b8613905bd
- Submodule pins: dbis_core, cross-chain-pmm-lps, mcp-proxmox (local, push may be pending), metamask-integration, smom-dbis-138 - Atomic swap + cross-chain-pmm-lops-publish, deploy-portal workflow, phoenix deploy-targets, routing/aggregator matrices - Docs, token-lists, forge proxy, phoenix API, runbooks, verify scripts Made-with: Cursor
3.7 KiB
Phoenix Deploy API — Gitea Integration
Last Updated: 2026-04-20
Status: Active Documentation
Overview
The Phoenix Deploy API (phoenix-deploy-api/) receives Gitea webhooks and provides a deploy endpoint for triggering Phoenix deployments from Gitea Actions or external tools.
Architecture
Gitea (push/tag) → Webhook / Action → Phoenix Deploy API → deploy target command
↓
health check + Gitea commit status
Setup
1. Deploy Phoenix Deploy API
Run the service on a host reachable from Gitea (e.g. dev-vm 5700 or Phoenix API host):
cd phoenix-deploy-api
npm install
GITEA_TOKEN=<token> PHOENIX_DEPLOY_SECRET=<secret> npm start
Or as systemd service on dev-vm.
Bootstrap helper (recommended):
bash scripts/dev-vm/bootstrap-phoenix-cicd.sh --repo d-bis/proxmox
This runs validation, deploys phoenix-deploy-api, and smoke-checks /health and /api/deploy-targets.
2. Gitea Webhook Configuration
Via script (for repos that are not already deploying through Gitea Actions):
# Ensure Phoenix Deploy API is running (e.g. on dev-vm at 192.168.11.59:4001)
GITEA_TOKEN=xxx PHOENIX_WEBHOOK_URL=http://192.168.11.59:4001/webhook/gitea PHOENIX_DEPLOY_SECRET=shared-secret bash scripts/dev-vm/add-gitea-webhook-phoenix.sh some/repo
Set PHOENIX_WEBHOOK_DEPLOY_ENABLED=1 on the deploy service host if you want webhook events to execute the default target. Leave it unset or 0 when the repo already deploys through Gitea Actions.
Manual (per-repository):
- Gitea → d-bis/proxmox → Settings → Webhooks → Add Webhook
- URL:
https://<phoenix-deploy-host>/webhook/gitea - Content type: application/json
- Secret: Optional; set
PHOENIX_DEPLOY_SECRETto match - Triggers: Push events, Tag creation
Organization-level webhook (if supported): Configure once for all repos in d-bis.
3. Gitea Token
Create a token at https://gitea.d-bis.org/user/settings/applications with scope repo (or repo:status) for commit status updates.
Deploy Endpoint
POST /api/deploy
Headers: Authorization: Bearer <PHOENIX_DEPLOY_SECRET>
Body:
{
"repo": "d-bis/proxmox",
"branch": "main",
"sha": "abc123def",
"target": "default"
}
Deploy target discovery
curl -sS http://127.0.0.1:4001/api/deploy-targets | jq .
Targets are loaded from phoenix-deploy-api/deploy-targets.json.
Current repo-shipped targets include:
defaultford-bis/proxmox→ publishphoenix-deploy-apito VMID5700portal-liveford-bis/proxmox→ runscripts/deployment/sync-sankofa-portal-7801.shand verifyhttp://192.168.11.51:3000/
Public-sector program manifest (runtime)
The API serves the repo manifest at GET /api/v1/public-sector/programs (no API key). Source file: config/public-sector-program-manifest.json. On systemd install, install-systemd.sh copies it next to server.js; override with PUBLIC_SECTOR_MANIFEST_PATH or PHOENIX_REPO_ROOT.
curl -sS http://127.0.0.1:4001/api/v1/public-sector/programs | jq '.programs[].id'
Status
- Real deploy target execution is implemented.
- Target health checks are supported.
- Gitea commit status is updated from the deploy service.
- Webhook helper supports the shared secret, and webhook deploy execution is opt-in via
PHOENIX_WEBHOOK_DEPLOY_ENABLED=1.
Next Steps
- Add a Phoenix API target for
7800or8600. - Integrate into Sankofa Phoenix API (VMID 8600) if you want a single control plane.
- Add NPMplus proxy for phoenix-deploy if exposed publicly.