Refactor deployment scripts and configuration

[rostilos]

• Updated .gitignore to exclude unnecessary files.
• Added production-build.sh for building Java artifacts and managing environment configurations.
• Introduced ci-build.sh for CI/CD pipeline to build Java artifacts and Docker images.
• Created server-deploy.sh for deployment on live server with backup and health checks.
• Implemented server-init.sh for initial server setup and directory structure.
• Added docker-compose.prod.yml for production environment setup.
• Created docker-compose.yml for local development environment.
• Removed outdated production-build-new-relic.sh.
• Enhanced setup.sh to streamline configuration and secret generation.

Summary by CodeRabbit

• New Features

  • Added automated GitHub Actions workflow for production deployments, including Docker image building and secure server deployment via SSH.
  • Introduced server initialization with automatic directory setup and configuration file generation.
  • Implemented environment-variable-based configuration management with enhanced credential security across all services.

• Chores

  • Removed legacy deployment scripts and refactored build processes.
  • Enhanced setup script with improved database and secret credential management.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e4e9d51 and 47ffc32.

📒 Files selected for processing (12)

• .github/workflows/deploy.yml
• .gitignore
• deployment/.env.sample
• deployment/.gitignore
• deployment/build/production-build.sh
• deployment/ci/ci-build.sh
• deployment/ci/server-deploy.sh
• deployment/ci/server-init.sh
• deployment/docker-compose.prod.yml
• deployment/docker-compose.yml
• deployment/production-build-new-relic.sh
• deployment/setup.sh

---

📝 Walkthrough

Walkthrough

The changes establish a complete CI/CD deployment infrastructure, adding a GitHub Actions workflow that automates building Docker images and deploying them to production servers via SSH, alongside new deployment scripts for server initialization and orchestration, and refactored Docker Compose configurations to use environment-based credentials management instead of hardcoded values.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow .github/workflows/deploy.yml	New production deployment pipeline triggered on push to main or manual dispatch. Two-job workflow: Build job (JDK 17, Docker Buildx, Maven compilation, Docker image creation) and Deploy job (SSH-based artifact transfer, image loading, service orchestration, health verification, cleanup).
Environment & Gitignore Configuration deployment/.env.sample, .gitignore, deployment/.gitignore	Added new environment sample file with Postgres credentials and internal API secret. Removed docker-compose.yml and .github from gitignore to enable repository tracking. Removed IntelliJ header and docker-compose.yml exclusion from deployment/.gitignore.
Deployment Automation Scripts deployment/ci/ci-build.sh, deployment/ci/server-deploy.sh, deployment/ci/server-init.sh, deployment/build/production-build.sh	New CI build script compiles Java artifacts and builds five Docker images into a single tarball. New server initialization script provisions directory structure and placeholder configuration files. New server deployment script handles image loading, service orchestration, PostgreSQL backup, health checks, and artifact cleanup. Updated production-build.sh to change frontend branch from epic/CA-1-self-host to main and disable runtime submodule synchronization.
Docker Compose Configuration deployment/docker-compose.yml, deployment/docker-compose.prod.yml	Both files refactored to replace hardcoded database credentials and API secrets with environment variable interpolation and validation. Production variant converts several services from build-context-based to image-based deployment and restricts port bindings to localhost. Disabled SQL logging, updated healthchecks, and introduced shared_keys volume.
Setup Script Migration deployment/setup.sh	Updated setup workflow to generate combined .env file containing database credentials (POSTGRES_DB, POSTGRES_USER, POSTGRES_PASSWORD) alongside internal API secret. Removed docker-compose.yml copying logic. Added DB_PASSWORD generation and consolidated credential file management.
Removed Legacy Deployment Script deployment/production-build-new-relic.sh	Deleted 71-line deployment script that previously handled end-to-end production workflows including frontend submodule synchronization, NewRelic configuration injection, and service orchestration—functionality now distributed across specialized new scripts.

Sequence Diagram(s)

sequenceDiagram
    actor Dev as Developer
    participant GH as GitHub Actions
    participant Build as Build Job
    participant Registry as Docker Registry
    participant Deploy as Deploy Job
    participant SSH as SSH/Server
    participant Compose as docker-compose
    participant Health as Health Check

    Dev->>GH: Push to main or manual dispatch
    GH->>Build: Trigger Build Job
    Build->>Build: Checkout code (submodules)
    Build->>Build: Setup JDK 17 & Docker Buildx
    Build->>Build: Run ci-build.sh (Maven compile)
    Build->>Build: Build 5 Docker images
    Build->>Registry: Upload codecrow-images.tar.gz artifact
    
    GH->>Deploy: Trigger Deploy Job (depends on Build)
    Deploy->>Registry: Download Docker images tarball
    Deploy->>SSH: Configure SSH connection
    Deploy->>SSH: Securely copy docker-compose.prod.yml
    Deploy->>SSH: Securely copy server-deploy.sh
    Deploy->>SSH: Transfer codecrow-images.tar.gz
    Deploy->>SSH: Execute server-deploy.sh remotely
    
    SSH->>Compose: Load Docker images from tarball
    SSH->>Compose: Backup PostgreSQL (if running)
    SSH->>Compose: Stop existing services
    SSH->>Compose: Start services with docker-compose
    Compose->>Health: Health check containers
    Health-->>Deploy: Status report
    SSH->>SSH: Cleanup old releases/backups
    Deploy->>Dev: Deployment complete

Loading

Estimated Code Review Effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Poem

🐰 Hops with glee through the CI/CD trees,
Automate, deploy, bring servers to their knees!
GitHub Actions whisper their workflows so grand,
Docker containers marching across the land,
From build to production, no manual push—
Infrastructure as code—no need to rush! 🚀

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 1.5.1-rc

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}