justin/new-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
new-site/deploy.sh
justin 00c960f5b5 build: pin payments to version-15 + stage apps in deploy.sh erpnext 
Two build fixes surfaced while shipping the set-password rename:

1. erpnext/Dockerfile cloned frappe/payments unpinned; its default branch now
   requires Python >=3.14 while frappe/erpnext:v15 ships 3.11, so the image
   build failed with 'Package payments requires a different Python'. Pin the
   clone to --branch version-15.

2. deploy.sh built the erpnext image without first staging the custom Frappe
   apps into the build context (erpnext/build.sh). That meant a baked-code
   change could silently ship stale code. Stage apps when erpnext is built.
2026-06-02 23:13:01 -05:00

72 lines
3.1 KiB
Bash
Executable file
Raw Blame History

#!/usr/bin/env bash
# Deploy latest code from git and rebuild containers.
# Usage: ./deploy.sh (rebuilds site, api, workers)
# ./deploy.sh site (rebuilds only site)
# ./deploy.sh api (rebuilds only api)
# ./deploy.sh erpnext (rebuild + migrate ERPNext, re-extract assets)
# ./deploy.sh api workers (rebuild a custom set)
set -euo pipefail
cd /opt/performancewest
SERVICES="${@:-site api workers}"
echo "=== Pulling latest from git ==="
git pull origin main
echo ""
echo "=== Building: $SERVICES ==="
# ERPNext bakes the custom Frappe apps into its image, so they must be staged
# into the build context (erpnext/<app>/) from the repo first. Without this,
# `docker compose build erpnext` would use stale app copies and silently ship
# old code (e.g. the set-password controller rename would never take effect).
case " $SERVICES " in
*" erpnext "*) echo "--- staging custom Frappe apps ---"; bash erpnext/build.sh ;;
esac
docker compose build $SERVICES
echo ""
echo "=== Restarting: $SERVICES ==="
docker compose up -d $SERVICES
# ── ERPNext: migrate, then ALWAYS re-extract the host asset copy ─────────────
# Frappe emits content-hashed asset filenames; an ERPNext rebuild/migrate
# changes the hashes. If we don't re-sync the host copy that nginx serves for
# portal.performancewest.net, every asset 404s and the portal loses all CSS.
# So any time erpnext is (re)built we run bench migrate + re-extract assets.
case " $SERVICES " in
*" erpnext "*)
echo ""
echo "=== ERPNext: bench migrate ==="
docker compose exec -T erpnext bench --site performancewest.net migrate || \
docker compose exec -T erpnext bench migrate || true
echo ""
echo "=== ERPNext: re-extracting static assets for the portal ==="
sudo ./extract-erpnext-assets.sh
;;
esac
echo ""
echo "=== Clearing nginx cache ==="
sudo rm -rf /var/cache/nginx/* 2>/dev/null || true
sudo nginx -s reload 2>/dev/null || true
# ── Portal asset drift guard ────────────────────────────────────────────────
# Cheap safety net on EVERY deploy: if the portal's manifest references a CSS
# bundle that is missing from the host copy, the portal CSS is broken — detect
# it and auto-heal by re-extracting. This catches drift from any source
# (out-of-band ERPNext restarts, image pulls, etc.).
if docker inspect performancewest-erpnext-1 >/dev/null 2>&1; then
LOGIN_HASH="$(docker exec performancewest-erpnext-1 sh -c \
"grep -o 'login.bundle.[A-Z0-9]*.css' /home/frappe/frappe-bench/sites/assets/assets.json | head -1" 2>/dev/null || true)"
if [ -n "$LOGIN_HASH" ] && \
[ ! -f "/opt/erpnext-assets/assets/frappe/dist/css/${LOGIN_HASH}" ]; then
echo ""
echo "=== Portal asset drift detected (${LOGIN_HASH} missing) — re-extracting ==="
sudo ./extract-erpnext-assets.sh
fi
fi
echo ""
echo "=== Done ==="
git log --oneline -1
docker compose ps --format "table {{.Name}}\t{{.Status}}" | head -10
Reference in a new issue View git blame Copy permalink