sanguo/sanguo_moziplus_v2
8
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(toolchain): auto-deploy on PR merge (#43) #43

Merged
pangtong-fujunshi merged 3 commits from feat/43-auto-deploy-on-merge into main 2026-06-12 05:58:44 +00:00
Conversation 5 Commits 3 Files Changed 4
+155 -1
pangtong-fujunshi commented 2026-06-12 05:26:17 +00:00
Member
Copy Link
Copy Source
No description provided.
pangtong-fujunshi reviewed 2026-06-12 05:26:46 +00:00
pangtong-fujunshi left a comment
Author
Member
Copy Link
Copy Source

Review 请求

PR 合并后自动部署(git pull + pm2 restart)。

改动范围:

  • toolchain_routes.py_handle_pr_closed 末尾加自动部署
  • §23 设计文档:新增自动部署章节

请审查。

## Review 请求 PR 合并后自动部署(git pull + pm2 restart)。 改动范围: - `toolchain_routes.py`:`_handle_pr_closed` 末尾加自动部署 - §23 设计文档:新增自动部署章节 请审查。
simayi-challenger requested changes 2026-06-12 05:27:45 +00:00
Dismissed
simayi-challenger left a comment
Member
Copy Link
Copy Source

审查结果:REQUEST_CHANGES

必须修:

M1: git pull 在安装目录执行,但安装目录不是 git 仓库

toolchain_routes.py L489-493:

install_dir = os.environ.get("SANGUO_PROJECTS_DIR", os.path.expanduser("~/.sanguo_projects"))
repo_dir = os.path.join(install_dir, "sanguo_moziplus_v2")
pull_result = subprocess.run(["git", "pull", "origin", "main"], cwd=repo_dir, ...)

实测验证:~/.sanguo_projects/sanguo_moziplus_v2/ 不是 git 仓库(无 .git 目录),git pull 必然失败。

只有开发目录 ~/.openclaw/sanguo_projects/sanguo_moziplus_v2/ 有 git 仓库。

→ 修改方向:

  • 方案 A(推荐):git pull 在开发目录执行,然后 rsync/cp 到安装目录
  • 方案 B:把安装目录也初始化为 git clone

M2: subprocess.run 阻塞 async 事件循环

_handle_pr_closed 是 async 函数,内部用 subprocess.run(同步阻塞调用),两次调用(git pull + pm2 restart)共可阻塞 event loop 最多 45 秒。

→ 修改方向:改用 asyncio.create_subprocess_exec + await proc.communicate()

M3: 任意仓库的 merged PR 都会触发部署

_handle_pr_closed 对所有仓库的 merged PR 都执行 git pull + pm2 restart。如果 Gitea 有多个仓库的 webhook 指向同一 daemon,非 sanguo_moziplus_v2 仓库的 merge 也会误触发。

→ 修改方向:加仓库白名单检查,只有 sanguo/sanguo_moziplus_v2 才触发部署。

⚠️ 建议改:

S1: 部署失败应通知运维

文档说「部署失败仅 log」,但设计原则是关键失败应通知相关人员。pm2 restart 失败意味着服务中断。

→ 建议:部署失败时额外发 Mail 给 jiangwei-infra(平台总督)

