补充 release SpacetimeDB 健康检查与巡检防回退

增加 SpacetimeDB 阶段化健康检查与 /readyz 阶段输出记录 procedure/reducer/read 失败的阶段和耗时补充 release 健康巡检 systemd timer 与生产 ops 预检同步 API 构建部署、provision 脚本和运维文档
2026-06-10 11:35:39 +08:00
parent 7aafb37f04
commit 9db467d23f
17 changed files with 1147 additions and 70 deletions
--- a/scripts/check-production-ops-guardrails.mjs
+++ b/scripts/check-production-ops-guardrails.mjs
@@ -0,0 +1,64 @@
+#!/usr/bin/env node
+
+import {readFileSync} from 'node:fs';
+
+const checks = [
+  {
+    file: 'deploy/systemd/genarrative-database-backup.service',
+    includes: '--restart-service-after genarrative-api.service',
+    reason: '生产冷备份恢复 SpacetimeDB 后必须显式拉起依赖它的 API 服务。',
+  },
+  {
+    file: 'deploy/systemd/genarrative-health-patrol.service',
+    includes: 'scripts/ops/production-health-patrol.mjs',
+    reason: '健康巡检 systemd service 必须调用随 API release 发布的巡检脚本。',
+  },
+  {
+    file: 'deploy/systemd/genarrative-health-patrol.timer',
+    includes: 'genarrative-health-patrol.service',
+    reason: '健康巡检 timer 必须绑定巡检 service。',
+  },
+  {
+    file: 'scripts/jenkins-server-provision.sh',
+    includes: 'genarrative-health-patrol.timer',
+    reason: 'Server-Provision 必须安装并启用健康巡检 timer。',
+  },
+  {
+    file: 'scripts/build-production-release.sh',
+    includes: 'production-health-patrol.mjs',
+    reason: '生产 API release 必须携带健康巡检脚本。',
+  },
+  {
+    file: 'scripts/deploy/production-api-deploy.sh',
+    includes: 'production-health-patrol.mjs',
+    reason: 'API deploy 必须把健康巡检脚本复制到 current release。',
+  },
+  {
+    file: 'jenkins/Jenkinsfile.production-api-build',
+    includes: 'scripts/ops/production-health-patrol.mjs',
+    reason: 'API Build 归档必须包含健康巡检脚本。',
+  },
+  {
+    file: 'jenkins/Jenkinsfile.production-api-deploy',
+    includes: 'scripts/ops/production-health-patrol.mjs',
+    reason: 'API Deploy 复制上游产物时必须包含健康巡检脚本。',
+  },
+];
+
+let failed = false;
+
+for (const check of checks) {
+  const content = readFileSync(check.file, 'utf8');
+  if (!content.includes(check.includes)) {
+    failed = true;
+    console.error(
+      `[check:production-ops] ${check.file} 缺少 ${check.includes}。${check.reason}`,
+    );
+  }
+}
+
+if (failed) {
+  process.exit(1);
+}
+
+console.log('[check:production-ops] OK');