@@ -126,6 +126,7 @@ DEPLOY_ITEMS=(
|
||||
"web"
|
||||
"web-server.mjs"
|
||||
)
|
||||
PREVIOUS_MIGRATION_BOOTSTRAP_SECRET_NAME="migration-bootstrap-secret.previous.txt"
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case "$1" in
|
||||
@@ -208,6 +209,70 @@ run_hook() {
|
||||
)
|
||||
}
|
||||
|
||||
previous_migration_bootstrap_secret_file() {
|
||||
printf "%s/deploy-state/%s" "${DEPLOY_DIR}" "${PREVIOUS_MIGRATION_BOOTSTRAP_SECRET_NAME}"
|
||||
}
|
||||
|
||||
save_previous_migration_bootstrap_secret() {
|
||||
local source_file="${DEPLOY_DIR}/migration-bootstrap-secret.txt"
|
||||
local state_dir="${DEPLOY_DIR}/deploy-state"
|
||||
local target_file
|
||||
|
||||
target_file="$(previous_migration_bootstrap_secret_file)"
|
||||
mkdir -p "${state_dir}" || {
|
||||
echo "[jenkins-deploy] 创建部署状态目录失败: ${state_dir}" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# 旧迁移密钥属于部署阶段要维护的状态,不再写入 run/,避免 sudo 启停生成的 root 私有 pid 目录阻断覆盖部署。
|
||||
cp "${source_file}" "${target_file}" || {
|
||||
echo "[jenkins-deploy] 保存旧模块迁移引导密钥失败: ${target_file}" >&2
|
||||
exit 1
|
||||
}
|
||||
chmod 600 "${target_file}" 2>/dev/null || true
|
||||
echo "[jenkins-deploy] 已保存旧模块迁移引导密钥,用于 schema 冲突时导出旧库。"
|
||||
}
|
||||
|
||||
clear_previous_migration_bootstrap_secret() {
|
||||
local target_file
|
||||
|
||||
target_file="$(previous_migration_bootstrap_secret_file)"
|
||||
if [[ ! -e "${target_file}" ]]; then
|
||||
return
|
||||
fi
|
||||
|
||||
rm -f "${target_file}" || {
|
||||
echo "[jenkins-deploy] 清理旧迁移引导密钥快照失败: ${target_file}" >&2
|
||||
exit 1
|
||||
}
|
||||
}
|
||||
|
||||
normalize_start_previous_secret_path() {
|
||||
local start_file="${DEPLOY_DIR}/start.sh"
|
||||
local legacy_line='PREVIOUS_MIGRATION_BOOTSTRAP_SECRET_FILE="${SCRIPT_DIR}/run/migration-bootstrap-secret.previous.txt"'
|
||||
local state_line='PREVIOUS_MIGRATION_BOOTSTRAP_SECRET_FILE="${SCRIPT_DIR}/deploy-state/migration-bootstrap-secret.previous.txt"'
|
||||
local temp_file="${start_file}.tmp.$$"
|
||||
|
||||
if [[ ! -f "${start_file}" ]]; then
|
||||
return
|
||||
fi
|
||||
|
||||
if grep -Fq "${legacy_line}" "${start_file}"; then
|
||||
# 兼容已经构建出的旧发布包:部署阶段统一让 start.sh 从 Jenkins 可写的部署状态目录读取旧密钥。
|
||||
awk -v legacy="${legacy_line}" -v state="${state_line}" '
|
||||
$0 == legacy {
|
||||
print state
|
||||
next
|
||||
}
|
||||
{
|
||||
print
|
||||
}
|
||||
' "${start_file}" >"${temp_file}"
|
||||
cp "${temp_file}" "${start_file}"
|
||||
rm -f "${temp_file}"
|
||||
fi
|
||||
}
|
||||
|
||||
if [[ ! -d "${SOURCE_DIR}" ]]; then
|
||||
echo "[jenkins-deploy] 发布目录不存在: ${SOURCE_DIR}" >&2
|
||||
exit 1
|
||||
@@ -232,12 +297,9 @@ else
|
||||
fi
|
||||
|
||||
if [[ -f "${DEPLOY_DIR}/migration-bootstrap-secret.txt" ]]; then
|
||||
mkdir -p "${DEPLOY_DIR}/run"
|
||||
cp "${DEPLOY_DIR}/migration-bootstrap-secret.txt" "${DEPLOY_DIR}/run/migration-bootstrap-secret.previous.txt"
|
||||
chmod 600 "${DEPLOY_DIR}/run/migration-bootstrap-secret.previous.txt" 2>/dev/null || true
|
||||
echo "[jenkins-deploy] 已保存旧模块迁移引导密钥,用于 schema 冲突时导出旧库。"
|
||||
save_previous_migration_bootstrap_secret
|
||||
else
|
||||
rm -f "${DEPLOY_DIR}/run/migration-bootstrap-secret.previous.txt" 2>/dev/null || true
|
||||
clear_previous_migration_bootstrap_secret
|
||||
fi
|
||||
|
||||
echo "[jenkins-deploy] 清空部署目录: ${DEPLOY_DIR}"
|
||||
@@ -262,6 +324,8 @@ for item in "${DEPLOY_ITEMS[@]}"; do
|
||||
fi
|
||||
done
|
||||
|
||||
normalize_start_previous_secret_path
|
||||
|
||||
chmod +x "${DEPLOY_DIR}/start.sh"
|
||||
|
||||
if [[ -f "${DEPLOY_DIR}/stop.sh" ]]; then
|
||||
|
||||
Reference in New Issue
Block a user