feat: enhance deployment workflow with SSH key setup and improve health check configurations

AbaSheger · AbaSheger · commit c517060124a9 · 2025-03-19T00:39:10.000+01:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -144,27 +144,30 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      # SINGLE SSH KEY SETUP METHOD
+      - name: Set up SSH key
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.VM_IP_ADDRESS }} >> ~/.ssh/known_hosts
+
       - name: Deploy to Oracle VM
         env:
-          ORACLE_VM_IP: ${{ secrets.ORACLE_VM_IP }}
-          SSH_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+          ORACLE_VM_IP: ${{ secrets.VM_IP_ADDRESS }}
           DOCKER_REGISTRY: ${{ secrets.OCI_REGISTRY }}
           OCI_USERNAME: ${{ secrets.OCI_USERNAME }}
           OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
         run: |
-          # Create SSH key file
-          echo "$SSH_KEY" > ssh_key.pem
-          chmod 600 ssh_key.pem
-          
           # Verify VM connection
-          ssh -o StrictHostKeyChecking=no -i ssh_key.pem opc@${ORACLE_VM_IP} "echo VM connection verified"
+          ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa opc@${ORACLE_VM_IP} "echo VM connection verified"
           
           # Create directory and copy docker-compose file
-          ssh -o StrictHostKeyChecking=no -i ssh_key.pem opc@${ORACLE_VM_IP} "mkdir -p ~/music-analytics/vm-deploy"
-          scp -o StrictHostKeyChecking=no -i ssh_key.pem cloud-deploy/docker-compose.direct.yml opc@${ORACLE_VM_IP}:~/music-analytics/vm-deploy/docker-compose.yml
+          ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa opc@${ORACLE_VM_IP} "mkdir -p ~/music-analytics/vm-deploy"
+          scp -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa cloud-deploy/docker-compose.direct.yml opc@${ORACLE_VM_IP}:~/music-analytics/vm-deploy/docker-compose.yml
           
           # Execute deployment commands directly
-          ssh -o StrictHostKeyChecking=no -i ssh_key.pem opc@${ORACLE_VM_IP} "cd ~/music-analytics/vm-deploy && \
+          ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa opc@${ORACLE_VM_IP} "cd ~/music-analytics/vm-deploy && \
             docker login ${DOCKER_REGISTRY} -u ${OCI_USERNAME} -p ${OCI_AUTH_TOKEN} && \
             export ORACLE_EXTERNAL_HOSTNAME=music-analytics.abenezeranglo.uk && \
             export EUREKA_CLIENT_SERVICEURL_DEFAULTZONE=http://eureka-server:8761/eureka/ && \
@@ -174,18 +177,16 @@ jobs:
             docker-compose up -d && \
             docker-compose ps && \
             docker logout ${DOCKER_REGISTRY}"
-          
-          # Clean up
-          rm -f ssh_key.pem
 
       - name: Log out from Oracle Container Registry
         if: always()
         run: docker logout ${{ secrets.OCI_REGISTRY }}
 
