feat(platform): harden access scoping and delivery baseline
This commit is contained in:
@@ -0,0 +1,41 @@
|
||||
# Deploy Tooling
|
||||
|
||||
This directory contains the additive deployment scaffold for the image-based CI/CD target path.
|
||||
|
||||
## Files
|
||||
|
||||
- `deploy-compose.sh`: pulls images, runs migrations, starts the app, and waits for readiness
|
||||
- `.env.production.example`: example host-side runtime configuration
|
||||
|
||||
## Host Layout
|
||||
|
||||
On the target host, the deploy directory should contain:
|
||||
|
||||
```text
|
||||
<deploy-path>/
|
||||
docker-compose.cicd.yml
|
||||
deploy.env
|
||||
.env.production
|
||||
tooling/deploy/deploy-compose.sh
|
||||
```
|
||||
|
||||
`deploy.env` is ephemeral and written by GitHub Actions for one deployment. `.env.production` stays on the host and contains the long-lived runtime secrets and app configuration.
|
||||
|
||||
## First Setup
|
||||
|
||||
1. Copy `tooling/deploy/.env.production.example` to the target host as `.env.production`.
|
||||
2. Fill in the required secrets and URLs.
|
||||
3. Ensure Docker Engine and Docker Compose v2 are installed.
|
||||
4. Ensure the target host can pull from `ghcr.io`.
|
||||
5. Run the image release workflow, then the staging or production deploy workflow with the same image tag.
|
||||
|
||||
## Manual Host Test
|
||||
|
||||
After the files are present on the host, the flow can be tested manually:
|
||||
|
||||
```bash
|
||||
set -a
|
||||
. ./deploy.env
|
||||
set +a
|
||||
bash tooling/deploy/deploy-compose.sh staging
|
||||
```
|
||||
Reference in New Issue
Block a user