Status
Deliberately not fixing yet. The current broken state functions as an escape hatch: the auto-deploy on push to main will fail at the build step rather than deploying mismatched images while the Terraform side is still on the single-fullstack topology. Once the topology refactor (#749) lands, this workflow gets rewritten to match - in lockstep, not before.
Context
.github/workflows/deploy-stage.yml still expects the legacy single-fullstack image:
ECR_REPOSITORY: civic-tech-jobs-fullstack
IMAGE_TAG: stage
run: |
docker build -f ./stage/Dockerfile -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
./stage/Dockerfile no longer exists. The rewrite split it into stage/django.dockerfile and stage/next.dockerfile. The workflow fails at the docker build step on the next push to main.
Not currently a live problem because nothing is being merged to main (rewrite chain still on the Nickatak fork, none of the PRs have landed upstream). Becomes a problem the moment the chain starts landing - which is exactly why we're holding the fix until the Terraform side is ready.
Scope (when unblocked)
- Build two images instead of one:
civic-tech-jobs-backend from stage/django.dockerfile (context: backend/), civic-tech-jobs-frontend from stage/next.dockerfile (context: frontend/). Push both to their respective ECR repos with the stage tag.
- Pass
NEXT_PUBLIC_API_URL as a --build-arg to the frontend image build (not a runtime env var; Next.js inlines NEXT_PUBLIC_* into the bundle at build time). The build-arg value belongs to whoever owns the deploy environment.
- Force-redeploy the ECS service so the new task spec pulls the fresh images.
Sequencing
Three states:
- Today: incubator expects one image, CTJ workflow tries to build one image, file is missing -> workflow broken at build step. (Escape hatch active.)
- After CTJ workflow rewrite alone: workflow builds two images and pushes to two ECR repos that don't exist -> still broken.
- After both: works.
So the CTJ-side rewrite shouldn't land in isolation. Lockstep with the Terraform topology refactor (#749) or coordinate landing closely.
References
Owner
TBD - unclear if CTJ-side or DevOps CoP owns CI/CD workflow rewrites in this org. Decide alongside #749.
Status
Deliberately not fixing yet. The current broken state functions as an escape hatch: the auto-deploy on push to
mainwill fail at the build step rather than deploying mismatched images while the Terraform side is still on the single-fullstack topology. Once the topology refactor (#749) lands, this workflow gets rewritten to match - in lockstep, not before.Context
.github/workflows/deploy-stage.ymlstill expects the legacy single-fullstack image:./stage/Dockerfileno longer exists. The rewrite split it intostage/django.dockerfileandstage/next.dockerfile. The workflow fails at thedocker buildstep on the next push tomain.Not currently a live problem because nothing is being merged to
main(rewrite chain still on the Nickatak fork, none of the PRs have landed upstream). Becomes a problem the moment the chain starts landing - which is exactly why we're holding the fix until the Terraform side is ready.Scope (when unblocked)
civic-tech-jobs-backendfromstage/django.dockerfile(context:backend/),civic-tech-jobs-frontendfromstage/next.dockerfile(context:frontend/). Push both to their respective ECR repos with thestagetag.NEXT_PUBLIC_API_URLas a--build-argto the frontend image build (not a runtime env var; Next.js inlinesNEXT_PUBLIC_*into the bundle at build time). The build-arg value belongs to whoever owns the deploy environment.Sequencing
Three states:
So the CTJ-side rewrite shouldn't land in isolation. Lockstep with the Terraform topology refactor (#749) or coordinate landing closely.
References
docs/decisions/0003-separate-frontend-backend-containers.mdmake stage-smoke(in chore: Adopt Make as canonical task runner with working host + stage workflows #747) exercises the equivalent two-container compose locally.Owner
TBD - unclear if CTJ-side or DevOps CoP owns CI/CD workflow rewrites in this org. Decide alongside #749.