-      - name: Collect container logs on failure
+      # CONSOLIDATED DEBUG COMMAND
+      - name: Debug on failure
         if: failure()
         run: |
-          ssh -i ${{ secrets.SSH_PRIVATE_KEY }} ${{ secrets.SSH_USERNAME }}@${{ secrets.VM_IP_ADDRESS }} '
+          ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa ${{ secrets.SSH_USERNAME }}@${{ secrets.VM_IP_ADDRESS }} '
             echo "==== EUREKA SERVER LOGS ====" &&
             docker logs vm-deploy-eureka-server-1
           '
diff --git a/cloud-deploy/docker-compose.direct.yml b/cloud-deploy/docker-compose.direct.yml
@@ -1,24 +1,21 @@
+version: '3.8'
+
 services:
   # Place Eureka server first with healthcheck
   eureka-server:
-    build:
-      context: ./eureka-server
+    image: ${DOCKER_REGISTRY}/music-analytics/eureka-server:latest
     ports:
       - "8761:8761"
     environment:
-      - SPRING_PROFILES_ACTIVE=production
+      - SPRING_PROFILES_ACTIVE=docker
       - SERVER_PORT=8761
-      - EUREKA_CLIENT_SERVICEURL_DEFAULTZONE=http://localhost:8761/eureka/
-      - ORACLE_EXTERNAL_HOSTNAME=${ORACLE_EXTERNAL_HOSTNAME}
-      - RENDER_EXTERNAL_HOSTNAME=disabled
-      - SPRING_CLOUD_SERVICE-REGISTRY_AUTO-REGISTRATION_ENABLED=false
     restart: unless-stopped
     healthcheck:
-      test: ["CMD-SHELL", "curl -f http://localhost:8761/actuator/health || exit 1"]
+      test: ["CMD", "wget", "-q", "--spider", "http://localhost:8761/actuator/health"]
       interval: 30s
       timeout: 10s
       retries: 5
-      start_period: 60s
+      start_period: 120s
 
   # API Gateway depends on healthy Eureka server
   api-gateway:
diff --git a/eureka-server/Dockerfile b/eureka-server/Dockerfile
@@ -1,11 +1,10 @@
 # Build stage
 FROM amazoncorretto:17-alpine as builder
-# Install binutils for jlink
-RUN apk add --no-cache binutils
 WORKDIR /app
-COPY target/eureka-server-1.0-SNAPSHOT.jar app.jar
-RUN jlink \
-    --add-modules java.base,java.logging,java.xml,java.sql,java.naming,java.desktop,java.security.jgss,java.instrument,jdk.unsupported,java.management,java.management.rmi \
+COPY eureka-server.jar app.jar
+RUN apk add --no-cache binutils \
+    && jlink \
+    --add-modules java.base,java.logging,java.xml,java.sql,java.naming,java.desktop,java.security.jgss,java.instrument,jdk.unsupported \
     --strip-debug \
     --no-man-pages \
     --no-header-files \
@@ -19,16 +18,22 @@ ENV PATH="${JAVA_HOME}/bin:${PATH}"
 COPY --from=builder /javaruntime $JAVA_HOME
 COPY --from=builder /app/app.jar /app.jar
 
-# Install wget for healthcheck - moved before user creation
+# Install wget and curl for health check
 RUN apk add --no-cache wget curl
 
 # Create non-root user
 RUN addgroup -S spring && adduser -S spring -G spring
-USER spring:spring
+RUN chown -R spring:spring /app.jar
 
-# Configure health check - using a more reliable approach
-HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=5 \
-    CMD wget -q --spider http://localhost:8761/actuator/health || exit 0
+# Set proper permissions
+USER spring:spring
 
+# Expose port
 EXPOSE 8761
-ENTRYPOINT ["java", "-XX:+UseContainerSupport", "-XX:MaxRAMPercentage=75.0", "-jar", "/app.jar"]
+
+# Configure health check - with longer start time and using 0.0.0.0 instead of localhost
+HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=5 \
+    CMD wget -q --spider http://127.0.0.1:8761/actuator/health || exit 1
+
+# Use more memory and enable debug options
+ENTRYPOINT ["java", "-Xms256m", "-Xmx512m", "-XX:+UseContainerSupport", "-XX:MaxRAMPercentage=75.0", "-Dspring.profiles.active=docker", "-jar", "/app.jar"]
diff --git a/eureka-server/src/main/resources/application.yml b/eureka-server/src/main/resources/application.yml
@@ -11,6 +11,8 @@ eureka:
   client:
     registerWithEureka: false
     fetchRegistry: false
+    serviceUrl:
+      defaultZone: http://${eureka.instance.hostname}:${server.port}/eureka/
   server:
     wait-time-in-ms-when-sync-empty: 0
 
