diff --git a/internal/database/migrations/006_add_previous_image_id.sql b/internal/database/migrations/006_add_previous_image_id.sql
new file mode 100644
index 0000000..4b21599
--- /dev/null
+++ b/internal/database/migrations/006_add_previous_image_id.sql
@@ -0,0 +1,2 @@
+-- Add previous_image_id to apps for deployment rollback support
+ALTER TABLE apps ADD COLUMN previous_image_id TEXT;
diff --git a/internal/handlers/app.go b/internal/handlers/app.go
index 49ff60d..1650543 100644
--- a/internal/handlers/app.go
+++ b/internal/handlers/app.go
@@ -354,6 +354,56 @@ func (h *Handlers) HandleAppDeploy() http.HandlerFunc {
}
}
+// HandleCancelDeploy cancels an in-progress deployment for an app.
+func (h *Handlers) HandleCancelDeploy() http.HandlerFunc {
+ return func(writer http.ResponseWriter, request *http.Request) {
+ appID := chi.URLParam(request, "id")
+
+ application, findErr := models.FindApp(request.Context(), h.db, appID)
+ if findErr != nil || application == nil {
+ http.NotFound(writer, request)
+
+ return
+ }
+
+ cancelled := h.deploy.CancelDeploy(application.ID)
+ if cancelled {
+ h.log.Info("deployment cancelled by user", "app", application.Name)
+ }
+
+ http.Redirect(
+ writer,
+ request,
+ "/apps/"+application.ID,
+ http.StatusSeeOther,
+ )
+ }
+}
+
+// HandleAppRollback handles rolling back to the previous deployment image.
+func (h *Handlers) HandleAppRollback() http.HandlerFunc {
+ return func(writer http.ResponseWriter, request *http.Request) {
+ appID := chi.URLParam(request, "id")
+
+ application, findErr := models.FindApp(request.Context(), h.db, appID)
+ if findErr != nil || application == nil {
+ http.NotFound(writer, request)
+
+ return
+ }
+
+ rollbackErr := h.deploy.Rollback(request.Context(), application)
+ if rollbackErr != nil {
+ h.log.Error("rollback failed", "error", rollbackErr, "app", application.Name)
+ http.Redirect(writer, request, "/apps/"+application.ID, http.StatusSeeOther)
+
+ return
+ }
+
+ http.Redirect(writer, request, "/apps/"+application.ID+"?success=rolledback", http.StatusSeeOther)
+ }
+}
+
// HandleAppDeployments returns the deployments history handler.
func (h *Handlers) HandleAppDeployments() http.HandlerFunc {
tmpl := templates.GetParsed()
diff --git a/internal/handlers/handlers_test.go b/internal/handlers/handlers_test.go
index efb996f..df6964d 100644
--- a/internal/handlers/handlers_test.go
+++ b/internal/handlers/handlers_test.go
@@ -684,6 +684,47 @@ func TestDeletePortOwnershipVerification(t *testing.T) {
assert.NotNil(t, found, "port should still exist after IDOR attempt")
}
+func TestHandleCancelDeployRedirects(t *testing.T) {
+ t.Parallel()
+
+ testCtx := setupTestHandlers(t)
+
+ createdApp := createTestApp(t, testCtx, "cancel-deploy-app")
+
+ request := httptest.NewRequest(
+ http.MethodPost,
+ "/apps/"+createdApp.ID+"/deployments/cancel",
+ nil,
+ )
+ request = addChiURLParams(request, map[string]string{"id": createdApp.ID})
+ recorder := httptest.NewRecorder()
+
+ handler := testCtx.handlers.HandleCancelDeploy()
+ handler.ServeHTTP(recorder, request)
+
+ assert.Equal(t, http.StatusSeeOther, recorder.Code)
+ assert.Equal(t, "/apps/"+createdApp.ID, recorder.Header().Get("Location"))
+}
+
+func TestHandleCancelDeployReturns404ForUnknownApp(t *testing.T) {
+ t.Parallel()
+
+ testCtx := setupTestHandlers(t)
+
+ request := httptest.NewRequest(
+ http.MethodPost,
+ "/apps/nonexistent/deployments/cancel",
+ nil,
+ )
+ request = addChiURLParams(request, map[string]string{"id": "nonexistent"})
+ recorder := httptest.NewRecorder()
+
+ handler := testCtx.handlers.HandleCancelDeploy()
+ handler.ServeHTTP(recorder, request)
+
+ assert.Equal(t, http.StatusNotFound, recorder.Code)
+}
+
func TestHandleWebhookReturns404ForUnknownSecret(t *testing.T) {
t.Parallel()
diff --git a/internal/models/app.go b/internal/models/app.go
index ab21924..03f5031 100644
--- a/internal/models/app.go
+++ b/internal/models/app.go
@@ -14,7 +14,7 @@ import (
const appColumns = `id, name, repo_url, branch, dockerfile_path, webhook_secret,
ssh_private_key, ssh_public_key, image_id, status,
docker_network, ntfy_topic, slack_webhook, webhook_secret_hash,
- created_at, updated_at`
+ previous_image_id, created_at, updated_at`
// AppStatus represents the status of an app.
