fix(deploy): ensure release tracking outbox path

scripts/deploy/production-api-deploy.sh

@@ -120,6 +120,115 @@ PY
   fi
 }
 
+read_env_value() {
+  local file_path="$1"
+  local key="$2"
+
+  if [[ ! -f "${file_path}" ]]; then
+    return 0
+  fi
+
+  local python_script='
+import sys
+from pathlib import Path
+
+path = Path(sys.argv[1])
+key = sys.argv[2]
+if not path.exists():
+    raise SystemExit(0)
+for raw_line in path.read_text(encoding="utf-8").splitlines():
+    line = raw_line.strip()
+    if not line or line.startswith("#") or "=" not in line:
+        continue
+    current_key, value = line.split("=", 1)
+    if current_key == key:
+        value = value.strip()
+        if len(value) >= 2 and value[0] == value[-1] and value[0] in ("\"", "'\''"):
+            value = value[1:-1]
+        print(value)
+        raise SystemExit(0)
+'
+
+  if [[ -r "${file_path}" ]]; then
+    python3 -c "${python_script}" "${file_path}" "${key}"
+  else
+    if ! sudo -n true >/dev/null 2>&1; then
+      echo "[production-api-deploy] 当前用户无权读取 ${file_path}，且 sudo -n 不可用；无法检查运行态环境变量。" >&2
+      exit 1
+    fi
+    sudo -n python3 -c "${python_script}" "${file_path}" "${key}"
+  fi
+}
+
+ensure_env_value() {
+  local file_path="$1"
+  local key="$2"
+  local default_value="$3"
+  local current_value
+
+  current_value="$(read_env_value "${file_path}" "${key}")"
+  if [[ -n "${current_value}" ]]; then
+    return
+  fi
+
+  echo "[production-api-deploy] 补齐 api-server 环境变量: ${key} -> ${file_path}"
+  write_env_value "${file_path}" "${key}" "${default_value}"
+}
+
+run_privileged() {
+  if [[ "$(id -u)" -eq 0 ]]; then
+    "$@"
+    return
+  fi
+  if ! sudo -n true >/dev/null 2>&1; then
+    echo "[production-api-deploy] 当前用户不是 root，且 sudo -n 不可用；无法执行: $*" >&2
+    exit 1
+  fi
+  sudo -n "$@"
+}
+
+ensure_runtime_dir() {
+  local path="$1"
+  local mode="$2"
+
+  if [[ -z "${path}" ]]; then
+    return
+  fi
+  if [[ "${path}" != /* ]]; then
+    echo "[production-api-deploy] 运行态目录必须使用绝对路径，避免写入只读发布目录: ${path}" >&2
+    exit 1
+  fi
+
+  echo "[production-api-deploy] 确保运行态目录可写: ${path}"
+  run_privileged install -d -o genarrative -g genarrative -m "${mode}" "${path}"
+}
+
+ensure_runtime_env_and_dirs() {
+  local api_env_file="$1"
+  local tracking_enabled tracking_outbox_dir auth_store_path auth_store_dir
+
+  # 旧生产环境文件会被 server-provision 保留，不一定包含新增的运行态写入路径。
+  # 发布前只补缺省值，不覆盖线上已经定制过的目录或开关。
+  ensure_env_value "${api_env_file}" "GENARRATIVE_TRACKING_OUTBOX_ENABLED" "true"
+  ensure_env_value "${api_env_file}" "GENARRATIVE_TRACKING_OUTBOX_DIR" "/var/lib/genarrative/tracking-outbox"
+  ensure_env_value "${api_env_file}" "GENARRATIVE_TRACKING_OUTBOX_BATCH_SIZE" "500"
+  ensure_env_value "${api_env_file}" "GENARRATIVE_TRACKING_OUTBOX_FLUSH_INTERVAL_MS" "1000"
+  ensure_env_value "${api_env_file}" "GENARRATIVE_TRACKING_OUTBOX_MAX_BYTES" "268435456"
+  ensure_env_value "${api_env_file}" "GENARRATIVE_AUTH_STORE_PATH" "/var/lib/genarrative/auth/auth-store.json"
+
+  tracking_enabled="$(read_env_value "${api_env_file}" "GENARRATIVE_TRACKING_OUTBOX_ENABLED")"
+  tracking_outbox_dir="$(read_env_value "${api_env_file}" "GENARRATIVE_TRACKING_OUTBOX_DIR")"
+  if [[ "$(printf "%s" "${tracking_enabled}" | tr '[:upper:]' '[:lower:]')" != "false" ]]; then
+    ensure_runtime_dir "${tracking_outbox_dir}" "0750"
+  fi
+
+  auth_store_path="$(read_env_value "${api_env_file}" "GENARRATIVE_AUTH_STORE_PATH")"
+  if [[ -n "${auth_store_path}" ]]; then
+    auth_store_dir="$(dirname "${auth_store_path}")"
+    ensure_runtime_dir "${auth_store_dir}" "0750"
+  fi
+}
+
 SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd)"
 SOURCE_DIR=""
 VERSION=""
@@ -243,6 +352,8 @@ if [[ -n "${SPACETIME_SERVER_URL}" ]]; then
   write_env_value "${API_ENV_FILE}" "GENARRATIVE_SPACETIME_SERVER_URL" "${SPACETIME_SERVER_URL}"
 fi
 
+ensure_runtime_env_and_dirs "${API_ENV_FILE}"
+
 mkdir -p "$(dirname "${CURRENT_LINK}")"
 ln -sfn "${RELEASE_DIR}" "${CURRENT_LINK}"