docs: sync from backend 55321c0 — restore build procedure

This commit is contained in:
Siavash Sameni
2026-06-07 14:26:50 +04:00
parent d93b48916d
commit c5aecb4130
2 changed files with 18 additions and 10 deletions

View File

@@ -12,6 +12,16 @@ entries on top. Maintained by agents per the rule in `../AGENTS.md`.
---
### 2026-06-07 — backend@55321c0, frontend@525d50a — restore last-green Woodpecker build procedure
**Commits:** `55321c0` `525d50a`
**Touched:** backend `Dockerfile.prod`, `.woodpecker/production.yml`, `package.json`, `package-lock.json`; frontend `.woodpecker/production.yml`, `Dockerfile`, `package.json`; docs `09 - Audits/Activity Log.md`, `11 - Testing/Smoke and Regression Procedure.md`
**Why:** Restore backend build/deploy procedure to match the last successful backend build at `5d7d2af` and restore the paired frontend production build shape from `ade7352`. The prior Docker cleanup/prune hardening commits were too broad for the CI authentication/storage investigation and have been superseded. Backend again uses the original two-stage Dockerfile with builder `npm ci`, transpile, production `npm ci --omit=dev`, and `dist` copy. Backend/frontend Woodpecker production pipelines again run the simple local Docker build and compose deploy without cleanup blocks.
**Verification:** backend/frontend `woodpecker-cli lint .woodpecker/production.yml`; backend production build files diff clean against `5d7d2af`; frontend production build files diff clean against `ade7352` except `NEXT_PUBLIC_APP_VERSION`; backend/frontend scoped `git diff --check`; backend/frontend version metadata confirmed at v2.9.42. Woodpecker backend `#93` passed clone, typecheck, build-and-deploy, and notify; frontend `#86` passed clone, build-and-deploy, and notify.
**Linked docs updated:** [[11 - Testing/Smoke and Regression Procedure]]
---
### 2026-06-07 — backend@9363d8c, frontend@03025c8 — Woodpecker Docker ENOSPC cleanup hardening
**Commits:** `e2c74f9` `d640ec1` `9363d8c` `03025c8`

View File

@@ -120,13 +120,11 @@ layer. For a faster local isolation check, create a temporary Dockerfile from th
production Dockerfile through the Yarn install `RUN` block, then append:
```dockerfile
RUN test -d node_modules/country-flag-icons && test ! -d /root/.yarn/v6
RUN test -d node_modules/country-flag-icons
```
The expected install command uses a locked BuildKit Yarn cache, a Yarn mutex,
`--frozen-lockfile`, and `--link-duplicates`; the layer must clear `/root/.yarn`
before and after install so stale Yarn v6 cache contents do not exhaust builder
disk while copying packages such as `country-flag-icons`.
and `--frozen-lockfile`, matching the last known green production build shape.
Scanner focus:
@@ -158,12 +156,12 @@ woodpecker-cli pipeline log show 5 <pipeline-number> build-and-deploy
```
The backend and frontend production pipelines run local Docker builds on the
arm64 agent. Their cleanup block must remain serialized with
`/opt/escrow-dev/.ci-docker-prune.lock`, must avoid Docker volume pruning, and
must wrap old-image/build-cache pruning in `timeout` so the agent cannot hang in
cleanup. If a killed pipeline still shows a step as `running`, queued builds may
stay pending until the Woodpecker agent process or the stuck Docker prune process
is restarted on the host.
arm64 agent and should retain the last-green simple build shape unless a scoped
CI change is explicitly approved. Do not add Docker prune/cleanup blocks to the
production pipelines as a first response; inspect the host and clear space
operationally. If a killed pipeline still shows a step as `running`, queued
builds may stay pending until the Woodpecker agent process or the stuck Docker
process is restarted on the host.
Poll latest pipelines by repo id: