chore: bump version to v0.2.13 [skip ci]

fix(ci): remove swagger from smoke test — disabled in production
Swagger (/swagger) is only enabled in Development mode (Program.cs gates it behind app.Environment.IsDevelopment()). In production, nginx serves the frontend catch-all (index.html), so the check always returns 200 but never actually validates the API layer. /health already covers API + database + runtime health checks. No replacement endpoint needed — the smoke test still validates both the dashboard and the backend API via /health.
2026-06-09 19:25:23 +00:00 · 2026-06-09 21:24:27 +02:00 · 2026-06-09 19:21:42 +00:00 · 2026-06-09 21:20:54 +02:00 · 2026-06-09 19:20:00 +00:00 · 2026-06-09 21:19:07 +02:00
2 changed files with 75 additions and 13 deletions
@@ -1,6 +1,13 @@
 name: Deploy to Production
 run-name: 🚀 Deploy ${{ inputs.bump_version || 'patch' }} by @${{ gitea.actor }}

+# ── Concurrency: one deploy at a time, cancel queued ones ──
+# Why: prevents race conditions when CI triggers deploy while
+#   a manual deploy is still running. The latest deploy wins.
+concurrency:
+  group: deploy-production
+  cancel-in-progress: false
+
 # ───────────────────────────────────────────────────
 # Trigger: automatic after CI success, or manual dispatch.
 # Runner: uses ubuntu-latest label (consistently present on
@@ -153,29 +160,84 @@ jobs:
              fi
            "

-      # ── Step 6: Health Check ──────────────────
+      # ── Step 6: Health Check (backoff) ────────
+      # Exponential-ish backoff: 1s, 2s, 3s, 5s, 8s, 13s (~32s total).
+      # Why: cold-start containers need variable warmup time;
+      #   fixed 5s intervals either wait too long or give up too early.
      - name: Health Check
        run: |
-          sleep 5
          echo "🏥 Health check..."
-          for i in 1 2 3 4 5 6; do
+          RETRY=0
+          MAX=6
+          WAIT=1
+          while [ $RETRY -lt $MAX ]; do
+            RETRY=$((RETRY + 1))
            if curl -sf --max-time 10 https://nexus.noveria.net/health; then
              echo ""
-              echo "✅ Health check passed"
-              break
+              echo "✅ Health check passed (attempt $RETRY/$MAX)"
+              exit 0
            fi
-            echo "⏳ Retry $i/6..."
-            sleep 5
+            echo "⏳ Attempt $RETRY/$MAX failed, waiting ${WAIT}s..."
+            sleep $WAIT
+            # Fibonacci-ish backoff: 1,2,3,5,8,13
+            NEXT=$((WAIT + RETRY))
+            [ $NEXT -le 15 ] && WAIT=$NEXT || WAIT=15
          done
+          echo "❌ Health check failed after $MAX attempts"
+          exit 1