type AppStatus string
@@ -41,8 +41,9 @@ type App struct {
WebhookSecretHash string
SSHPrivateKey string
SSHPublicKey string
- ImageID sql.NullString
- Status AppStatus
+ ImageID sql.NullString
+ PreviousImageID sql.NullString
+ Status AppStatus
DockerNetwork sql.NullString
NtfyTopic sql.NullString
SlackWebhook sql.NullString
@@ -140,13 +141,15 @@ func (a *App) insert(ctx context.Context) error {
INSERT INTO apps (
id, name, repo_url, branch, dockerfile_path, webhook_secret,
ssh_private_key, ssh_public_key, image_id, status,
- docker_network, ntfy_topic, slack_webhook, webhook_secret_hash
- ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
+ docker_network, ntfy_topic, slack_webhook, webhook_secret_hash,
+ previous_image_id
+ ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
_, err := a.db.Exec(ctx, query,
a.ID, a.Name, a.RepoURL, a.Branch, a.DockerfilePath, a.WebhookSecret,
a.SSHPrivateKey, a.SSHPublicKey, a.ImageID, a.Status,
a.DockerNetwork, a.NtfyTopic, a.SlackWebhook, a.WebhookSecretHash,
+ a.PreviousImageID,
)
if err != nil {
return err
@@ -161,6 +164,7 @@ func (a *App) update(ctx context.Context) error {
name = ?, repo_url = ?, branch = ?, dockerfile_path = ?,
image_id = ?, status = ?,
docker_network = ?, ntfy_topic = ?, slack_webhook = ?,
+ previous_image_id = ?,
updated_at = CURRENT_TIMESTAMP
WHERE id = ?`
@@ -168,6 +172,7 @@ func (a *App) update(ctx context.Context) error {
a.Name, a.RepoURL, a.Branch, a.DockerfilePath,
a.ImageID, a.Status,
a.DockerNetwork, a.NtfyTopic, a.SlackWebhook,
+ a.PreviousImageID,
a.ID,
)
@@ -182,6 +187,7 @@ func (a *App) scan(row *sql.Row) error {
&a.ImageID, &a.Status,
&a.DockerNetwork, &a.NtfyTopic, &a.SlackWebhook,
&a.WebhookSecretHash,
+ &a.PreviousImageID,
&a.CreatedAt, &a.UpdatedAt,
)
}
@@ -199,6 +205,7 @@ func scanApps(appDB *database.Database, rows *sql.Rows) ([]*App, error) {
&app.ImageID, &app.Status,
&app.DockerNetwork, &app.NtfyTopic, &app.SlackWebhook,
&app.WebhookSecretHash,
+ &app.PreviousImageID,
&app.CreatedAt, &app.UpdatedAt,
)
if scanErr != nil {
diff --git a/internal/server/routes.go b/internal/server/routes.go
index 2fb632f..11d4a0f 100644
--- a/internal/server/routes.go
+++ b/internal/server/routes.go
@@ -68,6 +68,7 @@ func (s *Server) SetupRoutes() {
r.Post("/apps/{id}", s.handlers.HandleAppUpdate())
r.Post("/apps/{id}/delete", s.handlers.HandleAppDelete())
r.Post("/apps/{id}/deploy", s.handlers.HandleAppDeploy())
+ r.Post("/apps/{id}/deployments/cancel", s.handlers.HandleCancelDeploy())
r.Get("/apps/{id}/deployments", s.handlers.HandleAppDeployments())
r.Get("/apps/{id}/deployments/{deploymentID}/logs", s.handlers.HandleDeploymentLogsAPI())
r.Get("/apps/{id}/deployments/{deploymentID}/download", s.handlers.HandleDeploymentLogDownload())
@@ -75,6 +76,7 @@ func (s *Server) SetupRoutes() {
r.Get("/apps/{id}/container-logs", s.handlers.HandleContainerLogsAPI())
r.Get("/apps/{id}/status", s.handlers.HandleAppStatusAPI())
r.Get("/apps/{id}/recent-deployments", s.handlers.HandleRecentDeploymentsAPI())
+ r.Post("/apps/{id}/rollback", s.handlers.HandleAppRollback())
r.Post("/apps/{id}/restart", s.handlers.HandleAppRestart())
r.Post("/apps/{id}/stop", s.handlers.HandleAppStop())
r.Post("/apps/{id}/start", s.handlers.HandleAppStart())
diff --git a/internal/service/deploy/deploy.go b/internal/service/deploy/deploy.go
index dc260e4..c3f227c 100644
--- a/internal/service/deploy/deploy.go
+++ b/internal/service/deploy/deploy.go
@@ -49,6 +49,8 @@ var (
ErrBuildTimeout = errors.New("build timeout exceeded")
// ErrDeployTimeout indicates the deploy phase exceeded the timeout.
