Mirror drawbar CI/CD: push to LAN registry, pull via public FQDN
Split the registry endpoints like the drawbar containers. Per-component Gitea Actions workflows (build-backend, build-frontend; runs-on docker, path-filtered) push images to the LAN endpoint 192.168.0.2:1234 over plain HTTP (buildx insecure/http) to bypass Cloudflare's request-body limit, then link each package to the repo via the Gitea API. Auth via the REGISTRY_TOKEN Actions secret (the same token drawbar uses). Tag scheme: test-main / test-sha-<long> / version / latest (v* tags).
The deploy compose now PULLS git.jpaul.io/justin/provenance-{backend,frontend}:${IMAGE_TAG:-test-main} (no host build); docker-compose.dev.yml is a local-build override for dev / pre-CI. Replaces the previous single build.yml. Docs + memory updated.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Justin Paul <justin@jpaul.me>
This commit is contained in:
@@ -4,6 +4,10 @@
|
||||
# --- Core ---
|
||||
APP_ENV=development
|
||||
|
||||
# --- Images (pulled from git.jpaul.io; CI pushes to the LAN registry) ---
|
||||
# test-main = current main build; or pin a semver / test-sha-<sha> for rollback.
|
||||
IMAGE_TAG=test-main
|
||||
|
||||
# --- Database (Postgres) ---
|
||||
POSTGRES_USER=provenance
|
||||
POSTGRES_PASSWORD=change-me
|
||||
|
||||
@@ -0,0 +1,18 @@
|
||||
name: provenance
|
||||
|
||||
# Dev override: build the backend/frontend images locally instead of pulling
|
||||
# them from the registry. Layer it on top of the base compose:
|
||||
# docker compose -f docker-compose.yml -f docker-compose.dev.yml up -d --build
|
||||
#
|
||||
# Use this before CI has published images, or to test local changes.
|
||||
|
||||
services:
|
||||
backend:
|
||||
build:
|
||||
context: ../backend
|
||||
dockerfile: Dockerfile
|
||||
|
||||
frontend:
|
||||
build:
|
||||
context: ../frontend
|
||||
dockerfile: Dockerfile
|
||||
@@ -2,6 +2,11 @@ name: provenance
|
||||
|
||||
# One stack stands up the whole system. Configuration is entirely env-driven
|
||||
# (see .env.example). Run from this directory: `docker compose up -d`.
|
||||
#
|
||||
# backend/frontend are PULLED from the public registry (git.jpaul.io); CI pushes
|
||||
# them to the LAN endpoint (192.168.0.2:1234). For local building instead of
|
||||
# pulling, layer the dev override:
|
||||
# docker compose -f docker-compose.yml -f docker-compose.dev.yml up -d --build
|
||||
|
||||
services:
|
||||
postgres:
|
||||
@@ -36,9 +41,7 @@ services:
|
||||
restart: unless-stopped
|
||||
|
||||
backend:
|
||||
build:
|
||||
context: ../backend
|
||||
dockerfile: Dockerfile
|
||||
image: git.jpaul.io/justin/provenance-backend:${IMAGE_TAG:-test-main}
|
||||
environment:
|
||||
APP_ENV: ${APP_ENV:-development}
|
||||
DATABASE_URL: ${DATABASE_URL:-postgresql+asyncpg://provenance:provenance@postgres:5432/provenance}
|
||||
@@ -58,9 +61,7 @@ services:
|
||||
restart: unless-stopped
|
||||
|
||||
frontend:
|
||||
build:
|
||||
context: ../frontend
|
||||
dockerfile: Dockerfile
|
||||
image: git.jpaul.io/justin/provenance-frontend:${IMAGE_TAG:-test-main}
|
||||
environment:
|
||||
NODE_ENV: production
|
||||
depends_on:
|
||||
|
||||
Reference in New Issue
Block a user