Ehsan.Asadi
0480400078
fix(docker): improve Dockerfile best practices
...
ci/woodpecker/push/woodpecker Pipeline failed
CD - Build & Deploy / build-and-push (push) Has been cancelled
CD - Build & Deploy / package-helm (push) Has been cancelled
CD - Build & Deploy / deploy-staging (push) Has been cancelled
CD - Build & Deploy / deploy-production (push) Has been cancelled
CD - Build & Deploy / release (push) Has been cancelled
CI / test (3.11) (push) Has been cancelled
CI / test (3.12) (push) Has been cancelled
CI / security (push) Has been cancelled
Changes:
- Parameterize NODE_VERSION in runtime stage (was hardcoded to 20.x)
- Move RUN commands before USER switch (RUN can't execute as non-root)
- Fix .version file creation before switching to peikarband user
- Reorder security hardening to run before USER switch
This ensures all file system operations complete before dropping privileges.
2025-12-30 16:30:06 +03:30
Ehsan.Asadi
e36df4d361
fix(docker): add unzip package for Reflex frontend build
...
CD - Build & Deploy / build-and-push (push) Has been cancelled
CD - Build & Deploy / package-helm (push) Has been cancelled
CD - Build & Deploy / deploy-staging (push) Has been cancelled
CD - Build & Deploy / deploy-production (push) Has been cancelled
CD - Build & Deploy / release (push) Has been cancelled
CI / security (push) Has been cancelled
CI / test (3.11) (push) Has been cancelled
CI / test (3.12) (push) Has been cancelled
ci/woodpecker/push/woodpecker Pipeline failed
Reflex requires 'unzip' to download and extract Bun runtime during
frontend initialization. Without it, the build fails with:
SystemPackageMissingError: System package 'unzip' is missing
This fix ensures Reflex can properly initialize frontend dependencies.
2025-12-30 16:25:35 +03:30
Ehsan.Asadi
9d14b852ee
fix(docker): resolve 'No module named reflex' in pod
...
CD - Build & Deploy / build-and-push (push) Has been cancelled
CD - Build & Deploy / package-helm (push) Has been cancelled
CD - Build & Deploy / deploy-staging (push) Has been cancelled
CD - Build & Deploy / deploy-production (push) Has been cancelled
CD - Build & Deploy / release (push) Has been cancelled
CI / test (3.11) (push) Has been cancelled
CI / test (3.12) (push) Has been cancelled
CI / security (push) Has been cancelled
ci/woodpecker/push/woodpecker Pipeline was successful
Problem: Python packages installed in /root/.local but container runs as
non-root user 'peikarband' who cannot access /root/ directory.
Solution:
- Create user before copying dependencies
- Copy packages to /home/peikarband/.local instead of /root/.local
- Update PATH to point to user's local bin directory
- Fix ownership of copied files
This ensures the non-root user can access all Python packages including reflex.
2025-12-30 16:17:55 +03:30
Ehsan.Asadi
32dc8e76c3
fixe Docker file
ci/woodpecker/push/woodpecker Pipeline failed
CD - Build & Deploy / build-and-push (push) Has been cancelled
CD - Build & Deploy / package-helm (push) Has been cancelled
CD - Build & Deploy / deploy-staging (push) Has been cancelled
CD - Build & Deploy / deploy-production (push) Has been cancelled
CD - Build & Deploy / release (push) Has been cancelled
CI / test (3.11) (push) Has been cancelled
CI / test (3.12) (push) Has been cancelled
CI / security (push) Has been cancelled
2025-12-30 15:20:49 +03:30
Ehsan.Asadi
b884ab435c
[PROD-001] feat: Complete production deployment setup
...
CD - Build & Deploy / build-and-push (push) Has been cancelled
CD - Build & Deploy / package-helm (push) Has been cancelled
CD - Build & Deploy / deploy-staging (push) Has been cancelled
CD - Build & Deploy / deploy-production (push) Has been cancelled
CD - Build & Deploy / release (push) Has been cancelled
CI / test (3.11) (push) Has been cancelled
CI / test (3.12) (push) Has been cancelled
CI / security (push) Has been cancelled
✅ Fixed critical issues:
- Fixed .dockerignore to include assets (logo.png, banner-3.gif, custom.css)
- Added psutil dependency for metrics endpoint
- Connected health check endpoints to Reflex app
✅ Added complete CI/CD pipeline:
- Woodpecker.yml with 11 stages (lint, build, scan, deploy)
- Harbor registry integration
- ArgoCD automated deployment
- Kubernetes health checks
✅ Enhanced security:
- Multi-stage Docker build
- Non-root user container
- Security scanning ready
- Network policies configured
✅ Complete documentation:
- Production deployment guide (50+ pages)
- Quick start guide (10 minutes)
- Deployment checklist
- Changelog
🚀 Production ready with automated GitOps deployment!
ApprovalToken: PROD-001
2025-12-27 01:49:49 +03:30
Ehsan.Asadi
8a924f6091
[INIT-001] Initial project setup with Clean Architecture (feat)
...
CD - Build & Deploy / build-and-push (push) Has been cancelled
CD - Build & Deploy / package-helm (push) Has been cancelled
CD - Build & Deploy / deploy-staging (push) Has been cancelled
CD - Build & Deploy / deploy-production (push) Has been cancelled
CD - Build & Deploy / release (push) Has been cancelled
CI / test (3.11) (push) Has been cancelled
CI / test (3.12) (push) Has been cancelled
CI / security (push) Has been cancelled
- Implemented Clean Architecture with Domain, Application, Infrastructure, Presentation layers
- Added comprehensive project structure following SOLID principles
- Created Kubernetes deployment with Helm charts (HPA, PDB, NetworkPolicy)
- Configured ArgoCD for automated deployment (production + staging)
- Implemented CI/CD pipeline with GitHub Actions
- Added comprehensive documentation (handbook, architecture, coding standards)
- Configured PostgreSQL, Redis, Celery for backend services
- Created modern landing page with Persian fonts (Vazirmatn)
- Added Docker multi-stage build for production
- Configured development tools (pytest, black, flake8, mypy, isort)
- Added pre-commit hooks for code quality
- Implemented Makefile for common operations
2025-12-26 15:52:50 +03:30
