Ho Ngoc Hai
2e608f0c91
fix: API Dockerfile — fresh pnpm install --prod in production stage
...
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 11s
CI / E2E Tests (push) Has been skipped
Deploy / Build API Image (push) Failing after 15s
Deploy / Build Web Image (push) Failing after 10s
Deploy / Build AI Services Image (push) Failing after 12s
E2E Tests / Playwright E2E (push) Failing after 23s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
Deploy / Smoke Test Production (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
pnpm hoisted node_modules uses symlinks that break when copied between
Docker stages. Install production deps fresh in final stage instead.
Set WORKDIR to /app/apps/api so dist/main resolves correctly.
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-14 01:40:35 +07:00
Ho Ngoc Hai
4870ac9214
fix: API Dockerfile — copy full node_modules instead of pnpm deploy
...
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 7s
CI / E2E Tests (push) Has been skipped
Deploy / Build API Image (push) Failing after 15s
Deploy / Build Web Image (push) Failing after 14s
Deploy / Build AI Services Image (push) Failing after 14s
E2E Tests / Playwright E2E (push) Failing after 22s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Smoke Test Production (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
pnpm deploy --legacy --prod doesn't resolve all transitive deps correctly
in monorepo. Copy full node_modules from build stage instead. Also add
openssl to production image (required by Prisma at runtime).
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-14 01:12:31 +07:00
Ho Ngoc Hai
3de953223a
fix: API copy Prisma from pnpm store, AI drop Rust/maturin approach
...
CI / E2E Tests (push) Has been skipped
Deploy / Build API Image (push) Failing after 10s
Deploy / Build Web Image (push) Failing after 12s
Deploy / Build AI Services Image (push) Failing after 11s
E2E Tests / Playwright E2E (push) Failing after 10s
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Smoke Test Production (push) Has been skipped
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 6s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
- API: copy @prisma/client + .prisma from build stage pnpm store glob
(pnpm deploy --prod doesn't include generated Prisma client)
- AI: remove Rust toolchain, install underthesea 6.8.0 with fallback to 6.3.4
(underthesea-core maturin build too complex for Kaniko)
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-14 00:32:35 +07:00
Ho Ngoc Hai
3e4f681adb
fix: API install prisma+generate in pruned, AI use absolute cargo path
...
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 16s
CI / E2E Tests (push) Has been skipped
Deploy / Build API Image (push) Failing after 24s
Deploy / Build Web Image (push) Failing after 35s
Deploy / Build AI Services Image (push) Failing after 1m22s
E2E Tests / Playwright E2E (push) Failing after 19s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Smoke Test Production (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
- API: npm install prisma @prisma/client in pruned dir before generate
- AI: use /root/.cargo/bin/cargo directly, install underthesea with --no-build-isolation
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-13 23:59:14 +07:00
Ho Ngoc Hai
248378abb8
fix: API Dockerfile — re-generate Prisma in pruned deploy dir
...
Deploy / Build API Image (push) Failing after 28s
Deploy / Build Web Image (push) Failing after 10s
Deploy / Smoke Test Production (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 13m29s
Deploy / Build AI Services Image (push) Failing after 13s
E2E Tests / Playwright E2E (push) Failing after 16s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
CI / E2E Tests (push) Has been cancelled
pnpm deploy --legacy doesn't carry .prisma from hoisted node_modules.
Fix: copy prisma schema + run npx prisma generate inside /app/pruned.
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-13 23:35:50 +07:00
Ho Ngoc Hai
1c3dd305b8
fix: all 3 Dockerfiles — Prisma copy, standalone paths, maturin PATH
...
CI / E2E Tests (push) Has been skipped
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 20s
Deploy / Build API Image (push) Failing after 27s
Deploy / Build Web Image (push) Failing after 17s
Deploy / Build AI Services Image (push) Failing after 20s
E2E Tests / Playwright E2E (push) Failing after 22s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Smoke Test Production (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
- API: copy .prisma + @prisma into pruned node_modules, restore dist/prisma COPY
- Web: fix standalone paths for monorepo (node_modules + apps/web/server.js)
- AI: source cargo env in same RUN layer, wrap fallback pip install in subshell
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-13 16:23:51 +07:00
Ho Ngoc Hai
9cf71719ae
fix: API pnpm deploy --legacy flag, AI add maturin for underthesea build
...
