mirror of
https://github.com/twentyhq/twenty.git
synced 2026-04-18 14:01:45 -04:00
ac8e0d4217
## Summary
- Replaces `twentycrm/twenty-postgres-spilo` with the official
`postgres:16` image across all 7 CI workflow files
- Removes Docker Hub `credentials` blocks from all service containers
(postgres, redis, clickhouse)
- Removes the `Login to Docker Hub` step from the breaking changes
workflow
## Context
Fork PRs cannot access repository secrets/variables, causing `${{
vars.DOCKERHUB_USERNAME }}` and `${{ secrets.DOCKERHUB_PASSWORD }}` to
resolve to empty strings. GitHub Actions rejects empty credential values
at template validation time, failing the job before any step runs.
The custom spilo image was the original reason credentials were needed
(to avoid Docker Hub rate limits on non-official images). The only
Postgres extensions required in CI (`uuid-ossp`, `unaccent`) are built
into the official `postgres:16` image. Official Docker Hub images have
significantly higher pull rate limits and don't require authentication.
72 lines
2.0 KiB
YAML
72 lines
2.0 KiB
YAML
name: CI Website
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
on:
|
|
pull_request:
|
|
merge_group:
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
|
|
|
|
jobs:
|
|
changed-files-check:
|
|
if: github.event_name != 'merge_group'
|
|
uses: ./.github/workflows/changed-files.yaml
|
|
with:
|
|
files: |
|
|
package.json
|
|
packages/twenty-website/**
|
|
website-build:
|
|
needs: changed-files-check
|
|
if: needs.changed-files-check.outputs.any_changed == 'true'
|
|
timeout-minutes: 10
|
|
runs-on: ubuntu-latest
|
|
services:
|
|
postgres:
|
|
image: postgres:18
|
|
env:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
ports:
|
|
- 5432:5432
|
|
options: >-
|
|
--health-cmd pg_isready
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 10
|
|
|
|
- name: Install dependencies
|
|
uses: ./.github/actions/yarn-install
|
|
|
|
- name: Server / Create DB
|
|
run: PGPASSWORD=postgres psql -h localhost -p 5432 -U postgres -d postgres -c 'CREATE DATABASE "default";'
|
|
|
|
- name: Website / Run migrations
|
|
run: npx nx database:migrate twenty-website
|
|
env:
|
|
DATABASE_PG_URL: postgres://postgres:postgres@localhost:5432/default
|
|
- name: Website / Build Website
|
|
run: npx nx build twenty-website
|
|
env:
|
|
DATABASE_PG_URL: postgres://postgres:postgres@localhost:5432/default
|
|
KEYSTATIC_GITHUB_CLIENT_ID: xxx
|
|
KEYSTATIC_GITHUB_CLIENT_SECRET: xxx
|
|
KEYSTATIC_SECRET: xxx
|
|
NEXT_PUBLIC_KEYSTATIC_GITHUB_APP_SLUG: xxx
|
|
ci-website-status-check:
|
|
if: always() && !cancelled()
|
|
timeout-minutes: 5
|
|
runs-on: ubuntu-latest
|
|
needs: [changed-files-check, website-build]
|
|
steps:
|
|
- name: Fail job if any needs failed
|
|
if: contains(needs.*.result, 'failure')
|
|
run: exit 1
|