284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
146 lines
6.0 KiB
YAML
146 lines
6.0 KiB
YAML
name: Citus Migration Smoke
|
|
|
|
# Production EE runs on Citus, but every other migration check runs on plain
|
|
# Postgres — so the Citus branches in the migrations (create_distributed_table,
|
|
# reference tables, colocation guards) are otherwise never exercised before
|
|
# they reach a real cluster. This job runs the combined CE+EE migration chain
|
|
# (the same merge recipe as validate-tenant-management.yaml and
|
|
# setup/entrypoint.sh — the only live migration path) against a fresh
|
|
# single-node Citus and asserts distribution actually happened.
|
|
#
|
|
# pgvector note: the official Citus image does not ship pgvector, so the
|
|
# vector-dependent pieces of the EE AI migrations skip themselves via their
|
|
# pg_available_extensions guard. The vector path is covered by
|
|
# validate-tenant-management.yaml, which runs the same combined chain against
|
|
# ankane/pgvector. Between the two jobs, both dimensions are exercised without
|
|
# maintaining a custom citus+pgvector image.
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
pull_request:
|
|
paths:
|
|
- 'server/migrations/**'
|
|
- 'ee/server/migrations/**'
|
|
- '.github/workflows/citus-migration-smoke.yml'
|
|
push:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- 'server/migrations/**'
|
|
- 'ee/server/migrations/**'
|
|
|
|
jobs:
|
|
citus-migrate:
|
|
name: Combined migrations on single-node Citus
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 45
|
|
|
|
services:
|
|
citus:
|
|
image: citusdata/citus:12.1
|
|
env:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: citus_test
|
|
POSTGRES_DB: postgres
|
|
ports:
|
|
- 5432:5432
|
|
options: >-
|
|
--health-cmd "pg_isready -U postgres"
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
|
|
env:
|
|
DB_HOST: localhost
|
|
DB_PORT: '5432'
|
|
DB_USER_ADMIN: postgres
|
|
DB_PASSWORD_ADMIN: citus_test
|
|
DB_USER_SERVER: app_user
|
|
DB_PASSWORD_SERVER: citus_test
|
|
DB_NAME_SERVER: server
|
|
PGPASSWORD: citus_test
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
|
|
- name: Upgrade npm to version 11
|
|
run: npm install -g npm@11
|
|
|
|
# No npm install fallback: a failing npm ci means the lockfile is out of
|
|
# sync with a package.json — fail loudly (see unit/integration workflows).
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Wait for Citus to be ready
|
|
run: |
|
|
until pg_isready -h localhost -p 5432 -U postgres; do
|
|
echo "Waiting for citus..."
|
|
sleep 2
|
|
done
|
|
|
|
- name: Create database, role, and citus extension
|
|
run: |
|
|
psql -h localhost -U postgres -c "CREATE DATABASE server;"
|
|
psql -h localhost -U postgres -c "CREATE ROLE app_user WITH LOGIN PASSWORD 'citus_test';"
|
|
psql -h localhost -U postgres -d server -c "CREATE EXTENSION citus;"
|
|
# Keep shard fan-out small: hundreds of distributed tables x default
|
|
# 32 shards would create tens of thousands of shard relations.
|
|
psql -h localhost -U postgres -d server -c "ALTER DATABASE server SET citus.shard_count = 4;"
|
|
|
|
- name: Run combined CE+EE migrations
|
|
run: |
|
|
# Same merge recipe as setup/entrypoint.sh and validate-tenant-management.yaml.
|
|
mkdir -p server/combined-migrations
|
|
cp server/migrations/*.cjs server/combined-migrations/ 2>/dev/null || true
|
|
cp -r server/migrations/utils server/combined-migrations/ 2>/dev/null || true
|
|
cp ee/server/migrations/*.cjs server/combined-migrations/ 2>/dev/null || true
|
|
cp -r ee/server/migrations/utils server/combined-migrations/ 2>/dev/null || true
|
|
|
|
cat > server/knexfile-combined.cjs << 'EOF'
|
|
module.exports = {
|
|
migration: {
|
|
client: 'pg',
|
|
connection: {
|
|
host: process.env.DB_HOST || 'localhost',
|
|
port: process.env.DB_PORT || '5432',
|
|
user: process.env.DB_USER_ADMIN || 'postgres',
|
|
password: process.env.DB_PASSWORD_ADMIN,
|
|
database: process.env.DB_NAME_SERVER || 'server',
|
|
},
|
|
pool: { min: 2, max: 20 },
|
|
migrations: { directory: './combined-migrations', loadExtensions: ['.cjs'] }
|
|
}
|
|
};
|
|
EOF
|
|
|
|
cd server && npx knex migrate:latest --knexfile knexfile-combined.cjs --env migration
|
|
|
|
- name: Assert tables were distributed
|
|
run: |
|
|
DISTRIBUTED=$(psql -h localhost -U postgres -d server -tAc "SELECT count(*) FILTER (WHERE partmethod = 'h') FROM pg_dist_partition;")
|
|
REFERENCE=$(psql -h localhost -U postgres -d server -tAc "SELECT count(*) FILTER (WHERE partmethod = 'n' AND repmodel = 't') FROM pg_dist_partition;")
|
|
echo "Distributed tables: $DISTRIBUTED, reference tables: $REFERENCE"
|
|
psql -h localhost -U postgres -d server -c "SELECT logicalrelid::regclass AS table_name, CASE WHEN partmethod = 'h' THEN 'distributed' WHEN repmodel = 't' THEN 'reference' ELSE 'citus-local' END AS type FROM pg_dist_partition ORDER BY 2, 1;"
|
|
# A green run distributes ~160 tables; 100 is a safe floor that still
|
|
# catches wholesale silent breakage.
|
|
if [ "$DISTRIBUTED" -lt 100 ]; then
|
|
echo "::error::Only $DISTRIBUTED tables distributed (expected ~160) — Citus branches of the migrations did not run."
|
|
exit 1
|
|
fi
|
|
# Cornerstone tables that must be distributed for the schema to work
|
|
# at all on Citus.
|
|
for t in tenants users clients contacts tickets projects documents comments workflow_tasks; do
|
|
STATE=$(psql -h localhost -U postgres -d server -tAc "SELECT partmethod FROM pg_dist_partition WHERE logicalrelid = '$t'::regclass;")
|
|
if [ "$STATE" != "h" ]; then
|
|
echo "::error::Table $t is not distributed (partmethod='$STATE')."
|
|
exit 1
|
|
fi
|
|
done
|