till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 22:21:10 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

feat(cutover): platform services build from ../mana, not from this repo

Browse source 
Part of the 8-Doppel-Cutover (2026-05-08, plan
~/.claude/plans/floating-swinging-flurry.md):

- docker-compose.{macmini,dev,test}.yml: build context for
  mana-{auth,credits,media,llm,notify} switched to ../mana/services/...
  so the Mac Mini stack pulls platform services from the platform repo
  (sibling clone), not from services/ in this monorepo.
- .npmrc + apps/api/{Dockerfile,package.json}: @mana/media-client now
  resolved from Verdaccio (npm.mana.how, ^0.1.0) instead of as a
  workspace COPY from services/mana-media/packages/client. Build-arg
  NPM_TOKEN flows through .npmrc for pnpm install auth. Required
  before services/mana-media/ can be deleted.
- .github/workflows/{ci,cd-macmini,daily-tests}.yml: removed the
  detect-/build-/test-jobs that targeted services/mana-{auth,credits,
  notify,media}/. Those services build out of the platform repo now —
  CI for them belongs in mana/-repo (open). cd-macmini's
  workflow_dispatch can still rebuild any of them on demand;
  auto-detect on path-change is gone for these five.
- scripts/{mac-mini/push-schemas.sh,run-integration-tests.sh}:
  rewritten to look in ../mana/ for the platform services.
- package.json dev:{auth,credits,notify,media}: paths point at
  ../mana/services/... so local dev still works post-cutover.

What this commit does NOT do: delete services/mana-{auth,credits,...}
from this repo. That waits for Phase 7 once the Mac Mini stack has
booted cleanly from the new build paths.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Till JS 2026-05-08 18:40:08 +02:00
parent 7b362066bb
commit 774852ba2d
12 changed files with 76 additions and 363 deletions
Download patch file Download diff file Expand all files Collapse all files

15
.github/workflows/cd-macmini.yml vendored
View file

@ -118,10 +118,18 @@ jobs:
# Service → source paths. One line per compose service. Space-
# separated paths are OR'd: any of them matching triggers a rebuild.
# Keep names aligned with `docker compose config --services`.
#
# NOTE 2026-05-08 — 5 Plattform-Services (mana-auth, mana-credits,
# mana-notify, mana-media, mana-llm) bauen ab dem Cutover aus
# `../mana/services/...`. Ihre Source-Pfade liegen im Schwester-Repo
# `mana/` und werden von diesem `git diff` (das nur das Monorepo
# sieht) NICHT mehr automatisch erkannt. Manuelles Deploy geht
# weiterhin via `workflow_dispatch` mit `service: mana-<x>` —
# `docker compose build` zieht dann aus `../mana/`. Für
# Auto-Detect bei Plattform-Code-Änderungen gehört ein eigener
# CD-Workflow ins `mana/`-Repo (Offener Punkt, Phase 8).
SERVICE_SOURCES=(
"mana-auth|services/mana-auth/"
"mana-ai|services/mana-ai/"
"mana-credits|services/mana-credits/"
"mana-research|services/mana-research/"
"mana-events|services/mana-events/"
"mana-geocoding|services/mana-geocoding/"
@ -130,11 +138,8 @@ jobs:
"mana-analytics|services/mana-analytics/"
"mana-search|services/mana-search/ packages/shared-go/"
"mana-sync|services/mana-sync/ packages/shared-go/"
"mana-notify|services/mana-notify/ packages/shared-go/"
"mana-crawler|services/mana-crawler/ packages/shared-go/"
"mana-api-gateway|services/mana-api-gateway/ packages/shared-go/"
"mana-media|services/mana-media/"
"mana-llm|services/mana-llm/"
"mana-landing-builder|services/mana-landing-builder/ packages/shared-landing-ui/ packages/shared-types/"
"mana-web|apps/mana/apps/web/ apps/mana/packages/"
"mana-api|apps/api/"

