singularity-forge/docker/Dockerfile.source-server

# syntax=docker/dockerfile:1.7
#
# Local source-mounted SF server image.
#
# Purpose: run the vega development/production server inside a container while
# keeping /home/mhugo/code/singularity-forge as the source of truth.
#
# Consumer: docker/docker-compose.vega.yaml.

FROM node:26.1-slim

ENV NODE_ENV=development
ENV HOME=/home/node
ENV SF_WEB_PREFER_SOURCE=0

RUN apt-get update && apt-get install -y --no-install-recommends \
    ca-certificates \
    docker-buildx \
    docker-cli \
    git \
    libsecret-1-0 \
    tini \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /opt/sf
EXPOSE 4000
ENTRYPOINT ["tini", "--"]
CMD ["npm", "run", "sf:server", "--", "--host", "0.0.0.0", "--port", "4000"]
feat: add source-mounted sf server self-deploy 2026-05-17 22:00:01 +02:00			`# syntax=docker/dockerfile:1.7`
			`#`
			`# Local source-mounted SF server image.`
			`#`
			`# Purpose: run the vega development/production server inside a container while`
			`# keeping /home/mhugo/code/singularity-forge as the source of truth.`
			`#`
			`# Consumer: docker/docker-compose.vega.yaml.`

			`FROM node:26.1-slim`

			`ENV NODE_ENV=development`
			`ENV HOME=/home/node`
			`ENV SF_WEB_PREFER_SOURCE=0`

			`RUN apt-get update && apt-get install -y --no-install-recommends \`
			`ca-certificates \`
feat: operational glue for upgrade-safety chain Bundles the working-tree state into one coherent commit covering the upgrade-safety glue that complements today's earlier landings (orphan-recovery, sf-db single-connection, drain-timer-not-unref'd, forceShutdown drain, shutdown-state.ts, instrumentation.ts, shutdown-signal.js, gate-deadlock-classifier). Modified: docker/Dockerfile.source-server — image build tweaks for the source- server variant used by the in-container upgrader. docker/docker-compose.vega.yaml — env passthroughs for host-side dirs (SF_SOURCE_HOST_ROOT, SF_WORKSPACE_HOST_DIR, SF_WORKSPACES_HOST_DIR, SF_HOME_HOST_DIR), docker socket mount, group_add for docker GID, and SF_RPC_SHUTDOWN_GRACE_MS=600000 matching the 10-min drain. scripts/run-vega-source-server.mjs — substantial rework supporting the in-container upgrade flow. scripts/upgrade-vega-source-server.mjs — buildEnv() + dockerBuildEnv() helpers, probeBind via SF_VEGA_PROBE_HOST, containerExists() pre-check before drainContainer, stop timeout now matches the 10-min RPC grace via SF_VEGA_DRAIN_STOP_TIME (default 610s). src/web/project-discovery-service.ts — calls recoverProjectRuntimeQueues() on each of the 3 discovery paths (root monorepo, per-entry, nested SF projects). Closes the cloud-volume mtime-lag window codex flagged. web/app/api/ready/route.ts — calls recoverProjectRuntimeQueues() on every readiness probe, and now also reads shutdown-state so the probe returns 503 while draining. web/components/sf/projects-view.tsx — UI wiring for the upgrade trigger. web/pages/api/projects.ts — backend API addition for the project enumeration that feeds projects-view. docs/specs/sf-self-deploy.md — docs update for the new flow. package.json — script alias. Added: scripts/build-web-host.mjs — new build helper for the standalone web host artifact consumed by the upgrade flow. src/resources/extensions/sf/tests/auto-shutdown-signal.test.mjs — unit test for the cooperative-shutdown signal module (registers / requests / snapshot). src/web/project-runtime-recovery.ts — thin wrapper around recoverOrphanedFeedbackDrains for per-project use from web routes. web/app/api/drain/route.ts — explicit drain endpoint for operator- triggered queue flush. web/app/api/server-upgrade/route.ts — auth-gated endpoint that spawns the in-container upgrader via docker socket; passes through host-dir env so the upgrader knows real bind-mount paths. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-17 22:57:26 +02:00			`docker-buildx \`
			`docker-cli \`
feat: add source-mounted sf server self-deploy 2026-05-17 22:00:01 +02:00			`git \`
			`libsecret-1-0 \`
			`tini \`
			`&& rm -rf /var/lib/apt/lists/*`

			`WORKDIR /opt/sf`
			`EXPOSE 4000`
			`ENTRYPOINT ["tini", "--"]`
			`CMD ["npm", "run", "sf:server", "--", "--host", "0.0.0.0", "--port", "4000"]`