31 lines
1.7 KiB
Markdown
31 lines
1.7 KiB
Markdown
# Scratchpad: CI Docker Publish (2026-03-30)
|
|
|
|
- Objective: Add Woodpecker Docker build+push steps for gateway and web images on `main` pushes.
|
|
- Scope: `.woodpecker/ci.yml`.
|
|
- Constraints:
|
|
- Use existing Dockerfiles at `docker/gateway.Dockerfile` and `docker/web.Dockerfile`.
|
|
- Publish to `git.mosaicstack.dev` with `from_secret` credentials.
|
|
- Tag both `latest` and `${CI_COMMIT_SHA}`.
|
|
- Do not run publish steps on pull requests.
|
|
- ASSUMPTION: Publishing `latest` is required by the task for registry convenience, even though immutable tags remain the safer deployment reference.
|
|
- Findings:
|
|
- Existing pipeline already has `build` after `lint`, `format`, and `test`.
|
|
- `apps/gateway/package.json` uses `tsc` for `build`; no Prisma dependency or `prisma generate` hook is present.
|
|
- Plan:
|
|
1. Patch `.woodpecker/ci.yml` to keep `build` as the quality gate successor and add `publish-gateway` plus `publish-web`.
|
|
2. Validate YAML and run repo quality gates relevant to the change.
|
|
3. Review the diff, then commit/push/PR if validation passes.
|
|
- Verification:
|
|
- `python3 -c "import yaml; yaml.safe_load(open('.woodpecker/ci.yml'))" && echo "YAML valid"`
|
|
- `pnpm lint`
|
|
- `pnpm typecheck`
|
|
- `pnpm format:check`
|
|
- `docker compose up -d`
|
|
- `pnpm --filter @mosaic/db db:push`
|
|
- `pnpm test`
|
|
- `pnpm build`
|
|
- Manual review of `.woodpecker/ci.yml` diff: publish steps are main-only, depend on `build`, and use secret-backed registry auth plus dual tags.
|
|
- Risks:
|
|
- Pipeline behavior beyond YAML validation cannot be fully proven locally; remote Woodpecker execution will be the final situational check after push.
|
|
- Repo baseline required two existing `plugins/macp` files to be reformatted before `pnpm format:check` would pass.
|