mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(swarm): Remove build directives and unsupported options for swarm
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source 
Docker Swarm doesn't support build directives or security_opt.
Images must be pre-built before deployment.

Changes:
- Created build-images.sh script to build all images
- Updated deploy-swarm.sh to check for images and offer to build
- Removed build: sections from docker-compose.swarm.yml
- Removed security_opt: (not supported in swarm)
- Services now reference pre-built images only

Deployment workflow:
1. ./build-images.sh (build all images)
2. ./deploy-swarm.sh mosaic (deploy to swarm)
This commit is contained in:
Jason Woltje
2026-02-08 01:31:29 -06:00
parent 2a9a1f1367
commit 7f3499b1f2
3 changed files with 74 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
docker-compose.swarm.yml
View File

@@ -3,9 +3,7 @@ services:
# PostgreSQL Database
# ======================
postgres:
build:
context: ./docker/postgres
dockerfile: Dockerfile
image: mosaic-stack-postgres:latest
env_file: .env
environment:
POSTGRES_USER: ${POSTGRES_USER:-mosaic}
@@ -58,9 +56,7 @@ services:
# OpenBao Secrets Vault
# ======================
openbao:
build:
context: ./docker/openbao
dockerfile: Dockerfile
image: mosaic-stack-openbao:latest
env_file: .env
environment:
OPENBAO_ADDR: ${OPENBAO_ADDR:-http://0.0.0.0:8200}
@@ -230,11 +226,6 @@ services:
# ======================
api:
image: mosaic-stack-api:latest
build:
context: .
dockerfile: ./apps/api/Dockerfile
args:
- NODE_ENV=production
env_file: .env
environment:
NODE_ENV: production
@@ -278,9 +269,6 @@ services:
# ======================
orchestrator:
image: mosaic-stack-orchestrator:latest
build:
context: .
dockerfile: ./apps/orchestrator/Dockerfile
env_file: .env
user: "1000:1000"
environment:
@@ -305,8 +293,8 @@ services:
start_period: 40s
networks:
- internal
security_opt:
- no-new-privileges:true
# Note: security_opt not supported in swarm mode
# Security hardening done via cap_drop/cap_add
cap_drop:
- ALL
cap_add:
@@ -322,11 +310,6 @@ services:
# ======================
web:
image: mosaic-stack-web:latest
build:
context: .
dockerfile: ./apps/web/Dockerfile
args:
- NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL:-http://localhost:3001}
env_file: .env
environment:
NODE_ENV: production