diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d683535..81f30b7 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -21,6 +21,8 @@ default: after_script: - echo "Fixing file permissions..." - sudo chown -R gitlab-runner:gitlab-runner "$DEPLOY_PATH" 2>/dev/null || true + # Keep data directories owned by container user + - sudo chown -R 1001:1001 "$DEPLOY_PATH/data/backups" "$DEPLOY_PATH/data/documents" 2>/dev/null || true # Validate Stage - Check prerequisites validate: @@ -73,26 +75,30 @@ deploy: - echo "Deploying MotoVaultPro..." - echo "==========================================" - cd "$DEPLOY_PATH" - - echo "Step 1/7 Injecting secrets..." + - echo "Step 1/8 Initializing data directories..." + - mkdir -p data/backups data/documents + - sudo chown -R 1001:1001 data/backups data/documents + - chmod 755 data/backups data/documents + - echo "Step 2/8 Injecting secrets..." - chmod +x scripts/inject-secrets.sh - ./scripts/inject-secrets.sh - - echo "Step 2/7 Stopping existing services..." + - echo "Step 3/8 Stopping existing services..." - docker compose -f $DOCKER_COMPOSE_FILE -f $DOCKER_COMPOSE_PROD_FILE down --timeout 30 || true - - echo "Step 3/7 Pulling base images..." + - echo "Step 4/8 Pulling base images..." - docker compose -f $DOCKER_COMPOSE_FILE pull - - echo "Step 4/7 Starting database services..." + - echo "Step 5/8 Starting database services..." - docker compose -f $DOCKER_COMPOSE_FILE -f $DOCKER_COMPOSE_PROD_FILE up -d mvp-postgres mvp-redis - echo "Waiting for database to be ready..." - sleep 15 - - echo "Step 5/7 Running database migrations..." + - echo "Step 6/8 Running database migrations..." - docker compose -f $DOCKER_COMPOSE_FILE run --rm mvp-backend npm run migrate || echo "Migration skipped" - - echo "Step 6/7 Vehicle catalog data..." + - echo "Step 7/8 Vehicle catalog data..." # Schema and data now loaded via standard migration system # Migration runner handles table creation and data loading automatically - echo "Vehicle catalog loaded via platform feature migration" - echo "Flushing Redis cache..." - docker exec mvp-redis redis-cli FLUSHALL - - echo "Step 7/7 Starting all services..." + - echo "Step 8/8 Starting all services..." - docker compose -f $DOCKER_COMPOSE_FILE -f $DOCKER_COMPOSE_PROD_FILE up -d - echo "Waiting for services to initialize..." - sleep 30 diff --git a/backend/Dockerfile b/backend/Dockerfile index 1782863..6dfcf45 100644 --- a/backend/Dockerfile +++ b/backend/Dockerfile @@ -51,6 +51,10 @@ RUN mkdir -p /app/migrations/features /app/migrations/core COPY --from=builder /app/src/features /app/migrations/features COPY --from=builder /app/src/core /app/migrations/core +# Copy entrypoint script for permission checks +COPY scripts/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh +RUN chmod +x /usr/local/bin/docker-entrypoint.sh + # Change ownership to non-root user RUN chown -R nodejs:nodejs /app @@ -64,8 +68,8 @@ EXPOSE 3001 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ CMD node -e "require('http').get('http://localhost:3001/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1) }).on('error', () => process.exit(1))" -# Use dumb-init for proper signal handling -ENTRYPOINT ["dumb-init", "--"] +# Use dumb-init with entrypoint for permission checks +ENTRYPOINT ["dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"] # Run production application with auto-migrate (idempotent) CMD ["sh", "-lc", "node dist/_system/migrations/run-all.js && npm start"] diff --git a/backend/scripts/docker-entrypoint.sh b/backend/scripts/docker-entrypoint.sh new file mode 100755 index 0000000..ac5353b --- /dev/null +++ b/backend/scripts/docker-entrypoint.sh @@ -0,0 +1,32 @@ +#!/bin/sh +# docker-entrypoint.sh +# Ensures data directories have correct permissions on container startup + +set -e + +echo "Checking data directory permissions..." + +# Directories that need to be writable by nodejs user (UID 1001) +DATA_DIRS="/app/data/backups /app/data/documents" + +for dir in $DATA_DIRS; do + if [ ! -d "$dir" ]; then + echo "Creating directory: $dir" + mkdir -p "$dir" + fi + + # Check if we can write to the directory + if ! touch "$dir/.write-test" 2>/dev/null; then + echo "WARNING: Cannot write to $dir" + echo "This may cause backup/document operations to fail" + echo "Fix: Run 'sudo chown -R 1001:1001 ./data' on the host" + else + rm "$dir/.write-test" + fi +done + +echo "Permission checks complete" +echo "Starting application..." + +# Execute the CMD from Dockerfile +exec "$@" diff --git a/docs/PROMPTS.md b/docs/PROMPTS.md index 774bfe2..01dc660 100644 --- a/docs/PROMPTS.md +++ b/docs/PROMPTS.md @@ -22,15 +22,16 @@ You are a senior software engineer specializsing in NodeJS, Typescript, front en - Make no assumptions. - Ask clarifying questions. - Ultrathink -- You will be fixing a bug with the vehicle catalog import function. +- You will be fixing a bug the system backup and restore function. *** CONTEXT *** - This is a modern web app for managing a vehicle fleet. It has both a desktop and mobile versions of the site that both need to maintain feature parity. It's currently deployed via docker compose but in the future will be deployed via k8s. - Read README.md CLAUDE.md and AI-INDEX.md and follow relevant instructions to understand this code repository in the context of this change. -- There is an error when you try and import this CSV file. -- Start with this file. data/vehicle-etl/gmc_2022_2026.csv -- The interface says everything is successful. -- I flushed all REDIS cache +- There are permission errors with the backup files. +- The backup directory is mapped from the filesystem of the host +- The app is deployed as the gitlab-runner user and group which is a different UID then the nodejs user +- Start with the files in this directory /Users/egullickson/Documents/Technology/coding/motovaultpro/backend/src/features/backup/api +- The docker file is located at /Users/egullickson/Documents/Technology/coding/motovaultpro/backend/Dockerfile *** CHANGES TO IMPLEMENT *** - Research this code base and ask iterative questions to compile a complete plan.