110 lines
3.7 KiB
Bash
Executable File
110 lines
3.7 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# 從開發機或 CI 驗證 AWOOOI Ansible assets。
|
|
|
|
set -euo pipefail
|
|
|
|
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
|
|
cd "$ROOT_DIR"
|
|
|
|
echo "== YAML 解析 =="
|
|
python3 - <<'PY'
|
|
from pathlib import Path
|
|
import sys
|
|
import yaml
|
|
|
|
paths = (
|
|
sorted(Path("infra/ansible").rglob("*.yml"))
|
|
+ sorted(Path("ops/reboot-recovery").rglob("*.yml"))
|
|
+ sorted(Path(".gitea/workflows").rglob("*.yml"))
|
|
+ [Path("ops/monitoring/alerts-unified.yml")]
|
|
)
|
|
for path in paths:
|
|
with path.open() as fh:
|
|
yaml.safe_load(fh)
|
|
print(f"YAML_OK {path}")
|
|
PY
|
|
|
|
echo "== Shell 語法 =="
|
|
bash -n \
|
|
scripts/reboot-recovery/full-stack-cold-start-check.sh \
|
|
scripts/reboot-recovery/full-stack-recovery-scorecard.sh \
|
|
scripts/reboot-recovery/dr-offsite-operator-checklist.sh \
|
|
scripts/reboot-recovery/wait-dr-offsite-ready.sh \
|
|
scripts/reboot-recovery/cold-start-textfile-exporter.sh \
|
|
scripts/reboot-recovery/install-cold-start-monitor-110.sh \
|
|
scripts/reboot-recovery/reboot-recovery-readiness-audit.sh \
|
|
scripts/reboot-recovery/verify-cold-start-monitor-deploy.sh \
|
|
scripts/reboot-recovery/p3-controlled-release-gate.sh \
|
|
scripts/ops/bootstrap-ansible-validation-env.sh \
|
|
scripts/ops/deploy-alerts.sh \
|
|
scripts/cron_backup_restore_test.sh \
|
|
scripts/backup/common.sh \
|
|
scripts/backup/backup-all.sh \
|
|
scripts/backup/backup-status.sh \
|
|
scripts/backup/backup-gitea.sh \
|
|
scripts/backup/backup-harbor.sh \
|
|
scripts/backup/backup-momo.sh \
|
|
scripts/backup/backup-awoooi.sh \
|
|
scripts/backup/backup-awoooi-frequent.sh \
|
|
scripts/backup/backup-langfuse.sh \
|
|
scripts/backup/backup-monitoring.sh \
|
|
scripts/backup/backup-signoz.sh \
|
|
scripts/backup/backup-open-webui.sh \
|
|
scripts/backup/backup-clawbot.sh \
|
|
scripts/backup/backup-configs.sh \
|
|
scripts/backup/backup-momo-188-pg.sh \
|
|
scripts/backup/backup-sentry.sh \
|
|
scripts/backup/backup-ai-artifacts.sh \
|
|
scripts/backup/backup-public-routes.sh \
|
|
scripts/backup/configure-offsite-rclone.sh \
|
|
scripts/backup/configure-offsite-b2.sh \
|
|
scripts/backup/sync-offsite-backups.sh \
|
|
scripts/backup/backup-offsite-readiness-gate.sh \
|
|
scripts/backup/offsite-escrow-evidence-report.sh \
|
|
scripts/backup/verify-offsite-full-sync.sh \
|
|
scripts/backup/mark-credential-escrow-verified.sh \
|
|
scripts/backup/check-backup-integrity.sh
|
|
echo "Shell 語法 OK"
|
|
|
|
echo "== Python 語法 =="
|
|
python3 -m py_compile \
|
|
scripts/ops/docker-stats-textfile-exporter.py \
|
|
scripts/ops/systemd-units-textfile-exporter.py \
|
|
scripts/ops/storage-health-textfile-exporter.py \
|
|
scripts/ops/backup-health-textfile-exporter.py \
|
|
scripts/ops/backup-alert-label-contract-check.py \
|
|
scripts/ops/backup-alert-live-visibility-check.py \
|
|
scripts/ops/recovery-scorecard-contract-check.py \
|
|
scripts/ops/doc-secrets-sanity-check.py
|
|
echo "Python 語法 OK"
|
|
|
|
echo "== 文件 Secrets 檢查 =="
|
|
python3 scripts/ops/doc-secrets-sanity-check.py
|
|
|
|
echo "== 備份告警 Label 合約 =="
|
|
python3 scripts/ops/backup-alert-label-contract-check.py
|
|
|
|
echo "== Recovery scorecard 合約 =="
|
|
python3 scripts/ops/recovery-scorecard-contract-check.py
|
|
|
|
if ! command -v ansible-playbook >/dev/null 2>&1; then
|
|
echo "WARN ansible-playbook 未安裝;已略過 Ansible syntax-check"
|
|
exit 0
|
|
fi
|
|
|
|
echo "== Ansible syntax-check =="
|
|
for playbook in \
|
|
infra/ansible/playbooks/site.yml \
|
|
infra/ansible/playbooks/110-devops.yml \
|
|
infra/ansible/playbooks/188-ai-web.yml \
|
|
infra/ansible/playbooks/nginx-sync.yml; do
|
|
ansible-playbook -i infra/ansible/inventory/hosts.yml "$playbook" --syntax-check
|
|
done
|
|
|
|
if command -v ansible-lint >/dev/null 2>&1; then
|
|
echo "== ansible-lint =="
|
|
ansible-lint infra/ansible/playbooks/
|
|
else
|
|
echo "WARN ansible-lint 未安裝;已略過 ansible-lint"
|
|
fi
|