feat: Sprint 0 — CI/CD pipeline, production Docker, health checks

CI Pipeline (.github/workflows/ci.yml): - 5 jobs: typecheck, lint, test, build, e2e (parallel where possible) - PostgreSQL 16 + Redis 7 service containers for test/e2e - pnpm store, Turborepo, Playwright browser caching - Concurrency groups cancel in-progress runs Production Docker: - Dockerfile.prod: 3-stage build (deps → build → runtime ~150MB) - docker-compose.prod.yml: postgres + redis + app with health checks - .dockerignore for fast builds - next.config.ts: output: "standalone" for minimal runtime Health Check Endpoints: - GET /api/health — liveness probe (200 OK, no deps) - GET /api/ready — readiness probe (postgres + redis connectivity) Documentation: - docs/ci-cd-manual.md — full pipeline manual with troubleshooting - plan.md — Product Owner strategic plan (bottlenecks, growth, automation) Co-Authored-By: claude-flow <ruv@ruv.net>
2026-03-19 20:33:18 +01:00
parent c02f453679
commit 0d78fe1770
9 changed files with 1070 additions and 210 deletions
@@ -0,0 +1,80 @@
+# ============================================================
+# Stage 1: Install dependencies
+# ============================================================
+FROM node:20-bookworm-slim AS deps
+
+RUN apt-get update -y && apt-get install -y openssl && rm -rf /var/lib/apt/lists/*
+RUN npm install -g pnpm@9.14.2
+
+WORKDIR /app
+
+# Copy workspace manifests first for better layer caching
+COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
+COPY tooling/ ./tooling/
+COPY packages/shared/package.json ./packages/shared/
+COPY packages/db/package.json ./packages/db/
+COPY packages/engine/package.json ./packages/engine/
+COPY packages/staffing/package.json ./packages/staffing/
+COPY packages/application/package.json ./packages/application/
+COPY packages/api/package.json ./packages/api/
+COPY packages/ui/package.json ./packages/ui/
+COPY apps/web/package.json ./apps/web/
+
+RUN pnpm install --frozen-lockfile
+
+# ============================================================
+# Stage 2: Build the application
+# ============================================================
+FROM node:20-bookworm-slim AS builder
+
+RUN apt-get update -y && apt-get install -y openssl && rm -rf /var/lib/apt/lists/*
+RUN npm install -g pnpm@9.14.2
+
+WORKDIR /app
+
+# Copy installed dependencies from stage 1
+COPY --from=deps /app/ ./
+
+# Copy all source code
+COPY . .
+
+# Generate Prisma client
+RUN pnpm --filter @planarchy/db db:generate
+
+# Build the Next.js application
+ENV NEXT_TELEMETRY_DISABLED=1
+ENV NODE_ENV=production
+RUN pnpm --filter @planarchy/web build
+
+# ============================================================
+# Stage 3: Production runtime
+# ============================================================
+FROM node:20-bookworm-slim AS runner
+
+RUN apt-get update -y && apt-get install -y openssl curl && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /app
+
+ENV NODE_ENV=production
+ENV NEXT_TELEMETRY_DISABLED=1
+ENV HOSTNAME=0.0.0.0
+ENV PORT=3000
+
+RUN addgroup --system --gid 1001 nodejs && \
+    adduser --system --uid 1001 nextjs
+
+# Copy the standalone output (includes server.js and node_modules)
+COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/standalone ./
+
+# Copy static assets and public files
+COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/static ./apps/web/.next/static
+COPY --from=builder --chown=nextjs:nodejs /app/apps/web/public ./apps/web/public
+
+USER nextjs
+
+EXPOSE 3000
+
+HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=3 \
+  CMD curl -f http://localhost:3000/api/health || exit 1
+
+CMD ["node", "apps/web/server.js"]