bunker-admin
a531f9b9ce
Three related fixes uncovered during a marcelle CCP registration test:
1. ccp-agent image was missing bash + curl + jq + python3, so every
spawn('bash', ...) in upgrade.routes.ts and backup.routes.ts failed
silently with ENOENT. CCP kept reading stale status.json files from
disk, masking that no agent had successfully checked for updates in
weeks. apk-add the missing tools.
2. ccp-agent's /app/instance mount was :ro, blocking the agent from
writing data/upgrade/status.json (and result/progress/backups).
Agent already has docker.sock — removing :ro is not a security
escalation. Patched both docker-compose.yml and docker-compose.prod.yml.
3. Gitea 1.23.x only initializes Release.CreatedUnix inside its
createTag() helper, which is skipped if the tag already exists on
origin. The old DEV_WORKFLOW pattern (push tag, then run
build-release.sh --upload) was triggering this — releases got
created_unix=0 and lost /releases/latest sort order to v2.9.14.
build-release.sh now removes the remote tag first and POSTs with
target_commitish so Gitea creates the tag and release atomically.
After these fixes, CCP's "Check for Updates" path returns truthful
data end-to-end (verified on marcelle: v2.9.15 -> v2.10.1, 1 behind).
Bunker Admin
21 lines
629 B
Docker
21 lines
629 B
Docker
FROM node:20-alpine AS builder
|
|
RUN apk add --no-cache git
|
|
WORKDIR /app
|
|
COPY package*.json ./
|
|
RUN npm ci
|
|
COPY tsconfig.json ./
|
|
COPY src/ ./src/
|
|
RUN npx tsc
|
|
|
|
FROM node:20-alpine
|
|
# bash + curl + jq + python3 are required by the changemaker scripts the agent
|
|
# shells out to (upgrade-check.sh, upgrade.sh, backup.sh). Without them, every
|
|
# /upgrade/* and /backup/* call returns "command not found" failures.
|
|
RUN apk add --no-cache docker-cli docker-cli-compose git rsync bash curl jq python3
|
|
WORKDIR /app
|
|
COPY package*.json ./
|
|
RUN npm ci --production
|
|
COPY --from=builder /app/dist/ ./dist/
|
|
EXPOSE 7443
|
|
CMD ["node", "dist/server.js"]
|