docs: sync from backend 55321c0 — restore build procedure

This commit is contained in:
Siavash Sameni
2026-06-07 14:26:50 +04:00
parent d93b48916d
commit c5aecb4130
2 changed files with 18 additions and 10 deletions

View File

@@ -12,6 +12,16 @@ entries on top. Maintained by agents per the rule in `../AGENTS.md`.
--- ---
### 2026-06-07 — backend@55321c0, frontend@525d50a — restore last-green Woodpecker build procedure
**Commits:** `55321c0` `525d50a`
**Touched:** backend `Dockerfile.prod`, `.woodpecker/production.yml`, `package.json`, `package-lock.json`; frontend `.woodpecker/production.yml`, `Dockerfile`, `package.json`; docs `09 - Audits/Activity Log.md`, `11 - Testing/Smoke and Regression Procedure.md`
**Why:** Restore backend build/deploy procedure to match the last successful backend build at `5d7d2af` and restore the paired frontend production build shape from `ade7352`. The prior Docker cleanup/prune hardening commits were too broad for the CI authentication/storage investigation and have been superseded. Backend again uses the original two-stage Dockerfile with builder `npm ci`, transpile, production `npm ci --omit=dev`, and `dist` copy. Backend/frontend Woodpecker production pipelines again run the simple local Docker build and compose deploy without cleanup blocks.
**Verification:** backend/frontend `woodpecker-cli lint .woodpecker/production.yml`; backend production build files diff clean against `5d7d2af`; frontend production build files diff clean against `ade7352` except `NEXT_PUBLIC_APP_VERSION`; backend/frontend scoped `git diff --check`; backend/frontend version metadata confirmed at v2.9.42. Woodpecker backend `#93` passed clone, typecheck, build-and-deploy, and notify; frontend `#86` passed clone, build-and-deploy, and notify.
**Linked docs updated:** [[11 - Testing/Smoke and Regression Procedure]]
---
### 2026-06-07 — backend@9363d8c, frontend@03025c8 — Woodpecker Docker ENOSPC cleanup hardening ### 2026-06-07 — backend@9363d8c, frontend@03025c8 — Woodpecker Docker ENOSPC cleanup hardening
**Commits:** `e2c74f9` `d640ec1` `9363d8c` `03025c8` **Commits:** `e2c74f9` `d640ec1` `9363d8c` `03025c8`

View File

@@ -120,13 +120,11 @@ layer. For a faster local isolation check, create a temporary Dockerfile from th
production Dockerfile through the Yarn install `RUN` block, then append: production Dockerfile through the Yarn install `RUN` block, then append:
```dockerfile ```dockerfile
RUN test -d node_modules/country-flag-icons && test ! -d /root/.yarn/v6 RUN test -d node_modules/country-flag-icons
``` ```
The expected install command uses a locked BuildKit Yarn cache, a Yarn mutex, The expected install command uses a locked BuildKit Yarn cache, a Yarn mutex,
`--frozen-lockfile`, and `--link-duplicates`; the layer must clear `/root/.yarn` and `--frozen-lockfile`, matching the last known green production build shape.
before and after install so stale Yarn v6 cache contents do not exhaust builder
disk while copying packages such as `country-flag-icons`.
Scanner focus: Scanner focus:
@@ -158,12 +156,12 @@ woodpecker-cli pipeline log show 5 <pipeline-number> build-and-deploy
``` ```
The backend and frontend production pipelines run local Docker builds on the The backend and frontend production pipelines run local Docker builds on the
arm64 agent. Their cleanup block must remain serialized with arm64 agent and should retain the last-green simple build shape unless a scoped
`/opt/escrow-dev/.ci-docker-prune.lock`, must avoid Docker volume pruning, and CI change is explicitly approved. Do not add Docker prune/cleanup blocks to the
must wrap old-image/build-cache pruning in `timeout` so the agent cannot hang in production pipelines as a first response; inspect the host and clear space
cleanup. If a killed pipeline still shows a step as `running`, queued builds may operationally. If a killed pipeline still shows a step as `running`, queued
stay pending until the Woodpecker agent process or the stuck Docker prune process builds may stay pending until the Woodpecker agent process or the stuck Docker
is restarted on the host. process is restarted on the host.
Poll latest pipelines by repo id: Poll latest pipelines by repo id: