AJR/dependency-track
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: AJR:9fafd5cfc308890a36c6877dbe4f593665c6240e
Branches Tags
AJR:main
..
compare: AJR:main
Branches Tags
AJR:main

11 Commits
9fafd5cfc3 ... main

Author SHA1 Message Date
syoul
19917b04cd fix(compose): depends_on service_started — le step healthcheck CI gere l'attente
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-03-20 15:45:39 +01:00
syoul
ec25f02bad fix(compose): suppression EXTRA_JAVA_OPTIONS (non reconnu par DTrack, provoque un crash)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-03-20 15:43:38 +01:00
syoul
1b3b0fed3e change dns dtrack.asycn.io
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2026-03-20 15:40:40 +01:00
syoul
c62000112f fix(ci): docker compose stop avant acme.sh — deregistre les conteneurs de Registrator/Fabio
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-03-19 14:56:10 +01:00
syoul
1652c9181f fix(ci): acme.sh avant docker compose up — evite conflit route Registrator vs well-known challenge
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2026-03-19 14:54:18 +01:00
syoul
47593d5001 fix(ci): suppression consul_token + KV Fabio — routing gere par Registrator via labels
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2026-03-19 14:51:52 +01:00
syoul
aa022ae18e feat(ci): ajout acme.sh TLS + routes Fabio KV :443 dans deploy 2026-03-19 14:50:12 +01:00
syoul
be7c871a39 fix(ci): healthcheck via docker inspect — pas de requete HTTPS publique (Fabio non configure)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2026-03-19 14:45:35 +01:00
syoul
ec078997c0 fix(ci): test-deploy — volume /opt/dtrack manquant + → $VAR (Woodpecker parse bug)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2026-03-19 14:43:59 +01:00
syoul
0d7146f695 ci: relance pipeline (fix healthcheck curl)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2026-03-19 14:42:02 +01:00
syoul
c42ef858be fix(compose): healthcheck plus tolerant + start_period 180s pour 4.14.0 2026-03-19 14:40:30 +01:00
2 changed files with 52 additions and 29 deletions
Expand all files Collapse all files

