fix(ci): update runner label from local-ubuntu-latest-cartsnitch to runners-cartsnitch

ARC runner scale set was reconfigured with label `runners-cartsnitch`. All CI jobs were queued indefinitely because no runner matched the old label. Relates to infra#20 Co-Authored-By: Paperclip <noreply@paperclip.ing>
Merge pull request #14 from cartsnitch/revert-ghcr-mirrors
2026-03-19 17:43:47 +00:00 · 2026-03-18 21:53:46 -04:00 · 2026-03-19 01:48:17 +00:00 · 2026-03-19 01:45:43 +00:00 · 2026-03-19 01:43:34 +00:00 · 2026-03-19 00:59:10 +00:00
5 changed files with 71 additions and 3 deletions
@@ -0,0 +1,8 @@
+node_modules
+dist
+.git
+.github
+*.md
+.env*
+.vscode
+coverage
@@ -20,7 +20,7 @@ env:

 jobs:
  lint:
-    runs-on: local-ubuntu-latest
+    runs-on: runners-cartsnitch
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
@@ -34,7 +34,7 @@ jobs:
        run: npx tsc --noEmit

  test:
-    runs-on: local-ubuntu-latest
+    runs-on: runners-cartsnitch
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
@@ -46,7 +46,7 @@ jobs:
        run: npx vitest run

