diff --git a/.gitea/workflows/docker-publish.yaml b/.gitea/workflows/docker-publish.yaml index 3966365e..c31167fa 100644 --- a/.gitea/workflows/docker-publish.yaml +++ b/.gitea/workflows/docker-publish.yaml @@ -76,6 +76,10 @@ jobs: if: matrix.service == 'web-app' run: | chmod +x gradlew + # Zuerst ALLES löschen, um Stand vom März zu eliminieren + ./gradlew :frontend:shells:meldestelle-web:clean + + # Neu bauen mit explizitem Production-Flag ./gradlew :frontend:shells:meldestelle-web:wasmJsBrowserDistribution \ -Pproduction=true \ --max-workers=4 \ @@ -86,26 +90,16 @@ jobs: run: | set -e DIST_DIR="frontend/shells/meldestelle-web/build/dist/wasmJs/productionExecutable" - if [ ! -d "$DIST_DIR" ]; then - echo "❌ Erwarteter Build-Ordner nicht gefunden: $DIST_DIR" >&2 - echo "Hinweis: Prüfe Gradle-Ausgabe und Modulpfad (:frontend:shells:meldestelle-web)" >&2 - ls -la frontend/shells/meldestelle-web/build || true + + # Sicherheitscheck: Wenn die index.html älter als 5 Minuten ist, Build abbrechen + if [ $(find "$DIST_DIR/index.html" -mmin +5) ]; then + echo "❌ FEHLER: Build-Artefakte sind veraltet! März-Leiche erkannt." exit 1 fi + mkdir -p config/docker/caddy/web-app/_site rsync -a --delete "$DIST_DIR/" config/docker/caddy/web-app/_site/ - echo "✓ Assets gestaged: config/docker/caddy/web-app/_site" - ls -la config/docker/caddy/web-app/_site | sed -n '1,200p' - - # Pangolin-Bypass: Credentials direkt in config.json schreiben. - # Kein "docker login" → kein Daemon-Ping → kein HTTPS-Fehler. - # BuildKit liest ~/.docker/config.json und verwendet diese Credentials beim Push. -# - name: Registry-Credentials konfigurieren (kein Daemon-Kontakt) -# run: | -# mkdir -p ~/.docker -# AUTH=$(echo -n "${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_TOKEN }}" | base64 -w 0) -# printf '{"auths":{"%s":{"auth":"%s"}}}\n' "${{ env.REGISTRY_INTERNAL }}" "${AUTH}" > ~/.docker/config.json -# echo "✓ Credentials für ${{ env.REGISTRY_INTERNAL }} gespeichert" + echo "✓ Frische Assets vom $(date) gestaged." # NEU (sauber, nach daemon.json-Fix): - name: Login to Gitea Registry diff --git a/dc-planb.yaml b/dc-planb.yaml index e9669235..df8f89f1 100644 --- a/dc-planb.yaml +++ b/dc-planb.yaml @@ -11,7 +11,7 @@ services: API_BASE_URL: ${API_BASE_URL:-https://api.mo-code.at} MAIL_SERVICE_URL: ${MAIL_SERVICE_URL:-https://api.mo-code.at/mail} ports: - - "${WEB_APP_PORT:-8080:80}" # per .env steuerbar, Standard http://:8080 + - "${WEB_APP_PORT:-4000:4000}" networks: [meldestelle-network] # --- Mail-Service (Plan-B: Form -> E-Mail) --- @@ -23,6 +23,10 @@ services: # Server-Port im Container (Spring Boot) SERVER_PORT: ${SERVER_PORT:-8085} + # Plan-B: Zipkin-Fehler unterdrücken + MANAGEMENT_TRACING_ENABLED: "false" + SPRING_ZIPKIN_ENABLED: "false" + # SMTP (World4You - PROD) SPRING_MAIL_HOST: ${SPRING_MAIL_HOST:-smtp.world4you.com} SPRING_MAIL_PORT: ${SPRING_MAIL_PORT:-587}