fe57dde57b
Add the rule-46 image-publish lane: a `publish` job gated on [lint, unit, integration] that builds the runtime Dockerfile in ci-builder and pushes git.fabledsword.com/bvandeusen/steward:<sha> always, :dev on dev and :latest on main. Authenticates with the REGISTRY_TOKEN repo secret (the injected GITHUB_TOKEN lacks write:package). Steward is the first family app to implement the publish lane; mechanics mirror CI-runner's build-ci-python.yml. Add compose.deploy.yml for a persistent remote instance that pulls :dev (no source bind-mounts, persistent app_data+pgdata volumes, bundled Postgres), plus a README "Remote dev instance" runbook and the POSTGRES_PASSWORD env key. Fix .env.example's database URL var to the canonical STEWARD_DATABASE_URL (single underscore) and document the publish lane in ci-requirements.md. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
13 lines
503 B
Bash
13 lines
503 B
Bash
# Copy to .env for Docker / local development secrets
|
|
# These override values in config.yaml
|
|
|
|
STEWARD_SECRET_KEY=change-me
|
|
STEWARD_DATABASE_URL=postgresql+asyncpg://steward:password@localhost/steward
|
|
STEWARD_SMTP__PASSWORD=
|
|
|
|
# --- compose.deploy.yml (remote instance) only ---
|
|
# Password for the bundled Postgres; the steward service builds its
|
|
# STEWARD_DATABASE_URL from it. Leave STEWARD_SECRET_KEY above unset to let the
|
|
# app generate + persist one on the /data volume.
|
|
POSTGRES_PASSWORD=change-me
|