175
.github/workflows/ci.yml vendored
View file

@ -303,90 +303,20 @@ jobs:
fi
# ===========================================
# Auth flow integration test
# NOTE 2026-05-08 — Plattform-Service-Tests/Builds (mana-auth,
# mana-credits, mana-mail, mana-media, mana-llm, mana-notify, mana-stt,
# mana-tts) leben jetzt im Schwester-Repo `mana/` und sind dort zu
# testen + zu bauen. Der frühere `auth-integration`-Job und
# `build-mana-{auth,notify,media,credits}` wurden entfernt, weil sie
# `services/mana-<x>/` aus diesem Repo erwarteten — diese Verzeichnisse
# gibt es ab Phase 7 nicht mehr. Offener Punkt: eigene CI im
# `mana/`-Repo aufsetzen (mit auth-integration + Build-Push).
# ===========================================
# Spins up postgres + redis + mailpit + mana-auth + mana-notify via
# docker-compose.test.yml and runs tests/integration/auth-flow.test.ts.
# Catches register/verify/login/JWT/encryption-vault regressions before
# they can be merged. Required check — never bypass.
auth-integration:
name: Auth flow integration test
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
timeout-minutes: 15
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ env.PNPM_VERSION }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Setup Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Run auth flow integration test
run: ./scripts/run-integration-tests.sh
- name: Dump test stack logs on failure
if: failure()
run: |
echo "::group::mana-auth logs"
docker logs mana-test-mana-auth 2>&1 | tail -200 || true
echo "::endgroup::"
echo "::group::mana-notify logs"
docker logs mana-test-mana-notify 2>&1 | tail -200 || true
echo "::endgroup::"
echo "::group::mailpit messages"
curl -s http://localhost:8026/api/v1/messages | head -100 || true
echo "::endgroup::"
# ===========================================
# Build Docker images - only changed services
# ===========================================
build-mana-auth:
name: Build mana-auth
runs-on: ubuntu-latest
needs: detect-changes
if: needs.detect-changes.outputs.mana-auth == 'true'
steps:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository_owner }}/mana-auth
tags: type=raw,value=latest
- uses: docker/build-push-action@v5
with:
context: .
file: services/mana-auth/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-mana-search:
name: Build mana-search
runs-on: ubuntu-latest
@ -446,35 +376,6 @@ jobs:
cache-from: type=gha
cache-to: type=gha,mode=max
build-mana-notify:
name: Build mana-notify
runs-on: ubuntu-latest
needs: detect-changes
if: needs.detect-changes.outputs.mana-notify == 'true'
steps:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository_owner }}/mana-notify
tags: type=raw,value=latest
- uses: docker/build-push-action@v5
with:
context: .
file: services/mana-notify/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-mana-api-gateway:
name: Build mana-api-gateway
runs-on: ubuntu-latest
@ -534,60 +435,6 @@ jobs:
cache-to: type=gha,mode=max
# Hono/Bun services
build-mana-media:
name: Build mana-media
runs-on: ubuntu-latest
needs: detect-changes
if: needs.detect-changes.outputs.mana-media == 'true'
steps:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository_owner }}/mana-media
tags: type=raw,value=latest
- uses: docker/build-push-action@v5
with:
context: services/mana-media/apps/api
file: services/mana-media/apps/api/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-mana-credits:
name: Build mana-credits
runs-on: ubuntu-latest
needs: detect-changes
if: needs.detect-changes.outputs.mana-credits == 'true'
steps:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository_owner }}/mana-credits
tags: type=raw,value=latest
- uses: docker/build-push-action@v5
with:
context: services/mana-credits
file: services/mana-credits/Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
# NOTE 2026-05-08 — `build-mana-media` und `build-mana-credits` sind
# entfallen: Plattform-Services leben jetzt im Schwester-Repo `mana/`.
# Build-Push gehört in eine separate CI dort. Siehe Header oben.

