From b4efba965c08653011598a59fd735ae0317d6d18 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 13 May 2026 02:07:39 +0000 Subject: [PATCH] feat(deploy): add automatic commit hash verification after deployment - Query /api/devops/version endpoint to get deployed commit - Compare deployed commit with latest commit in repository - Warn if deployment didn't use the latest code - Suggest --force --no-cache if commits don't match This prevents silent deployment failures where old code is deployed. Generated with [Devin](https://cli.devin.ai/docs) Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com> --- deploy-invttrdg.sh | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/deploy-invttrdg.sh b/deploy-invttrdg.sh index 7cb1acb..bfb78cc 100755 --- a/deploy-invttrdg.sh +++ b/deploy-invttrdg.sh @@ -394,3 +394,43 @@ ok "Deployment completed successfully!" log "Backend: http://localhost:4025 → $API_ENDPOINT" log "Web: http://localhost:3085 → $WEB_ENDPOINT" log "══════════════════════════════════════════════════════════════════════" + +# ── Verify Deployed Commit Hash ───────────────────────────────────────────── +log "Verifying deployed commit hash..." +BACKEND_URL="http://localhost:4025" +DEVOPS_RESPONSE=$(curl -s "$BACKEND_URL/api/devops/version" 2>/dev/null || echo "{}") + +if [ "$DEVOPS_RESPONSE" != "{}" ] && [ -n "$DEVOPS_RESPONSE" ]; then + if command -v jq &> /dev/null; then + DEPLOYED_COMMIT_SHA=$(echo "$DEVOPS_RESPONSE" | jq -r '.commitSha // empty') + DEPLOYED_COMMIT_FULL=$(echo "$DEVOPS_RESPONSE" | jq -r '.commitShaFull // empty') + DEPLOYED_MESSAGE=$(echo "$DEVOPS_RESPONSE" | jq -r '.commitMessage // empty') + + if [ -n "$DEPLOYED_COMMIT_SHA" ]; then + ok "Deployed commit: $DEPLOYED_COMMIT_SHA" + info "Full SHA: $DEPLOYED_COMMIT_FULL" + info "Message: $DEPLOYED_MESSAGE" + + # Compare with expected latest commit + cd "$REPO_DIR" + LATEST_COMMIT=$(git rev-parse --short HEAD 2>/dev/null || echo "unknown") + + if [ "$DEPLOYED_COMMIT_SHA" = "$LATEST_COMMIT" ]; then + ok "✓ Deployed commit matches latest commit ($LATEST_COMMIT)" + else + warn "✗ Deployed commit ($DEPLOYED_COMMIT_SHA) differs from latest commit ($LATEST_COMMIT)" + warn " This indicates the deployment may not have used the latest code" + warn " Consider running: ./deploy-invttrdg.sh --force --no-cache" + fi + else + warn "Could not extract commit SHA from devops endpoint" + fi + else + warn "jq not installed, showing raw devops response:" + echo "$DEVOPS_RESPONSE" + fi +else + warn "Could not retrieve deployment info from devops endpoint" +fi + +log "══════════════════════════════════════════════════════════════════════"