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 5s
Deploy / Build API Image (push) Failing after 13s
Deploy / Build Web Image (push) Failing after 13s
E2E Tests / Playwright E2E (push) Failing after 10s
CI / E2E Tests (push) Has been skipped
Deploy / Build AI Services Image (push) Failing after 12s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Smoke Test Production (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
- API Dockerfile: add --legacy to pnpm deploy (pnpm v10 breaking change)
- AI Dockerfile: install Rust toolchain + maturin (required by underthesea 6.8.0)
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-13 15:46:25 +07:00
Ho Ngoc Hai
b84dfd5cad
fix: Docker build errors — Prisma generate order, .dockerignore multi-service
...
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 11s
CI / E2E Tests (push) Has been skipped
Deploy / Build API Image (push) Failing after 23s
Deploy / Build Web Image (push) Failing after 12s
Deploy / Build AI Services Image (push) Failing after 10s
E2E Tests / Playwright E2E (push) Failing after 12s
Deploy / Deploy to Staging (push) Has been skipped
Deploy / Smoke Test Staging (push) Has been skipped
Deploy / Deploy to Production (push) Has been skipped
Deploy / Smoke Test Production (push) Has been skipped
Deploy / Rollback Staging (push) Has been skipped
Deploy / Rollback Production (push) Has been skipped
- Dockerfile: move prisma generate BEFORE nest build (fixes TS2305 PropertyType)
- .dockerignore: remove apps/web + libs/ai-services exclusions (needed by Kaniko)
- CI: add pnpm db:generate step before lint/typecheck/build
Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com >
2026-04-13 15:31:08 +07:00
Ho Ngoc Hai
60830d00d0
feat(devops): improve multi-stage production Dockerfile for NestJS API
...
- Use pnpm deploy --prod for pruned production node_modules (smaller image)
- Add docker-entrypoint.sh with optional Prisma migration support (RUN_MIGRATIONS)
- Copy generated Prisma client explicitly into production stage
- Add OCI image labels for container registry metadata
- Update .dockerignore: exclude apps/web, libs/ai-services, agent configs, Python artifacts
- Add build directive + RUN_MIGRATIONS env to docker-compose.prod.yml
- Maintain non-root user, dumb-init signal handling, and healthcheck
Co-Authored-By: Paperclip <noreply@paperclip.ing >
2026-04-09 01:23:06 +07:00
Ho Ngoc Hai
767afb56d5
fix(docker): harden production deployment config for all services
...
- Add resource limits (memory/CPU) and reservations for all services
- Add security hardening: read_only, no-new-privileges, tmpfs for temp dirs
- Add missing prod services: loki, promtail, pg-backup from dev compose
- Fix API healthcheck to include catch() for proper exit codes
- Add json-file logging driver with rotation limits across all services
- Remove exposed PostgreSQL port in prod (internal only)
- Add shm_size for PostgreSQL shared memory
- Add non-root user (appuser) to AI services Dockerfile
- Add --chown=node:node to COPY directives in API/Web Dockerfiles
- Harden .dockerignore: exclude IDE files, OS files, docker-compose files
- Fix Redis URL to include password authentication
- Add JWT_REFRESH_SECRET to API environment
- Add Grafana dependency on Loki for log datasource
Co-Authored-By: Paperclip <noreply@paperclip.ing >
2026-04-08 13:44:44 +07:00
Ho Ngoc Hai
7c9f682046
feat(deploy): add production Dockerfiles and CI/CD pipeline
...
- Multi-stage Dockerfile for apps/api (NestJS) and apps/web (Next.js standalone)
- Production docker-compose.prod.yml with all services, health checks, and security
- Real deploy.yml pipeline: build → push to GHCR → deploy staging/production
- .dockerignore for optimized build context
- Enable Next.js standalone output mode
Co-Authored-By: Paperclip <noreply@paperclip.ing >
2026-04-08 04:03:27 +07:00