178
.github/workflows/daily-tests.yml vendored
View file

@ -38,182 +38,18 @@ env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
jobs:
# Job 1: Test mana-auth with coverage
test-mana-auth:
name: Test mana-auth
runs-on: ubuntu-latest
# NOTE 2026-05-08 — `test-mana-auth` (Coverage-Job) ist entfernt:
# mana-auth lebt seit dem 8-Doppel-Cutover im Schwester-Repo `mana/`.
# Der Coverage-Test gehört dort hin (Offener Punkt). `test-integration`
# wurde ebenfalls zur Plattform — siehe nächster Job.
services:
postgres:
image: postgres:16-alpine
env:
POSTGRES_USER: mana
POSTGRES_PASSWORD: testpassword
POSTGRES_DB: mana
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
redis:
image: redis:7-alpine
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ env.PNPM_VERSION }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Build dependencies
run: pnpm run build:packages
- name: Setup test database
working-directory: services/mana-auth
env:
DATABASE_URL: postgresql://mana:testpassword@localhost:5432/mana
run: pnpm run db:migrate
- name: Run tests with coverage
working-directory: services/mana-auth
env:
DATABASE_URL: postgresql://mana:testpassword@localhost:5432/mana
REDIS_URL: redis://localhost:6379
NODE_ENV: test
JWT_ISSUER: mana
JWT_AUDIENCE: mana
run: |
if [ "${{ github.event.inputs.verbose }}" = "true" ]; then
pnpm run test:cov --verbose
else
pnpm run test:cov
fi
- name: Upload coverage to artifact
if: always()
uses: actions/upload-artifact@v4
with:
name: coverage-mana-auth
path: services/mana-auth/coverage
retention-days: 30
- name: Check coverage threshold
working-directory: services/mana-auth
run: |
if [ -f "coverage/coverage-summary.json" ]; then
COVERAGE=$(node -e "const c = require('./coverage/coverage-summary.json'); console.log(c.total.lines.pct)")
echo "Coverage for mana-auth: ${COVERAGE}%"
if (( $(echo "$COVERAGE < $COVERAGE_THRESHOLD" | bc -l) )); then
echo "::error::Coverage ${COVERAGE}% is below threshold ${COVERAGE_THRESHOLD}%"
exit 1
fi
fi
# Job 2: Integration tests (E2E flows)
test-integration:
name: Integration Tests
runs-on: ubuntu-latest
services:
postgres:
image: postgres:16-alpine
env:
POSTGRES_USER: mana
POSTGRES_PASSWORD: testpassword
POSTGRES_DB: mana
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
redis:
image: redis:7-alpine
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ env.PNPM_VERSION }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Build dependencies
run: pnpm run build:packages
- name: Setup databases for integration tests
working-directory: services/mana-auth
env:
DATABASE_URL: postgresql://mana:testpassword@localhost:5432/mana
run: pnpm run db:migrate
- name: Run integration tests
env:
DATABASE_URL: postgresql://mana:testpassword@localhost:5432/mana
REDIS_URL: redis://localhost:6379
NODE_ENV: test
JWT_ISSUER: mana
JWT_AUDIENCE: mana
run: |
# Run auth integration tests
cd services/mana-auth
if [ -d "test/integration" ]; then
pnpm run test:e2e || pnpm run test -- test/integration
fi
- name: Upload integration test results
if: always()
uses: actions/upload-artifact@v4
with:
name: integration-test-results
path: services/mana-auth/test-results
retention-days: 30
# Job 2 (test-integration) ebenfalls entfernt — der frühere Job lief
# `services/mana-auth/test/integration`-Suite, die nach Phase 7 nicht
# mehr existiert. Gehört in den `mana/`-Repo-CI.
# Job 3: Always send Discord notification (success or failure)
notify:
name: Discord Notification
needs: [test-mana-auth, test-integration]
if: always()
runs-on: ubuntu-latest