4.8 KiB
CapaKraken CI/CD Manual
Overview
This is the operational runbook for the canonical CapaKraken delivery path:
- CI validates every PR.
- Every push to
mainpublishes immutable release images. - Staging deploys one
sha-<commit>tag. - Production promotes the same tag.
- The host never builds application code from Git.
1. CI Gate
The merge gate is ci.yml.
It covers:
- architecture guardrails
- typecheck
- lint
- unit tests
- build
- E2E
Before merging, all required checks must pass.
Useful local commands:
pnpm --filter @capakraken/web exec tsc --project tsconfig.typecheck.json --noEmit
pnpm lint
pnpm test:unit
pnpm --filter @capakraken/web exec next build
2. Image Release
release-image.yml runs automatically on every push to main.
It publishes:
ghcr.io/<owner>/<repo>-app:sha-<commit>ghcr.io/<owner>/<repo>-migrator:sha-<commit>
The workflow is also callable manually if a rebuild or tag override is needed.
3. Host Bootstrap
Each deploy target should have a dedicated directory such as /opt/capakraken containing:
docker-compose.prod.yml
.env.production
deploy.env
tooling/deploy/deploy-compose.sh
Use these examples from the repo:
Important host-side rules:
- keep
RATE_LIMIT_BACKEND=redis - keep runtime secrets in
.env.productionor the platform secret layer - do not rotate runtime secrets through admin settings
- ensure the host can pull from
ghcr.io
Generate a secure NEXTAUTH_SECRET with:
openssl rand -base64 32
4. Staging Deployment
Standard path:
- merge to
main - wait for release-image.yml to publish
sha-<commit> - run deploy-staging.yml with that tag
The workflow uploads:
- docker-compose.prod.yml
- tooling/deploy
- a short-lived
deploy.env
On the host, deploy-compose.sh:
- validates the rendered compose file
- pulls
APP_IMAGEandMIGRATOR_IMAGE - starts PostgreSQL and Redis
- runs Prisma migrations with the
migratorimage - starts the app
- waits for
GET /api/ready
5. Production Promotion
After staging is accepted:
- run deploy-prod.yml
- use the exact same
sha-<commit>tag - verify
GET /api/ready
Production must promote the already-tested image, not rebuild from source.
6. Manual Host Dry Run
If you need to verify the host outside GitHub Actions:
cp tooling/deploy/.env.production.example .env.production
cp tooling/deploy/deploy.env.example deploy.env
# fill in real secrets and image refs first
set -a
. ./deploy.env
set +a
bash tooling/deploy/deploy-compose.sh staging
7. Health Endpoints
GET /api/health
Process liveness only. Use it for coarse uptime checks.
GET /api/ready
Checks PostgreSQL and Redis connectivity. Use it for deploy readiness and traffic admission.
For deploys, /api/ready is the source of truth.
8. Rollback
Rollback is image-based:
- choose the previous healthy
sha-<commit> - rerun the staging or production deploy workflow with that tag
- confirm
GET /api/ready
Schema changes still need expand-and-contract discipline for rollback safety.
9. Troubleshooting
CI failure
Run the failing command locally:
pnpm --filter @capakraken/web exec tsc --project tsconfig.typecheck.json --noEmit
pnpm lint
pnpm test:unit
pnpm --filter @capakraken/web exec next build
Deploy fails before container start
Check the rendered compose configuration on the host:
docker compose -f docker-compose.prod.yml config -q
Then verify .env.production and deploy.env.
App never becomes ready
Check:
docker compose -f docker-compose.prod.yml ps
docker compose -f docker-compose.prod.yml logs --tail 200 app
curl -s http://127.0.0.1:${APP_HOST_PORT:-3000}/api/ready
Database migration failure
Inspect the migrator logs:
docker compose -f docker-compose.prod.yml run --rm migrator
Registry pull failure
Verify GHCR_USERNAME and GHCR_TOKEN, then test:
printf '%s\n' "$GHCR_TOKEN" | docker login ghcr.io -u "$GHCR_USERNAME" --password-stdin