postgresql://openlinear:openlinear@localhost:5432/openlinear_test | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: pnpm | |
| - run: pnpm install --frozen-lockfile | |
| - name: Generate Prisma client | |
| run: pnpm --filter @openlinear/db db:generate | |
| - name: Push schema to test database | |
| run: pnpm --filter @openlinear/db db:push | |
| - name: Typecheck | |
| run: pnpm --filter @openlinear/api typecheck | |
| - name: Build API | |
| run: pnpm --filter @openlinear/api build | |
| - name: Test | |
| run: pnpm --filter @openlinear/api test | |
| deploy: | |
| name: Deploy | |
| needs: checks | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: Deploy to droplet | |
| uses: appleboy/ssh-action@v1 | |
| with: | |
| host: ${{ secrets.DEPLOY_HOST }} | |
| username: ${{ secrets.DEPLOY_USER }} | |
| key: ${{ secrets.DEPLOY_SSH_KEY }} | |
| command_timeout: 15m | |
| script: | | |
| set -e | |
| export CI=true | |
| cd /opt/openlinear && git reset --hard HEAD | |
| /opt/openlinear/scripts/deploy.sh | |
| - name: Diagnostics (pm2 + port + local health) | |
| if: ${{ always() }} | |
| uses: appleboy/ssh-action@v1 | |
| with: | |
| host: ${{ secrets.DEPLOY_HOST }} | |
| username: ${{ secrets.DEPLOY_USER }} | |
| key: ${{ secrets.DEPLOY_SSH_KEY }} | |
| command_timeout: 2m | |
| script: | | |
| set -e | |
| echo "== pm2 show ==" | |
| pm2 show openlinear-api || true | |
| pm2 show openlinear-fe || true | |
| echo "== port 3001 listener ==" | |
| (command -v ss >/dev/null 2>&1 && ss -ltnp | grep ':3001' && exit 0) || true | |
| (command -v lsof >/dev/null 2>&1 && lsof -iTCP:3001 -sTCP:LISTEN -nP && exit 0) || true | |
| echo "== localhost health ==" | |
| curl -sS -D- -o /dev/null --max-time 5 http://localhost:3001/health || true | |
| - name: Verify deployment | |
| run: | | |
| for i in 1 2 3 4 5 6; do | |
| HTTP_STATUS=$(curl -s -o /dev/null -w '%{http_code}' https://rixie.in/health) | |
| if [ "$HTTP_STATUS" = "200" ]; then | |
| echo "✓ Deployment verified — health check returned $HTTP_STATUS" | |
| exit 0 | |
| fi | |
| echo "Attempt $i: got $HTTP_STATUS, retrying in 5s..." | |
| sleep 5 | |
| done | |
| echo "✗ Health check failed after 6 attempts" | |
| exit 1 | |
| publish-npm: | |
| name: Publish NPM Package | |
| needs: checks | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: pnpm | |
| - run: pnpm install --frozen-lockfile | |
| - name: Upgrade npm for OIDC Trusted Publishers support | |
| run: npm install -g npm@latest | |
| - name: Publish @openlinear/core (openlinear) | |
| run: | | |
| cd packages/openlinear | |
| LOCAL_VERSION=$(node -p "require('./package.json').version") | |
| REMOTE_VERSION=$(npm view openlinear version 2>/dev/null || echo "0.0.0") | |
| if [ "$LOCAL_VERSION" = "$REMOTE_VERSION" ]; then | |
| echo "Version $LOCAL_VERSION already published, skipping" | |
| exit 0 | |
| fi | |
| npm publish --access public --provenance |