  build-and-push:
-    runs-on: local-ubuntu-latest
+    runs-on: runners-cartsnitch
    needs: [lint, test]
    steps:
      - uses: actions/checkout@v4
@@ -0,0 +1,21 @@
+# Stage 1: Build
+FROM node:20-alpine AS build
+
+WORKDIR /app
+
+COPY package.json package-lock.json ./
+RUN npm ci
+
+COPY . .
+RUN npm run build
+
+# Stage 2: Production
+FROM nginx:stable-alpine AS prod
+
+COPY --from=build /app/dist /usr/share/nginx/html
+COPY nginx.conf /etc/nginx/conf.d/default.conf
+
+EXPOSE 80
+
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+  CMD wget -qO- http://localhost/health || exit 1
@@ -0,0 +1,35 @@
+server {
+    listen 80;
+    server_name _;
+    root /usr/share/nginx/html;
+    index index.html;
+
+    # Gzip compression
+    gzip on;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
+    gzip_min_length 256;
+
+    # Health endpoint for K8s probes
+    location /health {
+        access_log off;
+        return 200 'ok';
+        add_header Content-Type text/plain;
+    }
+
+    # Cache static assets aggressively (Vite hashes filenames)
+    location /assets/ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+    }
+
+    # Service worker — must not be cached
+    location /sw.js {
+        expires off;
+        add_header Cache-Control "no-cache, no-store, must-revalidate";
+    }
+
+    # SPA fallback — serve index.html for all routes
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+}
@@ -0,0 +1,4 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["local>cartsnitch/.github:renovate-config"]
+}
Author	SHA1	Message	Date
Deploy Debbie	b69233b836	fix(ci): update runner label from local-ubuntu-latest-cartsnitch to runners-cartsnitch ARC runner scale set was reconfigured with label `runners-cartsnitch`. All CI jobs were queued indefinitely because no runner matched the old label. Relates to infra#20 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-19 17:43:47 +00:00
Chris Farhood	e8a53399c2	Merge pull request #14 from cartsnitch/revert-ghcr-mirrors Revert GHCR mirror configs to Docker Hub direct pulls	2026-03-18 21:53:46 -04:00
Deploy Debbie	b8091e367e	Remove Docker Hub auth and debug step Confirmed secrets are length 0 from CI runners. Docker Hub auth cannot work until secrets are properly scoped to these repos. Refs: CAR-77 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-19 01:48:17 +00:00
Deploy Debbie	d0c887e29f	Debug: check Docker Hub secret accessibility from CI runners Adding diagnostic step to verify secret length before login attempt. Refs: CAR-77 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-19 01:45:43 +00:00
Deploy Debbie	c81e14b8e7	Re-add Docker Hub auth to test secret accessibility Board confirms DOCKERHUB_USERNAME/DOCKERHUB_TOKEN exist. Testing whether they're now accessible from self-hosted runners. Refs: CAR-77 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-19 01:43:34 +00:00
Debbie (Paperclip Agent)	ec81004268	Remove Docker Hub auth (secrets not accessible from CI runners) DOCKERHUB_USERNAME/DOCKERHUB_TOKEN secrets are not accessible from the self-hosted runners. Remove credentials blocks and login steps to avoid template validation failures. Docker Hub pulls will use anonymous access. Refs: CAR-77 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-19 00:59:10 +00:00
Debbie (Paperclip Agent)	fb6f4a0ed4	Retrigger CI after org secrets provisioned Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-19 00:55:24 +00:00
Debbie (Paperclip Agent)	e6f09a0212	Fix: remove conditional on Docker Hub login Board confirmed DOCKERHUB_USERNAME/DOCKERHUB_TOKEN secrets exist. Remove the conditional (which had a YAML parsing issue with unquoted !=). Refs: CAR-77 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-19 00:52:11 +00:00
Debbie (CartSnitch Engineering)	58844b33fe	Fix: make Docker Hub auth conditional Docker Hub login step is now conditional on secret existence to avoid failures when org secrets are not yet provisioned. Refs: CAR-77 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-18 23:53:50 +00:00
Debbie (CartSnitch Engineering)	0000297e4f	Revert GHCR mirror configs to Docker Hub direct pulls Replace ghcr.io/cartsnitch/mirror/* images with Docker Hub originals, restore GHCR login guard, and add Docker Hub auth. Refs: CAR-77 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-18 23:48:43 +00:00
chip-overstock[bot]	e572a32021	Merge pull request #11 from cartsnitch/fix/ghcr-mirror-base-images Switch Dockerfile base images to GHCR mirror	2026-03-18 18:52:27 +00:00
deploy-debbie[bot]	0789de39f0	Switch base images from Docker Hub to GHCR mirror Avoids Docker Hub 429 rate limits by pulling node:20-alpine and nginx:stable-alpine from ghcr.io/cartsnitch/mirror/. GHCR login now runs on all builds (not just main push) to authenticate pulls. Ref: cartsnitch/infra#7, CAR-55 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-18 18:37:47 +00:00
deploy-debbie[bot]	e57baa4468	feat: add Renovate dependency update config Extends the shared CartSnitch Renovate preset from cartsnitch/.github. Minor/patch automerge, major requires review, dependency PRs labeled and grouped. Co-authored-by: Deploy Debbie <debbie@cartsnitch.com> Co-authored-by: Paperclip <noreply@paperclip.ing>	2026-03-18 18:21:31 +00:00
deploy-debbie[bot]	e42b7e1a66	fix(ci): remove unnecessary Docker Hub login step The build-and-push job had an unconditional Docker Hub login step that was failing because DOCKERHUB_USERNAME and DOCKERHUB_TOKEN secrets are not provisioned. Since we push images to GHCR (not Docker Hub), this step is not needed. Closes cartsnitch/infra#5 Co-authored-by: deploy-debbie[bot] <268472978+deploy-debbie[bot]@users.noreply.github.com> Co-authored-by: Paperclip <noreply@paperclip.ing>	2026-03-18 18:20:31 +00:00
chip-overstock[bot]	265f2ae654	Merge pull request #9 from cartsnitch/fix/ci-docker-ratelimit Fix CI: add Docker Hub credentials for base image pulls	2026-03-18 18:11:01 +00:00
Deploy Debbie	2c4e78f0a7	fix(ci): add Docker Hub login to avoid rate limit on base image pulls The build-and-push job pulls node:20-alpine and nginx:stable-alpine from Docker Hub during docker build. Without authentication these pulls hit the unauthenticated rate limit, causing intermittent build failures. Closes #8 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-18 16:36:02 +00:00
chip-overstock[bot]	da775d362a	Merge pull request #7 from cartsnitch/feature/dockerfile feat: add multi-stage Dockerfile for PWA	2026-03-18 14:27:23 +00:00
deploy-debbie[bot]	42acdc070e	feat: add multi-stage Dockerfile for PWA Build stage uses node:20-alpine to install deps and build. Prod stage uses nginx:stable-alpine to serve static assets. Includes nginx config with SPA routing, gzip, health endpoint, and aggressive caching for Vite-hashed assets. Closes #6 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-18 13:26:57 +00:00
chip-overstock[bot]	be0d4333b2	Merge pull request #2 from cartsnitch/feature/core-screens feat: core PWA screens (auth, dashboard, purchases, products, alerts, settings)	2026-03-18 13:20:19 +00:00
chip-overstock[bot]	c3866c9628	Merge pull request #3 from cartsnitch/fix/runner-label fix: use correct ARC runner label	2026-03-18 03:11:04 +00:00
deploy-debbie[bot]	e39f77b3dd	fix: use local-ubuntu-latest-cartsnitch runner label Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-18 02:57:03 +00:00