[comp] Production Deploy #1131
Merged
[comp] Production Deploy #1131
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Added core infrastructure files including `index.ts`, `Pulumi.yaml`, and `package.json`. - Created modules for building, configuring, networking, and managing containers, databases, and scaling. - Implemented GitHub OIDC integration for CI/CD. - Set up monitoring and logging with CloudWatch. - Included a `.gitignore` file to exclude unnecessary files. - Documented setup and deployment instructions in `README.md`.
- Changed application name to include project name for better context. - Updated context path to point to the new app directory.
…and SSO - Added new application configuration for the `@comp/infra` module in `bun.lock`. - Updated `yarn.lock` with new versions for `@aws-sdk/client-ecs` and `@aws-sdk/client-sso`. - Included additional dependencies for AWS SDK and Pulumi in the infrastructure setup.
- Removed unnecessary whitespace from various markdown files for improved readability. - Deleted legacy infrastructure files and build specifications that are no longer in use. - Updated TypeScript configuration for better clarity and consistency. - Adjusted README and contributing guidelines to streamline setup instructions.
- Moved `main`, `scripts`, and `devDependencies` sections to a more logical order. - Ensured consistency in the structure of the package.json file.
- Removed the optional domainName property from CommonConfig. - Updated environment variable usage to directly reference config values. - Simplified role naming in the GitHub OIDC module to include project name for better context. - Cleaned up environment-specific configurations by removing unused sections.
- Added functionality to check for an existing GitHub OIDC provider and use it if available. - Simplified the creation of a new OIDC provider with consistent naming and tagging. - Improved configuration management by introducing a flag for using an existing provider.
- Introduced a new buildspec.yml for managing the build process of the application, including Docker image creation and database migrations. - Added a deploy.sh script to automate the deployment process, including infrastructure updates and application builds. - Updated next.config.ts to support standalone output for Docker compatibility. - Enhanced infrastructure configuration to include new database settings and GitHub branch specification.
- Modified package paths in yarn.lock from workspace references to direct package references for better clarity and consistency. - Ensured all affected packages are updated to align with the new structure.
- Replaced multi-line heredoc syntax with echo commands for generating the Dockerfile.runtime, improving readability and maintainability. - Simplified the ECS service update command by using a single line with error handling for better clarity.
- Break down long cp commands into separate steps - Avoid YAML parsing issues with overly long command strings - Maintain same functionality with better readability
- Move CodeBuild VPC endpoint from public to private subnets - Move CloudWatch Logs VPC endpoint to private subnets - Add network debugging to buildspec for connectivity testing - CodeBuild runs in private subnets so endpoints need to be there too
- Add TCP connection test to database before migrations - Add network debugging information (CodeBuild private IP) - Help diagnose why DNS works but TCP connection fails
- Add explicit dependencies to security group rules - Add CIDR-based backup rule for private subnet access to database - Ensure CodeBuild can reach database via multiple rule types - Database IP 10.2.20.143 should be accessible from CodeBuild private subnets
- Change curl command to use fallback instead of failing build - Metadata service access is restricted in VPC mode (expected) - TCP connectivity is now working, allow build to continue to migrations
- Allow PULUMI_PROJECT_NAME to control resource naming - More intuitive: set PULUMI_PROJECT_NAME=mariano-test for comp-mariano-test-* resources - Simplified environment management
- Add AUTH_SECRET, RESEND_API_KEY, REVALIDATION_SECRET, NEXT_PUBLIC_PORTAL_URL - Follow same pattern as other env vars: validate and fail if not set - No fallback values - deployment will fail if variables are missing - Type-safe configuration following existing conventions
- Remove AUTH_SECRET, RESEND_API_KEY, etc. from infrastructure config - Infrastructure deployment no longer requires application environment variables - CodeBuild gets app env vars conditionally (only if set during deployment) - Added validation in buildspec.yml to fail build if app env vars missing - Proper separation: infra env vars for deployment, app env vars for runtime
- Infrastructure now reads app secrets from apps/app/.env instead of process.env - Added .env.example template in apps/app/ for required variables - Cleaner separation: app variables stay with the app - Infrastructure just reads and passes them to CodeBuild - Copy apps/app/.env.example to apps/app/.env and set your actual values
- Deleted the uploadSchema definition as it is no longer needed in the application. - Cleaned up the schema file for better maintainability and clarity.
