deploy:cleanup can delete the active release when a deploy fails #4236
RubenGVOnestic
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Deployer version: 8.0.5
Hi everyone! I'm trying to cleanup the releases after a failed deploy and i'm expenting this issue:
Bug description
When a deploy fails, the deploy:cleanup task runs via:
after('deploy:failed', 'deploy:cleanup');This hook is not part of Deployer's default flow — we added it explicitly to our recipe to clean up orphaned release directories on failure. However, it introduces a race condition: deploy:cleanup can delete the currently active release if it is not the most recently created one, leaving the current symlink pointing to a non-existent directory and taking down the site.
Root cause
deploy:cleanupkeeps the last N releases ordered by creation time (releases_list, newest first) and blindly deletes the rest. It has no awareness of which release current is pointing to.In a successful deploy this is safe because
deploy:cleanupalways runs insidedeploy:publish, afterdeploy:symlinkhas already updated current to the newest release (index 0):deploy:release→ new release added as index 0 in releases_listdeploy:symlink→ current → newest release (index 0)deploy:cleanup→ keeps index 0…N-1, current is always index 0 ✅In a failed deploy the sequence breaks:
deploy:release→ failed release added as index 0: [failed, ..., active_current]... fails before deploy:symlink ...
deploy:cleanup→ keep_releases=1: keeps index 0 (the failed dir)deletes everything else, including active_current ❌
current symlink now points to a deleted directory → site down
Deployer's default behavior on failure is to leave the orphaned release directory in place and let the next successful deploy clean it up safely (after
deploy:symlinkhas run). Our custom hook bypasses this safety guarantee.Affected configuration
after('deploy:failed', 'deploy:cleanup')hook addedThe risk is higher in non-production environments (keep_releases=1) since any active release not at index 0 is immediately deleted.
Proposed fix
Beta Was this translation helpful? Give feedback.
All reactions