34 lines
2.7 KiB
Markdown
34 lines
2.7 KiB
Markdown
---
|
|
name: Phase 1 task 1.8 decisions
|
|
description: Key implementation decisions and divergences from spec made during task 1.8 (Gitea CI dry-run workflow)
|
|
type: project
|
|
---
|
|
|
|
# Phase 1 task 1.8 — Gitea CI dry-run workflow decisions
|
|
|
|
## Core decisions
|
|
|
|
**No `docker/build-push-action`**: Used plain `docker build -t trm-directus:ci .` instead of `docker/build-push-action`.
|
|
**Why**: `build-push-action` with the docker-container Buildx driver exports the image into a separate buildkitd cache that is NOT accessible to a subsequent `docker run`. The dry-run step needs the image in the local Docker daemon. The processor workflow uses `build-push-action` but it has no post-build dry-run step.
|
|
**How to apply**: Any Directus workflow variant that needs to run the image after building must use plain `docker build`, not `build-push-action`.
|
|
|
|
**`--network host` + `DB_HOST=localhost`**: Service container is bound via `ports: ['5432:5432']` to the runner's loopback (127.0.0.1:5432). The `docker run` container uses `--network host` to share that namespace, making Postgres reachable as `localhost:5432`.
|
|
**Why**: The spec draft had a bug — it used `--network host` but set `DB_HOST: postgres`. With host networking, service containers are NOT reachable by their service name; only `localhost` works. The service name (`postgres`) is only resolvable in bridge-network mode.
|
|
**How to apply**: Always use `DB_HOST=localhost` when pairing `--network host` with a `services:` port-mapped container.
|
|
|
|
**`health-retries 20`**: Raised from spec's default of 10.
|
|
**Why**: The timescaledb-ha image has a slower startup than plain postgres (init script runs TimescaleDB preload). 10 retries at 5s = 50s max wait; 20 retries = 100s, safer margin.
|
|
|
|
**Portainer step uses `curl -fsS`**: Added `-f` (fail on HTTP error) and `-sS` (silent but show errors).
|
|
**Why**: Bare `curl -X POST` exits 0 even on a 4xx/5xx response. `-f` makes curl exit non-zero on server errors, so a misconfigured webhook URL surfaces as a workflow failure rather than a silent no-op.
|
|
|
|
**`--health-cmd` includes `-d directus`**: Spec draft had `pg_isready -U directus` without `-d directus`. Added the `-d` flag for precision.
|
|
|
|
**Deliberate divergences from processor workflow**:
|
|
- No `actions/setup-node`, no `corepack enable`, no `pnpm install` — Directus is not a Node project; no TypeScript to compile or test.
|
|
- No `docker/setup-buildx-action` — Buildx with docker-container driver sequesters images from `docker run`.
|
|
- No typecheck/lint/test steps — Phase 1 has no extensions. Phase 5 will add these.
|
|
- Added `services:` block — processor has no service dependency.
|
|
- Separate build + dry-run + push steps instead of single `build-push-action`.
|
|
- `runs-on: ubuntu-22.04` (pinned) vs processor's `ubuntu-latest` (floating).
|