Add "Wait for backend health" step using docker exec to verify backend
is responding before attempting external health check. Matches staging
workflow pattern.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add Docker healthcheck loop to production verify-prod job matching
staging's 24 attempts x 10 seconds = 4 minutes max wait for backend
migrations.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Create generate-log-config.sh that maps a single LOG_LEVEL env var to
per-container settings for Backend, Frontend, PostgreSQL, Redis, and
Traefik. Script validates input and generates .env.logging file.
Integrate script into staging and production CI/CD pipelines.
Remove obsolete SPRINTS.md calendar file.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Backend with fresh migrations can take ~3 minutes to start.
Increased from 10x5s (50s) to 24x10s (240s) to accommodate.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add OCR image build/push to staging workflow
- Add OCR service with image override to staging compose
- Add OCR service with image override to blue-green compose
- Add OCR image pull/deploy to production workflow
- Include mvp-ocr-staging in health checks
The OCR container is a shared service (like postgres/redis),
not part of blue-green deployment.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The staging workflow was not copying docker-compose.yml to the server,
causing configuration changes (like Stripe secrets) to not take effect.
Added rsync step to sync config, scripts, and compose files before
deployment, matching the production workflow behavior.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add VITE_STRIPE_PUBLISHABLE_KEY to frontend Dockerfile build args
- Add VITE_STRIPE_PUBLISHABLE_KEY to docker-compose.yml build args
- Add :ro flag to backend Stripe secret volume mounts for consistency
- Update inject-secrets.sh with STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET
- Add Stripe secrets to staging.yaml workflow (build arg + inject step)
- Add Stripe secrets to production.yaml workflow (inject step)
Requires STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET secrets and
VITE_STRIPE_PUBLISHABLE_KEY variable to be configured in Gitea.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Root cause: switch-traffic.sh was modifying Traefik config in the CI checkout
directory ($GITHUB_WORKSPACE) instead of the deployment directory ($DEPLOY_PATH).
Additionally, the sed patterns didn't work with multi-line YAML structure.
Changes:
- Add DEPLOY_PATH environment variable support to all CI scripts
- Add --force-recreate flag to ensure containers are recreated with new images
- Fix weight update to use awk for reliable multi-line YAML editing
- Add scripts/ directory to rsync so SREs can run scripts from /opt/motovaultpro
- Add image verification step to confirm containers use expected images
- Add weight verification to confirm Traefik routing was updated
- Add routing validation step to verify traffic switch succeeded
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Root cause: switch-traffic.sh was modifying Traefik config in the CI checkout
directory ($GITHUB_WORKSPACE) instead of the deployment directory ($DEPLOY_PATH).
Traefik never saw the weight changes, so traffic stayed on old containers.
Changes:
- Add DEPLOY_PATH environment variable support to all CI scripts
- Add --force-recreate flag to ensure containers are recreated with new images
- Add image verification step to confirm containers use expected images
- Add weight verification to confirm Traefik routing was updated
- Add routing validation step to verify traffic switch succeeded
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
