Skip to content

Commit 99908b6

Browse files
baijumclaude
andcommitted
ci: add caching, test reliability, per-app credentials, and BuildKit cache
- Add .dockerignore to reduce Docker build context - Add pip caching and BuildKit cache mounts for faster builds - Make tests non-optional (must pass if they exist) - Add per-app credentials block to deploy.yml - Add continue-on-error to validate.yml platform checkout Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 8854289 commit 99908b6

4 files changed

Lines changed: 42 additions & 2 deletions

File tree

.dockerignore

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
.git
2+
.github
3+
.claude
4+
__pycache__
5+
*.pyc
6+
.pytest_cache
7+
.env
8+
.env.*
9+
docs/
10+
plans/
11+
*.md
12+
!requirements.txt

.github/workflows/deploy.yml

Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,12 +13,17 @@ jobs:
1313
- uses: actions/setup-python@v5
1414
with:
1515
python-version: "3.12"
16+
cache: 'pip'
1617

1718
- name: Run tests
1819
run: |
1920
pip install -r requirements.txt
2021
pip install pytest
21-
pytest --tb=short || echo "No tests found, skipping"
22+
if python -m pytest --collect-only -q 2>/dev/null | grep -q "test"; then
23+
pytest --tb=short
24+
else
25+
echo "No tests found, skipping"
26+
fi
2227
2328
- name: Deploy to server
2429
uses: appleboy/ssh-action@v1
@@ -44,6 +49,25 @@ jobs:
4449
|| docker compose -f /opt/platform/docker-compose.yml exec -T postgres \
4550
psql -U postgres -c "CREATE DATABASE ${APP_DB}"
4651
52+
# Source per-app credentials and update deploy/.env if available
53+
CREDENTIALS_FILE="/opt/platform/credentials/${APP_NAME}.env"
54+
if [ -f "$CREDENTIALS_FILE" ]; then
55+
echo "Using per-app credentials from $CREDENTIALS_FILE"
56+
source "$CREDENTIALS_FILE"
57+
# Update DATABASE_URL with per-app user credentials
58+
sed -i "s|^DATABASE_URL=.*|DATABASE_URL=postgresql://${DB_USER}:${DB_PASSWORD}@postgres:5432/${APP_DB}|" deploy/.env
59+
# Update S3 credentials with per-app MinIO user
60+
sed -i "s|^S3_ACCESS_KEY=.*|S3_ACCESS_KEY=${S3_ACCESS_KEY}|" deploy/.env
61+
sed -i "s|^S3_SECRET_KEY=.*|S3_SECRET_KEY=${S3_SECRET_KEY}|" deploy/.env
62+
# Update S3 bucket name
63+
sed -i "s|^S3_BUCKET=.*|S3_BUCKET=${APP_NAME}-uploads|" deploy/.env
64+
echo "deploy/.env updated with per-app credentials"
65+
else
66+
echo "WARNING: Per-app credentials not found at $CREDENTIALS_FILE"
67+
echo "Run create-app-credentials.sh ${APP_NAME} for isolated credentials."
68+
echo "Falling back to existing deploy/.env credentials."
69+
fi
70+
4771
# Build and start app containers (project name = app name for predictable container names)
4872
docker compose -p ${APP_NAME} -f deploy/docker-compose.yml up -d --build
4973

.github/workflows/validate.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,8 @@ jobs:
1818
with:
1919
repository: towlion/platform
2020
path: _platform
21+
continue-on-error: true
2122

2223
- name: Run spec validator
24+
if: success()
2325
run: python _platform/validator/validate.py --tier 2 --dir .

app/Dockerfile

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,13 @@
1+
# syntax=docker/dockerfile:1
12
FROM python:3.11-slim AS base
23

34
RUN apt-get update && apt-get install -y --no-install-recommends curl && rm -rf /var/lib/apt/lists/*
45

56
WORKDIR /app
67

78
COPY requirements.txt .
8-
RUN pip install --no-cache-dir -r requirements.txt
9+
RUN --mount=type=cache,target=/root/.cache/pip \
10+
pip install -r requirements.txt
911

1012
COPY app/ ./app/
1113

0 commit comments

Comments
 (0)