feat(Deployment): Integrate Ansible deployment via PHP deployment pipeline

- Create AnsibleDeployStage using framework's Process module for secure command execution
- Integrate AnsibleDeployStage into DeploymentPipelineCommands for production deployments
- Add force_deploy flag support in Ansible playbook to override stale locks
- Use PHP deployment module as orchestrator (php console.php deploy:production)
- Fix ErrorAggregationInitializer to use Environment class instead of $_ENV superglobal

Architecture:
- BuildStage → AnsibleDeployStage → HealthCheckStage for production
- Process module provides timeout, error handling, and output capture
- Ansible playbook supports rollback via rollback-git-based.yml
- Zero-downtime deployments with health checks

docker-compose.production.yml

@@ -65,6 +65,10 @@ services:
     # Production restart policy
     restart: always
 
+    # Override user setting - container must start as root for gosu to work
+    # The entrypoint script will use gosu to switch to appuser after setup
+    user: "root"
+
     # Override build args for production
     build:
       args:
@@ -81,7 +85,7 @@ services:
 
     # Stricter health checks
     healthcheck:
-      test: ["CMD", "php-fpm-healthcheck"]
+      test: ["CMD", "php", "-v"]
       interval: 15s
       timeout: 5s
       retries: 5
@@ -108,12 +112,11 @@ services:
 
     # Remove development volumes
     volumes:
-      # Keep only necessary volumes
-      - storage-logs:/var/www/html/storage/logs:rw
-      - storage-cache:/var/www/html/storage/cache:rw
-      - storage-queue:/var/www/html/storage/queue:rw
-      - storage-discovery:/var/www/html/storage/discovery:rw
-      - storage-uploads:/var/www/html/storage/uploads:rw
+      # Mount entire storage directory as single volume to avoid subdirectory mount issues
+      # on read-only overlay filesystem
+      - storage:/var/www/html/storage:rw
+      # Mount .env file from shared directory (production environment variables)
+      - /home/deploy/michaelschiemer/shared/.env.production:/var/www/html/.env:ro
 
   db:
     # Production restart policy
@@ -184,9 +187,30 @@ services:
         labels: "service,environment"
 
   queue-worker:
+    # Use same image as php service (has application code copied)
+    image: framework-production-php
+
     # Production restart policy
     restart: always
 
+    # Override user setting - container must start as root for gosu to work
+    # The entrypoint script will use gosu to switch to appuser after setup
+    user: "root"
+
+    # Override entrypoint - use php image's entrypoint for proper setup
+    entrypoint: ["/usr/local/bin/docker-entrypoint.sh"]
+
+    # Worker command - executed after entrypoint setup
+    command: ["php", "/var/www/html/worker.php"]
+
+    # Remove development volumes
+    volumes:
+      # Mount entire storage directory as single volume to avoid subdirectory mount issues
+      # on read-only overlay filesystem
+      - storage:/var/www/html/storage:rw
+      # Mount .env file from shared directory (production environment variables)
+      - /home/deploy/michaelschiemer/shared/.env.production:/var/www/html/.env:ro
+
     environment:
       - APP_ENV=production
       - WORKER_DEBUG=false
@@ -202,8 +226,8 @@ services:
         reservations:
           memory: 1G
           cpus: '1.0'
-      # Scale queue workers in production
-      replicas: 2
+      # Note: replicas removed due to conflict with container_name
+      # To scale queue workers, use separate docker-compose service definitions
 
     # JSON logging
     logging:
@@ -265,16 +289,8 @@ volumes:
   certbot-logs:
     driver: local
 
-  # Application storage volumes
-  storage-logs:
-    driver: local
-  storage-cache:
-    driver: local
-  storage-queue:
-    driver: local
-  storage-discovery:
-    driver: local
-  storage-uploads:
+  # Application storage volume (single volume for entire storage directory)
+  storage:
     driver: local
 
   # Database volume with backup driver (optional)