- Add comprehensive debugging to show actual file structure in .next/standalone - Check for server.js, index.js, start.js and other entry points - Make Docker CMD flexible to handle different Next.js entry point names - Add package.json inspection to understand intended start script - Should resolve 'Cannot find module /app/server.js' ECS error
- Server.js is at apps/app/server.js due to monorepo standalone build - Update Docker CMD to check apps/app/server.js first - Resolves 'Cannot find module /app/server.js' ECS container error - Maintains fallback to standard paths for compatibility
- Create static Dockerfile in apps/app/ with proper configuration - Remove 24+ lines of echo statements from buildspec.yml - Simplify Docker build to single 'docker build -f Dockerfile' command - Improve maintainability and local development experience - Dockerfile is now version controlled and can be tested locally
…ment - Added steps to regenerate Prisma client in the app context for runtime compatibility. - Improved buildspec.yml with detailed logging for Prisma client generation and verification. - Introduced app secrets management in Pulumi, creating AWS Secrets Manager entries for application credentials. - Updated container creation to include application secrets in the ECS task definition. - Adjusted database connection string to include the password securely from the secrets manager.
…ching - Updated buildspec.yml to utilize parallel processing for dependency installation and TypeScript type checking. - Increased memory allocation for Node.js and optimized Docker build with parallel execution. - Added caching paths to improve build performance and reduce installation time. - Changed build instance type to accommodate larger resource requirements.
- Changed dependency references for multiple components to use workspace protocol. - Ensured consistency in versioning across packages for better management in monorepo structure.
- Bumped versions of @ai-sdk/openai, @aws-sdk/client-s3, @aws-sdk/client-securityhub, @aws-sdk/client-sso, @aws-sdk/client-sts, and other AWS SDK packages for improved functionality and security. - Enhanced buildspec.yml with detailed logging and checks for lockfile status during dependency installation. - Improved structure and clarity in the build process by adding echo statements for better visibility of the current working directory and repository structure.
…gation - Updated buildspec.yml to provide clearer logging for current working directory and repository structure. - Simplified lockfile checks and ensured proper navigation to the app directory during various build phases. - Added checks for the Prisma schema file to enhance error handling and visibility during the build process.
… locations - Updated buildspec.yml to include more comprehensive checks for the presence of the Prisma client in various directories. - Improved logging to provide clearer feedback on the status of the Prisma client during the build process. - Adjusted directory navigation logic to ensure correct copying of the Prisma client based on its location.
- Downgraded `fsevents` from version 2.3.3 to 2.3.2 in bun.lock and yarn.lock. - Removed `nodeMiddleware` option from Next.js configuration in apps/app/next.config.ts for cleaner setup. - Ensured consistency in dependency versions across the project.
[dev] [claudfuen] claudio/cleanup-private-packages
…dio/cleanup-private-packages
[dev] [claudfuen] claudio/cleanup-private-packages
Contributor
Author
❌ Unit Tests FailedTest OutputUnit tests failed. Please check the workflow logs for details. Common Issues
💡 Tip: Run |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Bugbot free trial expires on July 29, 2025
Learn more in the Cursor dashboard.
- Renamed AWS environment variables in .env.example and related files to use the APP_ prefix for clarity and consistency. - Updated references in the S3 client configuration and deleteComment action to align with the new naming convention.
[dev] [claudfuen] claudio/cleanup-private-packages
- Introduced new GitHub Actions workflows for E2E tests, quick tests, and unit tests. - Configured workflows to run on pull requests and pushes to main and release branches. - Set up caching for dependencies and build artifacts to optimize workflow performance. - Implemented database services for testing environments and included steps for Prisma client generation and migrations. - Added detailed logging and reporting for test results, including posting summaries to pull requests.
[dev] [claudfuen] claudio/cleanup-private-packages
Contributor
|
🎉 This PR is included in version 1.51.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.