diff --git a/deployment/stacks/staging/docker-compose.yml b/deployment/stacks/staging/docker-compose.yml index a6620d96..02571865 100644 --- a/deployment/stacks/staging/docker-compose.yml +++ b/deployment/stacks/staging/docker-compose.yml @@ -46,8 +46,82 @@ services: - staging-logs:/var/www/html/storage/logs - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro + # Override entrypoint to only start PHP-FPM (not nginx) + fix git ownership + entrypoint: ["/bin/sh", "-c"] + command: + - | + # Load secrets from /run/secrets/ + echo "🔐 Loading secrets from /run/secrets/..." + [ -f /run/secrets/DB_PASSWORD ] && export DB_PASSWORD="$(cat /run/secrets/DB_PASSWORD)" || true + [ -f /run/secrets/APP_KEY ] && export APP_KEY="$(cat /run/secrets/APP_KEY)" || true + [ -f /run/secrets/GIT_TOKEN ] && export GIT_TOKEN="$(cat /run/secrets/GIT_TOKEN)" || true + + # Fix Git ownership issue + git config --global --add safe.directory /var/www/html 2>/dev/null || true + + # Git Clone/Pull functionality + if [ -n "$GIT_REPOSITORY_URL" ]; then + echo "" + echo "đŸ“Ĩ Cloning/Pulling code from Git repository..." + + GIT_BRANCH="${GIT_BRANCH:-main}" + GIT_TARGET_DIR="/var/www/html" + + # Setup Git credentials + if [ -n "$GIT_TOKEN" ]; then + GIT_URL_WITH_AUTH=$(echo "$GIT_REPOSITORY_URL" | sed "s|https://|https://${GIT_TOKEN}@|") + elif [ -n "$GIT_USERNAME" ] && [ -n "$GIT_PASSWORD" ]; then + GIT_URL_WITH_AUTH=$(echo "$GIT_REPOSITORY_URL" | sed "s|https://|https://${GIT_USERNAME}:${GIT_PASSWORD}@|") + else + GIT_URL_WITH_AUTH="$GIT_REPOSITORY_URL" + fi + + # Clone or pull + if [ ! -d "$GIT_TARGET_DIR/.git" ]; then + echo "đŸ“Ĩ Cloning repository from $GIT_REPOSITORY_URL (branch: $GIT_BRANCH)..." + if [ "$(ls -A $GIT_TARGET_DIR 2>/dev/null)" ]; then + find "$GIT_TARGET_DIR" -mindepth 1 -maxdepth 1 ! -name "storage" -exec rm -rf {} \; 2>/dev/null || true + fi + TEMP_CLONE="${GIT_TARGET_DIR}.tmp" + rm -rf "$TEMP_CLONE" 2>/dev/null || true + if git clone --branch "$GIT_BRANCH" --depth 1 "$GIT_URL_WITH_AUTH" "$TEMP_CLONE"; then + find "$GIT_TARGET_DIR" -mindepth 1 -maxdepth 1 ! -name "storage" -exec rm -rf {} \; 2>/dev/null || true + find "$TEMP_CLONE" -mindepth 1 -maxdepth 1 ! -name "." ! -name ".." -exec mv {} "$GIT_TARGET_DIR/" \; 2>/dev/null || true + rm -rf "$TEMP_CLONE" 2>/dev/null || true + echo "✅ Repository cloned successfully" + fi + else + echo "🔄 Pulling latest changes from $GIT_BRANCH..." + cd "$GIT_TARGET_DIR" + git fetch origin "$GIT_BRANCH" || echo "⚠ī¸ Git fetch failed" + git reset --hard "origin/$GIT_BRANCH" || echo "⚠ī¸ Git reset failed" + git clean -fd || true + fi + + # Install dependencies + if [ -f "$GIT_TARGET_DIR/composer.json" ]; then + echo "đŸ“Ļ Installing/updating Composer dependencies..." + cd "$GIT_TARGET_DIR" + composer install --no-dev --optimize-autoloader --no-interaction --no-scripts || echo "⚠ī¸ Composer install failed" + composer dump-autoload --optimize --classmap-authoritative || true + fi + + echo "✅ Git sync completed" + else + echo "" + echo "ℹī¸ GIT_REPOSITORY_URL not set, using code from image" + fi + + echo "" + echo "📊 Environment variables:" + env | grep -E "DB_|APP_" | grep -v "PASSWORD|KEY|SECRET" || true + + # Start PHP-FPM only (no nginx) + echo "" + echo "🚀 Starting PHP-FPM..." + exec php-fpm healthcheck: - test: ["CMD-SHELL", "true"] + test: ["CMD-SHELL", "php-fpm-healthcheck || true"] interval: 30s timeout: 10s retries: 3