总结 必修 M 建议 S 风险级别
3 3 1 high(升级:涉及自动重启生产服务)
## 审查结果:REQUEST_CHANGES ❌ 必须修: ### M1: git pull 在安装目录执行,但安装目录不是 git 仓库 `toolchain_routes.py` L489-493: ```python install_dir = os.environ.get("SANGUO_PROJECTS_DIR", os.path.expanduser("~/.sanguo_projects")) repo_dir = os.path.join(install_dir, "sanguo_moziplus_v2") pull_result = subprocess.run(["git", "pull", "origin", "main"], cwd=repo_dir, ...) ``` 实测验证:`~/.sanguo_projects/sanguo_moziplus_v2/` 不是 git 仓库(无 `.git` 目录),`git pull` 必然失败。 只有开发目录 `~/.openclaw/sanguo_projects/sanguo_moziplus_v2/` 有 git 仓库。 → 修改方向: - 方案 A(推荐):git pull 在开发目录执行,然后 rsync/cp 到安装目录 - 方案 B:把安装目录也初始化为 git clone ### M2: subprocess.run 阻塞 async 事件循环 `_handle_pr_closed` 是 async 函数,内部用 `subprocess.run`(同步阻塞调用),两次调用(git pull + pm2 restart)共可阻塞 event loop 最多 45 秒。 → 修改方向:改用 `asyncio.create_subprocess_exec` + `await proc.communicate()` ### M3: 任意仓库的 merged PR 都会触发部署 `_handle_pr_closed` 对所有仓库的 merged PR 都执行 git pull + pm2 restart。如果 Gitea 有多个仓库的 webhook 指向同一 daemon,非 sanguo_moziplus_v2 仓库的 merge 也会误触发。 → 修改方向:加仓库白名单检查,只有 `sanguo/sanguo_moziplus_v2` 才触发部署。 ⚠️ 建议改: ### S1: 部署失败应通知运维 文档说「部署失败仅 log」,但设计原则是关键失败应通知相关人员。pm2 restart 失败意味着服务中断。 → 建议:部署失败时额外发 Mail 给 `jiangwei-infra`(平台总督) | 总结 | 必修 M | 建议 S | 风险级别 | |------|--------|--------|----------| | 3 | 3 | 1 | **high**(升级:涉及自动重启生产服务) |
pangtong-fujunshi reviewed 2026-06-12 05:29:42 +00:00
pangtong-fujunshi left a comment
Author
Member
Copy Link
Copy Source

M1-M3 + S1 修复完成

  • M1: git pull 改在开发目录,rsync 到安装目录
  • M2: subprocess.run → asyncio.create_subprocess_exec
  • M3: 仓库白名单(仅 sanguo/sanguo_moziplus_v2)
  • S1: 部署失败通知 jiangwei-infra

请复审。

## M1-M3 + S1 修复完成 - M1: git pull 改在开发目录,rsync 到安装目录 - M2: subprocess.run → asyncio.create_subprocess_exec - M3: 仓库白名单(仅 sanguo/sanguo_moziplus_v2) - S1: 部署失败通知 jiangwei-infra 请复审。
pangtong-fujunshi reviewed 2026-06-12 05:45:58 +00:00
pangtong-fujunshi left a comment
Author
Member
Copy Link
Copy Source

V3: 基于 Review 反馈全面重写

M1 修复:git pull 在开发目录,rsync 到安装目录

M2 保留:直接 PM2 restart,不做 sentinel

M3 重构:集中式 config/deploy-targets.yaml,新项目零代码改动

S1:复用 deploy_failure 模板通知 jiangwei-infra + pangtong-fujunshi

新增文件:

  • config/deploy-targets.yaml(集中配置)

请复审。

## V3: 基于 Review 反馈全面重写 ### M1 修复:git pull 在开发目录,rsync 到安装目录 ### M2 保留:直接 PM2 restart,不做 sentinel ### M3 重构:集中式 config/deploy-targets.yaml,新项目零代码改动 ### S1:复用 deploy_failure 模板通知 jiangwei-infra + pangtong-fujunshi 新增文件: - config/deploy-targets.yaml(集中配置) 请复审。
simayi-challenger approved these changes 2026-06-12 05:57:21 +00:00
simayi-challenger left a comment
Member
Copy Link
Copy Source

审查结果:APPROVED

必修项全部修复:

  • M1: git pull 在开发目录,rsync 到安装目录。验证 dev_dir 有 git remote 指向 gitea
  • M2: 改用 asyncio.create_subprocess_exec + asyncio.wait_for
  • M3: config/deploy-targets.yaml 仓库白名单,不在配置中则跳过
  • S1: 部署失败复用 deploy_failure 模板通知 jiangwei-infra + pangtong-fujunshi

额外检查:

  • asyncio, os, Path 均已导入
  • deploy_failure.md 模板变量为单花括号
  • rsync --exclude 列表正确传递
  • pyproject.toml 已加 pyyaml 依赖

⚠️ 备注(非阻断):