73
.woodpecker.yml
View File

@@ -51,52 +51,75 @@ steps:
- cd /opt/dtrack && docker compose config - cd /opt/dtrack && docker compose config
- echo "=== pull ===" - echo "=== pull ==="
- cd /opt/dtrack && docker compose pull --no-parallel - cd /opt/dtrack && docker compose pull --no-parallel
- echo "=== stop (deregistre Registrator avant challenge ACME) ==="
- cd /opt/dtrack && docker compose stop
- |
DOMAIN=$(grep '^DTRACK_DOMAIN=' /opt/dtrack/.env | cut -d= -f2)
# --- Certificat TLS ---
# Apres docker compose stop : Registrator a deregistre les conteneurs de Fabio.
# La route globale */.well-known/acme-challenge/* peut repondre sans interference.
# Exit 0 = emis/renouvele, exit 2 = skip (cert valide), autres = erreur
ACME_EXIT=0
docker exec sonic-acme-1 /app/acme.sh \
--home /etc/acme.sh \
--issue -d "$DOMAIN" \
--webroot /usr/share/nginx/html \
--server letsencrypt \
--accountemail support+acme@asycn.io || ACME_EXIT=$?
if [ "$ACME_EXIT" -ne 0 ] && [ "$ACME_EXIT" -ne 2 ]; then
echo "ERREUR: acme.sh a echoue (exit $ACME_EXIT)"
exit 1
fi
docker exec sonic-acme-1 cp /etc/acme.sh/$DOMAIN/fullchain.cer /host/certs/$DOMAIN-cert.pem
docker exec sonic-acme-1 cp /etc/acme.sh/$DOMAIN/$DOMAIN.key /host/certs/$DOMAIN-key.pem
echo "Cert TLS: /host/certs/$DOMAIN-cert.pem OK (acme exit $ACME_EXIT)"
- echo "=== up ===" - echo "=== up ==="
- cd /opt/dtrack && docker compose up -d --remove-orphans - cd /opt/dtrack && docker compose up -d --remove-orphans
- cd /opt/dtrack && docker compose ps - cd /opt/dtrack && docker compose ps
# Fabio routing gere automatiquement par Registrator via les labels SERVICE_* du compose
# TEST deploy : verifie que les conteneurs sont running # TEST deploy : verifie que les conteneurs sont running
# NOTE: pas de ${VAR} (substitue par Woodpecker) — utiliser $VAR sans accolades
- name: test-deploy - name: test-deploy
image: docker:27-cli image: docker:27-cli
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- /opt/dtrack:/opt/dtrack
commands: commands:
- | - |
PROJECT=$(grep '^COMPOSE_PROJECT_NAME=' /opt/dtrack/.env | cut -d= -f2) PROJECT=$(grep '^COMPOSE_PROJECT_NAME=' /opt/dtrack/.env | cut -d= -f2)
for CONTAINER in apiserver frontend; do STATUS=$(docker inspect --format '{{.State.Status}}' "$PROJECT-apiserver" 2>/dev/null || echo "absent")
STATUS=$(docker inspect --format '{{.State.Status}}' "${PROJECT}-${CONTAINER}" 2>/dev/null || echo "absent") echo "$PROJECT-apiserver : $STATUS"
echo "${PROJECT}-${CONTAINER} : $STATUS" [ "$STATUS" = "running" ] || { echo "FAIL: apiserver non running"; exit 1; }
[ "$STATUS" = "running" ] || { echo "FAIL: ${CONTAINER} non running"; exit 1; } echo "PASS: apiserver running"
echo "PASS: ${CONTAINER} running" STATUS=$(docker inspect --format '{{.State.Status}}' "$PROJECT-frontend" 2>/dev/null || echo "absent")
done echo "$PROJECT-frontend : $STATUS"
[ "$STATUS" = "running" ] || { echo "FAIL: frontend non running"; exit 1; }
echo "PASS: frontend running"
# Etape 3 : Healthcheck HTTP sur l'apiserver # Etape 3 : Healthcheck via Docker — poll le statut interne du conteneur
# Pas de requete HTTPS publique : Fabio/TLS ne sont pas encore configures ici
- name: healthcheck - name: healthcheck
image: alpine:3.20 image: docker:27-cli
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /opt/dtrack:/opt/dtrack
commands: commands:
- apk add --no-cache --quiet curl
- | - |
DOMAIN=$(grep '^DTRACK_DOMAIN=' .env.deploy | cut -d= -f2) PROJECT=$(grep '^COMPOSE_PROJECT_NAME=' /opt/dtrack/.env | cut -d= -f2)
if [ -z "$DOMAIN" ]; then echo "Attente healthcheck Docker sur $PROJECT-apiserver (max 5 min)..."
echo "ERREUR: DTRACK_DOMAIN non defini dans .env.deploy" MAX=30
exit 1
fi
TARGET="https://$DOMAIN/api/version"
echo "Healthcheck sur $TARGET (max 2 minutes)..."
MAX=12
i=0 i=0
until [ $i -ge $MAX ]; do until [ $i -ge $MAX ]; do
RESPONSE=$(curl -sf "$TARGET" 2>/dev/null) HEALTH=$(docker inspect --format '{{.State.Health.Status}}' "$PROJECT-apiserver" 2>/dev/null || echo "absent")
if [ $? -eq 0 ]; then echo "Tentative $((i+1))/$MAX — $PROJECT-apiserver : $HEALTH"
echo "PASS: apiserver repond" [ "$HEALTH" = "healthy" ] && echo "PASS: apiserver healthy" && exit 0
echo "version: $RESPONSE" [ "$HEALTH" = "absent" ] && echo "FAIL: conteneur introuvable" && exit 1
exit 0
fi
i=$((i+1)) i=$((i+1))
echo "Tentative $i/$MAX - retry dans 10s"
sleep 10 sleep 10
done done
echo "ERREUR: apiserver ne repond pas apres 2 minutes" echo "FAIL: apiserver non healthy apres 5 minutes"
exit 1 exit 1
# Notification en cas d'echec # Notification en cas d'echec

8
docker-compose.yml
View File

@@ -14,11 +14,11 @@ services:
volumes: volumes:
- dtrack_data:/data - dtrack_data:/data
healthcheck: healthcheck:
test: ["CMD", "wget", "-qO-", "http://localhost:8080/api/version"] test: ["CMD-SHELL", "wget -qO- http://localhost:8080/api/version || curl -sf http://localhost:8080/api/version"]
interval: 30s interval: 30s
timeout: 10s timeout: 10s
retries: 5 retries: 10
start_period: 120s # ~60-90s au premier démarrage start_period: 180s # 4.14.0 peut prendre jusqu'a 3 min au premier demarrage
networks: networks:
- dtrack-net - dtrack-net
- sonic - sonic
@@ -40,7 +40,7 @@ services:
API_BASE_URL: https://${DTRACK_DOMAIN} API_BASE_URL: https://${DTRACK_DOMAIN}
depends_on: depends_on:
apiserver: apiserver:
condition: service_healthy condition: service_started
networks: networks:
- dtrack-net - dtrack-net
- sonic - sonic