ErrDeployTimeout = errors.New("deploy timeout exceeded")
+ // ErrNoPreviousImage indicates there is no previous image to rollback to.
+ ErrNoPreviousImage = errors.New("no previous image available for rollback")
)
// logFlushInterval is how often to flush buffered logs to the database.
@@ -283,6 +285,26 @@ func (svc *Service) GetLogFilePath(app *models.App, deployment *models.Deploymen
return filepath.Join(svc.config.DataDir, "logs", hostname, app.Name, filename)
}
+// HasActiveDeploy returns true if there is an active deployment for the given app.
+func (svc *Service) HasActiveDeploy(appID string) bool {
+ _, ok := svc.activeDeploys.Load(appID)
+
+ return ok
+}
+
+// CancelDeploy cancels any in-progress deployment for the given app
+// and waits for it to finish before returning. Returns true if a deployment
+// was cancelled, false if there was nothing to cancel.
+func (svc *Service) CancelDeploy(appID string) bool {
+ if !svc.HasActiveDeploy(appID) {
+ return false
+ }
+
+ svc.cancelActiveDeploy(appID)
+
+ return true
+}
+
// Deploy deploys an app. If cancelExisting is true (e.g. webhook-triggered),
// any in-progress deploy for the same app will be cancelled before starting.
// If cancelExisting is false and a deploy is in progress, ErrDeploymentInProgress is returned.
@@ -339,6 +361,107 @@ func (svc *Service) Deploy(
return svc.runBuildAndDeploy(deployCtx, bgCtx, app, deployment)
}
+// Rollback rolls back an app to its previous image.
+// It stops the current container, starts a new one with the previous image,
+// and creates a deployment record for the rollback.
+func (svc *Service) Rollback(ctx context.Context, app *models.App) error {
+ if !app.PreviousImageID.Valid || app.PreviousImageID.String == "" {
+ return ErrNoPreviousImage
+ }
+
+ // Acquire per-app deployment lock
+ if !svc.tryLockApp(app.ID) {
+ return ErrDeploymentInProgress
+ }
+ defer svc.unlockApp(app.ID)
+
+ bgCtx := context.WithoutCancel(ctx)
+
+ deployment, err := svc.createRollbackDeployment(bgCtx, app)
+ if err != nil {
+ return err
+ }
+
+ return svc.executeRollback(ctx, bgCtx, app, deployment)
+}
+
+// createRollbackDeployment creates a deployment record for a rollback operation.
+func (svc *Service) createRollbackDeployment(
+ ctx context.Context,
+ app *models.App,
+) (*models.Deployment, error) {
+ deployment := models.NewDeployment(svc.db)
+ deployment.AppID = app.ID
+ deployment.Status = models.DeploymentStatusDeploying
+ deployment.ImageID = sql.NullString{String: app.PreviousImageID.String, Valid: true}
+
+ saveErr := deployment.Save(ctx)
+ if saveErr != nil {
+ return nil, fmt.Errorf("failed to create rollback deployment: %w", saveErr)
+ }
+
+ _ = deployment.AppendLog(ctx, "Rolling back to previous image: "+app.PreviousImageID.String)
+
+ return deployment, nil
+}
+
+// executeRollback performs the container swap for a rollback.
