Improve RAG recall: more chunks, synonym expansion #41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Push Portfolio Images | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GHCR_TOKEN }} | |
| # IMPORTANT: NEXT_PUBLIC_* vars are build-time only in Next.js! | |
| # They get embedded into the JS bundle during build. | |
| # Set NEXT_PUBLIC_API_URL secret in GitHub repo settings, or change the default below. | |
| # This should be the URL where users' browsers can reach the backend API. | |
| - name: Build frontend image | |
| run: | | |
| API_URL="${{ secrets.NEXT_PUBLIC_API_URL }}" | |
| if [ -z "$API_URL" ]; then | |
| API_URL="https://portfolio-api.medevs.local" | |
| fi | |
| echo "Building frontend with API_URL: ${API_URL}" | |
| docker build \ | |
| --build-arg NEXT_PUBLIC_API_URL=${API_URL} \ | |
| -t ghcr.io/${{ github.repository_owner }}/portfolio-frontend:latest \ | |
| ./frontend | |
| - name: Push frontend image | |
| run: | | |
| docker push ghcr.io/${{ github.repository_owner }}/portfolio-frontend:latest | |
| # Build backend:base WITHOUT Docling (fits in GitHub runner disk space) | |
| # Homelab will extend this with Docling layer | |
| - name: Build and push backend base image | |
| run: | | |
| docker build \ | |
| --build-arg USE_DOCLING=false \ | |
| -t ghcr.io/${{ github.repository_owner }}/portfolio-backend:base \ | |
| ./backend | |
| docker push ghcr.io/${{ github.repository_owner }}/portfolio-backend:base | |
| deploy: | |
| runs-on: self-hosted | |
| needs: build-and-push | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Deploy to homelab | |
| run: | | |
| set -e | |
| cd ~/projects/local-smart-portfolio | |
| echo "📦 Pulling latest code from GitHub..." | |
| git pull origin main | |
| echo "� Updating environment variables for Langfuse..." | |
| LF_HOST="${{ secrets.LANGFUSE_HOST }}" | |
| if [ -z "$LF_HOST" ]; then LF_HOST="http://langfuse:3000"; fi | |
| touch .env | |
| sed -i '/^LANGFUSE_/d' .env | |
| printf "LANGFUSE_ENABLED=true\n" >> .env | |
| printf "LANGFUSE_PUBLIC_KEY=%s\n" "${{ secrets.LANGFUSE_PUBLIC_KEY }}" >> .env | |
| printf "LANGFUSE_SECRET_KEY=%s\n" "${{ secrets.LANGFUSE_SECRET_KEY }}" >> .env | |
| printf "LANGFUSE_HOST=%s\n" "$LF_HOST" >> .env | |
| if [ -n "${{ secrets.LANGFUSE_NEXTAUTH_SECRET }}" ]; then printf "LANGFUSE_NEXTAUTH_SECRET=%s\n" "${{ secrets.LANGFUSE_NEXTAUTH_SECRET }}" >> .env; fi | |
| if [ -n "${{ secrets.LANGFUSE_SALT }}" ]; then printf "LANGFUSE_SALT=%s\n" "${{ secrets.LANGFUSE_SALT }}" >> .env; fi | |
| if [ -n "${{ secrets.LANGFUSE_ENCRYPTION_KEY }}" ]; then printf "LANGFUSE_ENCRYPTION_KEY=%s\n" "${{ secrets.LANGFUSE_ENCRYPTION_KEY }}" >> .env; fi | |
| if [ -n "${{ secrets.LANGFUSE_NEXTAUTH_URL }}" ]; then printf "LANGFUSE_NEXTAUTH_URL=%s\n" "${{ secrets.LANGFUSE_NEXTAUTH_URL }}" >> .env; fi | |
| echo "📥 Pulling images from GHCR..." | |
| docker compose -f docker-compose.yml -f docker-compose.homelab.yml --profile observability pull frontend | |
| docker pull ghcr.io/${{ github.repository_owner }}/portfolio-backend:base | |
| echo "🔨 Building backend with Docling FROM base image..." | |
| docker compose -f docker-compose.yml -f docker-compose.homelab.yml build \ | |
| --build-arg BASE_IMAGE=ghcr.io/${{ github.repository_owner }}/portfolio-backend:base \ | |
| --build-arg USE_DOCLING=true \ | |
| backend celery-worker | |
| echo "🔄 Recreating containers with homelab overrides..." | |
| # The ollama-init service will automatically pull required models | |
| # (llama3.2:3b for LLM, nomic-embed-text for embeddings) | |
| # --profile observability enables Langfuse tracing services | |
| docker compose -f docker-compose.yml -f docker-compose.homelab.yml --profile observability up -d --force-recreate | |
| echo "📋 Checking ollama-init logs..." | |
| docker compose -f docker-compose.yml -f docker-compose.homelab.yml --profile observability logs ollama-init || true | |
| echo "🗄️ Running database migrations..." | |
| # Wait for backend to be healthy before running migrations | |
| sleep 10 | |
| docker compose -f docker-compose.yml -f docker-compose.homelab.yml exec -T backend alembic upgrade head || { | |
| echo "⚠️ Migration failed, backend may need restart" | |
| } | |
| echo "🧹 Cleaning up old images..." | |
| docker image prune -f | |
| echo "✅ Deployment complete!" |