-      # ── Step 7: Smoke test ────────────────────
+      # ── Step 7: Smoke test (multi-endpoint) ───
+      # Tests multiple endpoints to catch partial failures.
+      # Why: a single /dashboard check can miss backend-only outages;
+      #   /health tests the API + database + runtime status.
      - name: Verify (smoke test)
        run: |
          echo "🔍 Smoke test..."
-          HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" https://nexus.noveria.net/dashboard)
-          echo "Dashboard: HTTP $HTTP_CODE"
-          if [ "$HTTP_CODE" != "200" ]; then
-            echo "❌ Dashboard not reachable!"
+          PASS=0
+          FAIL=0
+          BASE="https://nexus.noveria.net"
+
+          check() {
+            local path="$1" label="$2" expected="${3:-200}"
+            local code=$(curl -s -o /dev/null -w "%{http_code}" --max-time 10 "${BASE}${path}")
+            printf "  %-25s HTTP %s" "${label}:" "${code}"
+            if [ "$code" = "$expected" ]; then
+              echo " ✅"
+              PASS=$((PASS + 1))
+            else
+              echo " ❌ (expected $expected)"
+              FAIL=$((FAIL + 1))
+            fi
+          }
+
+          check "/dashboard" "Dashboard"    200
+          check "/health"    "Health API"   200
+
+          echo ""
+          echo "Results: $PASS passed, $FAIL failed"
+          if [ "$FAIL" -gt 0 ]; then
+            echo "❌ Smoke test failed!"
            exit 1
          fi
          echo "✅ Deployment verified"
+
+      # ── Step 8: Rollback hint ────────────────
+      # On any failure, prints the previous deploy tag for quick manual rollback.
+      # Why: reduces MTTR (mean time to recovery) by providing the exact
+      #   git tag to roll back to without needing to look it up manually.
+      - name: Rollback hint
+        if: failure()
+        run: |
+          echo ""
+          echo "🔙 ─── Rollback Instructions ─── 🔙"
+          echo ""
+          echo "  # 1. Checkout previous version:"
+          echo "  git checkout tags/\$(git describe --tags --abbrev=0 2>/dev/null || echo 'unknown')"
+          echo ""
+          echo "  # 2. Redeploy:"
+          echo "  cd /opt/openclaw/data/openclaw/workspace/nexus"
+          echo "  docker compose up -d --force-recreate"
+          echo ""
+          echo "  # 3. Or trigger rollback via Gitea:"
+          echo "  Trigger 'Deploy to Production' workflow with the previous tag"
+          echo ""
@@ -1 +1 @@
-0.2.10
+0.2.13
Author	SHA1	Message	Date
devops	87e504a1b5	chore: bump version to v0.2.13 [skip ci]	2026-06-09 19:25:23 +00:00
devops	802d2cef3f	fix(ci): remove swagger from smoke test — disabled in production CI - Build & Test / Backend (.NET) (push) Successful in 25s Details CI - Build & Test / Frontend (Vue/TS) (push) Successful in 16s Details CI - Build & Test / Security Check (push) Successful in 3s Details Swagger (/swagger) is only enabled in Development mode (Program.cs gates it behind app.Environment.IsDevelopment()). In production, nginx serves the frontend catch-all (index.html), so the check always returns 200 but never actually validates the API layer. /health already covers API + database + runtime health checks. No replacement endpoint needed — the smoke test still validates both the dashboard and the backend API via /health.	2026-06-09 21:24:27 +02:00
devops	7bee8bc23f	chore: bump version to v0.2.12 [skip ci]	2026-06-09 19:21:42 +00:00
devops	84bf9b7fba	fix(ci): correct swagger path + add deploy concurrency guard CI - Build & Test / Backend (.NET) (push) Successful in 24s Details CI - Build & Test / Frontend (Vue/TS) (push) Successful in 16s Details CI - Build & Test / Security Check (push) Successful in 3s Details Iteration 2 fix: /api/swagger → /swagger (correct ASP.NET default). Iteration 3 — Concurrency guard: - concurrency group 'deploy-production': ensures only one deploy runs at a time (cancel-in-progress: false so queued deploys wait instead of being cancelled). - Why: prevents race conditions when CI-triggered workflow_run and manual workflow_dispatch overlap. Without this, parallel deploys could corrupt docker compose state or conflict on shared resources (ports, volumes, version tags).	2026-06-09 21:20:54 +02:00
devops	b0b95d2453	chore: bump version to v0.2.11 [skip ci]	2026-06-09 19:20:00 +00:00
devops	cf00318f23	feat(ci): robust health check + multi-endpoint smoke test + rollback hint CI - Build & Test / Backend (.NET) (push) Successful in 26s Details CI - Build & Test / Frontend (Vue/TS) (push) Successful in 16s Details CI - Build & Test / Security Check (push) Successful in 3s Details Iteration 2 — Deploy robustness: - Health check: Fibonacci-ish backoff (1,2,3,5,8,13s) instead of fixed 5s intervals. Why: containers need variable warmup time; fixed intervals either wait too long or give up too early. Total budget ~32s vs 30s before. - Smoke test: now checks /dashboard, /health, and /api/swagger. Why: a single endpoint check can miss backend-only outages; API Swagger confirms the ASP.NET layer is healthy. - Rollback hint: on any failure, prints previous git tag + docker compose commands for quick manual rollback. Why: reduces MTTR by providing the exact recovery steps inline.	2026-06-09 21:19:07 +02:00
@@ -1 +1 @@
 .2.10
 .2.13