+func (svc *Service) executeRollback(
+ ctx context.Context,
+ bgCtx context.Context,
+ app *models.App,
+ deployment *models.Deployment,
+) error {
+ previousImageID := app.PreviousImageID.String
+
+ svc.removeOldContainer(ctx, app, deployment)
+
+ rollbackOpts, err := svc.buildContainerOptions(ctx, app, deployment.ID)
+ if err != nil {
+ svc.failDeployment(bgCtx, app, deployment, err)
+
+ return fmt.Errorf("failed to build container options: %w", err)
+ }
+
+ rollbackOpts.Image = previousImageID
+
+ containerID, err := svc.docker.CreateContainer(ctx, rollbackOpts)
+ if err != nil {
+ svc.failDeployment(bgCtx, app, deployment, fmt.Errorf("failed to create rollback container: %w", err))
+
+ return fmt.Errorf("failed to create rollback container: %w", err)
+ }
+
+ deployment.ContainerID = sql.NullString{String: containerID, Valid: true}
+ _ = deployment.AppendLog(bgCtx, "Rollback container created: "+containerID)
+
+ startErr := svc.docker.StartContainer(ctx, containerID)
+ if startErr != nil {
+ svc.failDeployment(bgCtx, app, deployment, fmt.Errorf("failed to start rollback container: %w", startErr))
+
+ return fmt.Errorf("failed to start rollback container: %w", startErr)
+ }
+
+ _ = deployment.AppendLog(bgCtx, "Rollback container started")
+
+ currentImageID := app.ImageID
+ app.ImageID = sql.NullString{String: previousImageID, Valid: true}
+ app.PreviousImageID = currentImageID
+ app.Status = models.AppStatusRunning
+
+ saveErr := app.Save(bgCtx)
+ if saveErr != nil {
+ return fmt.Errorf("failed to update app after rollback: %w", saveErr)
+ }
+
+ _ = deployment.MarkFinished(bgCtx, models.DeploymentStatusSuccess)
+ _ = deployment.AppendLog(bgCtx, "Rollback complete")
+
+ svc.log.Info("rollback completed", "app", app.Name, "image", previousImageID)
+
+ return nil
+}
+
// runBuildAndDeploy executes the build and deploy phases, handling cancellation.
func (svc *Service) runBuildAndDeploy(
deployCtx context.Context,
@@ -370,6 +493,11 @@ func (svc *Service) runBuildAndDeploy(
return err
}
+ // Save current image as previous before updating to new one
+ if app.ImageID.Valid && app.ImageID.String != "" {
+ app.PreviousImageID = app.ImageID
+ }
+
err = svc.updateAppRunning(bgCtx, app, imageID)
if err != nil {
return err
diff --git a/static/css/input.css b/static/css/input.css
index e298c11..d9fdfed 100644
--- a/static/css/input.css
+++ b/static/css/input.css
@@ -57,6 +57,10 @@
@apply inline-flex items-center justify-center px-4 py-2 rounded-md font-medium text-sm transition-all duration-200 focus:outline-none focus:ring-2 focus:ring-offset-2 disabled:opacity-50 disabled:cursor-not-allowed bg-success-500 text-white hover:bg-success-700 active:bg-green-800 focus:ring-green-500 shadow-elevation-1 hover:shadow-elevation-2;
}
+ .btn-warning {
+ @apply inline-flex items-center justify-center px-4 py-2 rounded-md font-medium text-sm transition-all duration-200 focus:outline-none focus:ring-2 focus:ring-offset-2 disabled:opacity-50 disabled:cursor-not-allowed bg-warning-500 text-white hover:bg-warning-700 active:bg-orange-800 focus:ring-orange-500 shadow-elevation-1 hover:shadow-elevation-2;
+ }
+
.btn-text {
@apply inline-flex items-center justify-center px-4 py-2 rounded-md font-medium text-sm transition-all duration-200 focus:outline-none focus:ring-2 focus:ring-offset-2 disabled:opacity-50 disabled:cursor-not-allowed text-primary-600 hover:bg-primary-50 active:bg-primary-100;
}
diff --git a/templates/app_detail.html b/templates/app_detail.html
index fa520d5..f329ca0 100644
--- a/templates/app_detail.html
+++ b/templates/app_detail.html
@@ -40,6 +40,16 @@
+
+ {{if .App.PreviousImageID.Valid}}
+
+ {{end}}