fix(ci): make the legal-page probe size-independent
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 11s
CI / integration (pull_request) Successful in 21s
CI / ui (pull_request) Successful in 1m13s
CI / conformance (pull_request) Successful in 10s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m56s

The /eula/ probe fetched the full ~129 KB page. While the monitoring stack boots after the rolling deploy and the CPU-capped (1 CPU / 192 MB) renderer is starved, that transfer exceeded the wget timeout for the entire 60s retry window, while the 3x-smaller /privacy/ passed — pre-rendering the pages did not help because the bottleneck is the transfer, not the render. Fetch only the <head> (head -c 4096) and assert the page's canonical URL, which uniquely identifies the rendered legal doc reaching the edge (the landing's canonical is erudit-game.ru/); the check now transfers ~4 KB regardless of page size.
This commit is contained in:
Ilia Denisov
2026-07-13 12:45:38 +02:00
parent 5a4c460268
commit 1d77ee83b3
+10 -8
View File
@@ -536,17 +536,19 @@ jobs:
- name: Probe the /privacy/ and /eula/ legal pages are served - name: Probe the /privacy/ and /eula/ legal pages are served
run: | run: |
set -u set -u
# /privacy/ and /eula/ are static legal markdown rendered by the render sidecar (no backend # /privacy/ and /eula/ are static legal markdown rendered by the render sidecar. If the
# fetch). If the @legal caddy route is missing they fall to the landing shell (also 200), so # @legal caddy route is missing they fall to the landing shell (also 200, canonical
# assert the page-specific canonical URL (the landing's is erudit-game.ru/) plus the seller # erudit-game.ru/), so assert the page-specific canonical URL — it uniquely identifies the
# INN — proving the rendered legal doc reached the edge, not the landing catch-all. Retry # rendered legal doc reaching the edge, not the landing catch-all. Read only the <head>
# like the landing/gateway/backend probe: the renderer is recreated in this same deploy and # (head -c 4096; the canonical link sits in the first bytes): the check is then
# a single-shot check can race its restart (it answers /offer/ then is briefly re-listening). # size-independent, so the large EULA page does not exceed the timeout while the monitoring
# stack is still booting post-deploy and starving the CPU-capped renderer. Retry like the
# landing/gateway/backend probe to ride out that window.
for route in privacy eula; do for route in privacy eula; do
ok= ok=
for i in $(seq 1 20); do for i in $(seq 1 20); do
out="$(docker run --rm --network edge alpine:3.20 wget -q -T 10 -O - "http://scrabble/${route}/" 2>&1 || true)" head_out="$(docker run --rm --network edge alpine:3.20 sh -c "wget -q -T 10 -O - http://scrabble/${route}/ 2>/dev/null | head -c 4096" || true)"
if echo "$out" | grep -qF "erudit-game.ru/${route}/" && echo "$out" | grep -qF "290210610742"; then if printf '%s' "$head_out" | grep -qF "erudit-game.ru/${route}/"; then
echo "ok: /${route}/ serves the rendered legal page" echo "ok: /${route}/ serves the rendered legal page"
ok=1 ok=1
break break