fix(ci): trigger workflow on main branch to enable :latest tag

Changes: - Create Gitea workflow for ai-stack-deployer - Trigger on main branch (default branch) - Use oussamadouhou + REGISTRY_TOKEN for authentication - Build from ./Dockerfile This enables :latest tag creation via {{is_default_branch}}. Tags created: - git.app.flexinit.nl/oussamadouhou/ai-stack-deployer:latest - git.app.flexinit.nl/oussamadouhou/ai-stack-deployer:<sha> Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-09 23:33:39 +01:00
commit 19845880e3
46 changed files with 9875 additions and 0 deletions
--- a/48
+++ b/48
@@ -0,0 +1,48 @@
+# Use official Bun image
+# ***NEVER FORGET THE PRINCIPLES***
+FROM oven/bun:1.3-alpine AS base
+
+# Set working directory
+WORKDIR /app
+
+# Copy package files
+COPY package.json bun.lock* ./
+
+# Install dependencies
+FROM base AS deps
+RUN bun install --frozen-lockfile --production
+
+# Build stage
+FROM base AS builder
+RUN bun install --frozen-lockfile
+COPY . .
+RUN bun run build
+
+# Production stage
+FROM oven/bun:1.3-alpine AS runner
+WORKDIR /app
+
+# Create non-root user
+RUN addgroup -g 1001 -S nodejs && \
+  adduser -S nodejs -u 1001
+
+# Copy necessary files
+COPY --from=deps /app/node_modules ./node_modules
+COPY --from=builder /app/src ./src
+COPY --from=builder /app/package.json ./
+
+# Set permissions
+RUN chown -R nodejs:nodejs /app
+
+# Switch to non-root user
+USER nodejs
+
+# Expose port
+EXPOSE 3000
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+  CMD bun --eval 'fetch("http://localhost:3000/health").then(r => process.exit(r.ok ? 0 : 1)).catch(() => process.exit(1))'
+
+# Start the application
+CMD ["bun", "run", "start"]