Hartmut
b41c1d2501
CI / Architecture Guardrails (push) Successful in 2m38s
CI / Assistant Split Regression (push) Successful in 3m33s
CI / Typecheck (push) Successful in 3m51s
CI / Lint (push) Successful in 5m2s
CI / E2E Tests (push) Has been cancelled
CI / Fresh-Linux Docker Deploy (push) Has been cancelled
CI / Release Images (push) Has been cancelled
CI / Build (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
rename(phase 1): CapaKraken → Nexus across code, UI, docs, CI (#61) Co-authored-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com> Co-committed-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com>
73 lines
3.0 KiB
Bash
73 lines
3.0 KiB
Bash
#!/bin/sh
|
|
set -eu
|
|
|
|
# Wait for postgres to be ready before running migrations
|
|
echo "Waiting for postgres..."
|
|
until pg_isready -h "${POSTGRES_HOST:-postgres}" -p "${POSTGRES_PORT:-5432}" -q; do
|
|
sleep 1
|
|
done
|
|
echo "Postgres is ready."
|
|
|
|
# The bind mount (.:/app) provides workspace-level node_modules symlinks from
|
|
# the *host*, but those symlinks target the root node_modules/.pnpm store.
|
|
# Inside the container, /app/node_modules is a named volume whose pnpm
|
|
# content-addressable hashes may differ from the host's. Re-running install
|
|
# regenerates the workspace symlinks so they resolve against the container's
|
|
# pnpm store. --frozen-lockfile ensures no lock changes; --prefer-offline
|
|
# avoids network round-trips when packages are already cached in the volume.
|
|
# CI=true suppresses interactive prompts (e.g. "reinstall from scratch?")
|
|
CI=true pnpm install --frozen-lockfile
|
|
|
|
# Regenerate Prisma client (needed after bind-mount overlays the image layer)
|
|
pnpm --filter @nexus/db db:generate
|
|
|
|
# Sync full schema to the DB first. The files under prisma/migrations/ are
|
|
# idempotent SUPPLEMENTS (see "IF NOT EXISTS" guards in each migration.sql);
|
|
# they assume the base tables already exist from a prior `db push`. On a
|
|
# fresh DB, migrate deploy alone would fail because the first incremental
|
|
# migration references "users" before it exists.
|
|
pnpm --filter @nexus/db exec prisma db push --schema ./prisma/schema.prisma --accept-data-loss --skip-generate
|
|
|
|
# After db push the schema matches schema.prisma exactly, but the
|
|
# _prisma_migrations table is empty, which makes `migrate deploy` fail
|
|
# with P3005 ("schema is not empty"). Baseline each migration as applied
|
|
# so deploy sees a clean slate; the migrations themselves are idempotent
|
|
# supplements (IF NOT EXISTS guards), so marking-as-applied is safe.
|
|
for m in packages/db/prisma/migrations/*/; do
|
|
name=$(basename "$m")
|
|
pnpm --filter @nexus/db exec prisma migrate resolve \
|
|
--applied "$name" --schema ./prisma/schema.prisma || true
|
|
done
|
|
|
|
# Run pending migrations so a fresh checkout picks up incremental additions
|
|
pnpm --filter @nexus/db db:migrate:deploy
|
|
|
|
pnpm check:exports
|
|
pnpm check:imports
|
|
|
|
repo_home="/tmp/nexus-dev-home"
|
|
|
|
# Cross-platform stat: GNU stat uses -c, BSD/macOS stat uses -f
|
|
if stat -c '%u' /app >/dev/null 2>&1; then
|
|
repo_uid="$(stat -c '%u' /app)"
|
|
repo_gid="$(stat -c '%g' /app)"
|
|
else
|
|
repo_uid="$(stat -f '%u' /app)"
|
|
repo_gid="$(stat -f '%g' /app)"
|
|
fi
|
|
|
|
mkdir -p /app/apps/web/.next
|
|
mkdir -p "$repo_home/.config/pnpm"
|
|
chown -R "$repo_uid:$repo_gid" /app/apps/web/.next
|
|
chown -R "$repo_uid:$repo_gid" "$repo_home"
|
|
|
|
# Cross-platform privilege drop: setpriv (Linux) or su (macOS/BSD)
|
|
if command -v setpriv >/dev/null 2>&1; then
|
|
exec setpriv --reuid="$repo_uid" --regid="$repo_gid" --clear-groups \
|
|
env HOME="$repo_home" XDG_CONFIG_HOME="$repo_home/.config" \
|
|
pnpm --filter @nexus/web exec next dev -H 0.0.0.0 -p 3100
|
|
else
|
|
exec su -s /bin/sh "#${repo_uid}" -c \
|
|
"HOME='$repo_home' XDG_CONFIG_HOME='$repo_home/.config' pnpm --filter @nexus/web exec next dev -H 0.0.0.0 -p 3100"
|
|
fi
|