Compare commits
1 Commits
ci/portain
...
0b323ed537
| Author | SHA1 | Date | |
|---|---|---|---|
| 0b323ed537 |
@@ -338,43 +338,41 @@ steps:
|
||||
- security-trivy-orchestrator
|
||||
- security-trivy-web
|
||||
|
||||
# ─── Deploy to Docker Swarm via Portainer API (main only) ─────────────────────
|
||||
# ─── Deploy to Docker Swarm (main only) ─────────────────────
|
||||
|
||||
# ─── Deploy to Docker Swarm via Portainer (main only) ─────────────────────
|
||||
|
||||
deploy-swarm:
|
||||
image: alpine:3
|
||||
environment:
|
||||
SSH_PRIVATE_KEY:
|
||||
from_secret: ssh_private_key
|
||||
SSH_KNOWN_HOSTS:
|
||||
from_secret: ssh_known_hosts
|
||||
PORTAINER_URL:
|
||||
from_secret: portainer_url
|
||||
PORTAINER_API_KEY:
|
||||
from_secret: portainer_api_key
|
||||
PORTAINER_STACK_ID: "121"
|
||||
commands:
|
||||
- apk add --no-cache curl
|
||||
- apk add --no-cache curl openssh-client
|
||||
- |
|
||||
set -e
|
||||
echo "🚀 Deploying to Docker Swarm via Portainer API..."
|
||||
echo "🚀 Deploying to Docker Swarm..."
|
||||
|
||||
# Use Portainer API to update the stack (forces pull of new images)
|
||||
RESPONSE=$(curl -s -w "\n%{http_code}" -X POST \
|
||||
-H "X-API-Key: $PORTAINER_API_KEY" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$PORTAINER_URL/api/stacks/$PORTAINER_STACK_ID/git/redeploy")
|
||||
# Setup SSH for fallback
|
||||
mkdir -p ~/.ssh
|
||||
echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
|
||||
chmod 600 ~/.ssh/known_hosts
|
||||
echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
|
||||
chmod 600 ~/.ssh/id_ed25519
|
||||
|
||||
HTTP_CODE=$(echo "$RESPONSE" | tail -1)
|
||||
BODY=$(echo "$RESPONSE" | head -n -1)
|
||||
|
||||
if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "202" ]; then
|
||||
echo "✅ Stack update triggered successfully"
|
||||
else
|
||||
echo "❌ Stack update failed (HTTP $HTTP_CODE)"
|
||||
echo "$BODY"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Wait for services to converge
|
||||
echo "⏳ Waiting for services to converge..."
|
||||
sleep 30
|
||||
echo "✅ Deploy complete"
|
||||
# Force service updates (images are pulled from public registry)
|
||||
ssh -o StrictHostKeyChecking=no localadmin@10.1.1.45 \
|
||||
"docker service update --with-registry-auth --force mosaic-stack-api && \
|
||||
docker service update --with-registry-auth --force mosaic-stack-web && \
|
||||
docker service update --with-registry-auth --force mosaic-stack-orchestrator && \
|
||||
docker service update --with-registry-auth --force mosaic-stack-coordinator && \
|
||||
echo '✅ All services updated'"
|
||||
when:
|
||||
- branch: [main]
|
||||
event: [push, manual, tag]
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
import { Body, Controller, HttpException, Logger, Post, Req, Res, UseGuards } from "@nestjs/common";
|
||||
import type { Response } from "express";
|
||||
import { AuthGuard } from "../auth/guards/auth.guard";
|
||||
import { SkipCsrf } from "../common/decorators/skip-csrf.decorator";
|
||||
import type { MaybeAuthenticatedRequest } from "../auth/types/better-auth-request.interface";
|
||||
import { ChatStreamDto } from "./chat-proxy.dto";
|
||||
import { ChatProxyService } from "./chat-proxy.service";
|
||||
@@ -15,7 +14,6 @@ export class ChatProxyController {
|
||||
// POST /api/chat/guest
|
||||
// Guest chat endpoint - no authentication required
|
||||
// Uses a shared LLM configuration for unauthenticated users
|
||||
@SkipCsrf()
|
||||
@Post("guest")
|
||||
async guestChat(
|
||||
@Body() body: ChatStreamDto,
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
import { Module } from "@nestjs/common";
|
||||
import { ConfigModule } from "@nestjs/config";
|
||||
import { AuthModule } from "../auth/auth.module";
|
||||
import { AgentConfigModule } from "../agent-config/agent-config.module";
|
||||
import { ContainerLifecycleModule } from "../container-lifecycle/container-lifecycle.module";
|
||||
@@ -8,7 +7,7 @@ import { ChatProxyController } from "./chat-proxy.controller";
|
||||
import { ChatProxyService } from "./chat-proxy.service";
|
||||
|
||||
@Module({
|
||||
imports: [AuthModule, PrismaModule, ContainerLifecycleModule, AgentConfigModule, ConfigModule],
|
||||
imports: [AuthModule, PrismaModule, ContainerLifecycleModule, AgentConfigModule],
|
||||
controllers: [ChatProxyController],
|
||||
providers: [ChatProxyService],
|
||||
exports: [ChatProxyService],
|
||||
|
||||
@@ -280,16 +280,13 @@ export function useChat(options: UseChatOptions = {}): UseChatReturn {
|
||||
}
|
||||
|
||||
// Streaming failed - check if auth error, try guest mode
|
||||
const isAuthError =
|
||||
err instanceof Error &&
|
||||
(err.message.includes("403") ||
|
||||
err.message.includes("401") ||
|
||||
err.message.includes("auth") ||
|
||||
err.message.includes("Forbidden"));
|
||||
const isAuthError = err instanceof Error &&
|
||||
(err.message.includes("403") || err.message.includes("401") ||
|
||||
err.message.includes("auth") || err.message.includes("Forbidden"));
|
||||
|
||||
if (isAuthError) {
|
||||
console.warn("Auth failed, trying guest chat mode");
|
||||
|
||||
|
||||
// Try guest chat streaming
|
||||
try {
|
||||
await new Promise<void>((guestResolve, guestReject) => {
|
||||
|
||||
Reference in New Issue
Block a user