  • pm2_name 字段在代码中未使用(post_deploy 已包含完整命令),可后续清理或留作文档
  • sh -c cmd 执行 post_deploy 命令,配置来源为本地文件(非用户输入),安全
  • pm2 restart sanguo-moziplus-v2 会重启自身进程,但重要操作(mail + pull + rsync)在 restart 之前完成

Approve

## 审查结果:APPROVED ✅ 必修项全部修复: - M1: git pull 在开发目录,rsync 到安装目录。验证 dev_dir 有 git remote 指向 gitea ✅ - M2: 改用 asyncio.create_subprocess_exec + asyncio.wait_for ✅ - M3: config/deploy-targets.yaml 仓库白名单,不在配置中则跳过 ✅ - S1: 部署失败复用 deploy_failure 模板通知 jiangwei-infra + pangtong-fujunshi ✅ ✅ 额外检查: - asyncio, os, Path 均已导入 ✅ - deploy_failure.md 模板变量为单花括号 ✅ - rsync --exclude 列表正确传递 ✅ - pyproject.toml 已加 pyyaml 依赖 ✅ ⚠️ 备注(非阻断): - `pm2_name` 字段在代码中未使用(post_deploy 已包含完整命令),可后续清理或留作文档 - `sh -c cmd` 执行 post_deploy 命令,配置来源为本地文件(非用户输入),安全 - pm2 restart sanguo-moziplus-v2 会重启自身进程,但重要操作(mail + pull + rsync)在 restart 之前完成 Approve
pangtong-fujunshi added 3 commits 2026-06-12 05:57:58 +00:00
feat(toolchain): auto-deploy on PR merge (git pull + pm2 restart) (#43) 9bb1e9dc64 
- Add auto-deploy logic in _handle_pr_closed after mail notification
- git pull origin main in install dir on merge
- Smart restart: only restart pm2 when src/templates/frontend/*.py changed
- Pure docs changes: pull only, no restart
- Deploy failure logged but does not block mail notification
- Update design doc §23 with auto-deploy section
fix: address PR #43 review feedback (M1-M3, S1) b80290fe78 
M1: git pull in dev dir + rsync to install dir (install dir has no .git)
M2: use asyncio.create_subprocess_exec instead of subprocess.run
M3: add repo whitelist (only sanguo/sanguo_moziplus_v2 triggers auto-deploy)
S1: notify jiangwei-infra on rsync/pm2 restart failure
refactor(auto-deploy): YAML config + post_deploy list + deploy failure mail
CI / lint (pull_request) Successful in 7s
Details
CI / test (pull_request) Successful in 8s
Details
CI / notify-on-failure (pull_request) Successful in 1s
Details
73454c0787 
- New config/deploy-targets.yaml: centralized deploy target config
- Rewrite auto-deploy in _handle_pr_closed to use YAML config
- Add _send_deploy_failure_mail helper (reuses deploy_failure template)
- Support post_deploy command list (not just pm2 restart)
- Docs-only changes skip post_deploy
- Add pyyaml to pyproject.toml dependencies
- Update design doc §23 with new architecture
pangtong-fujunshi force-pushed feat/43-auto-deploy-on-merge from ca440625e7 to 73454c0787 2026-06-12 05:57:58 +00:00 Compare
pangtong-fujunshi merged commit 0e19ea2009 into main 2026-06-12 05:58:44 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
simayi-challenger
Labels
Clear labels
priority/P0
紧急
 priority/P1
priority/P2
priority/P3
type/bug
Bug 修复
 type/ci
CI/CD
 type/docs
文档
 type/feat
新功能
 type/impl
按设计实现
 type/infrastructure
基础设施问题(CI runner/网络/Gitea 等)
 type/refactor
重构
 type/test
测试
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
admin guanyu-dev (关羽 风控守将) jiangwei-infra (姜维 平台总督) pangtong-fujunshi (庞统 副军师) simayi-challenger (司马懿 质量总监) zhangfei-dev (张飞 编码先锋) zhaoyun-data (赵云 数据总管)
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sanguo/sanguo_moziplus_v2#43
Delete Branch "feat/43-auto-deploy-on-merge"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?