From ae936b2e1ad014f7d91a661db0edb64c3a10e236 Mon Sep 17 00:00:00 2001 From: svemagie Date: Tue, 10 Mar 2026 17:33:41 +0100 Subject: [PATCH] fix(deploy): explicitly re-run all patches after npm ci Adds an explicit patch loop in the deploy step to ensure all scripts/patch-*.mjs run even if npm ci postinstall was skipped. This guarantees changelog categorization and other patches are always applied on the server regardless of npm install mode. --- .github/workflows/deploy.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 1453fefa..e41090fc 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -41,6 +41,9 @@ jobs: # sharp/libvips are managed manually on the server. + # Verify and re-apply patches in case postinstall was skipped (e.g. npm ci --ignore-scripts). + sudo bastille cmd node sh -lc 'su -l indiekit -c "cd /usr/local/indiekit && for patch in scripts/patch-*.mjs; do node \"\$patch\"; done"' + # Ensure env file exists and contains auth secrets required by start.sh. sudo bastille cmd node sh -lc 'su -l indiekit -c "cd /usr/local/indiekit && test -f .env"' sudo bastille cmd node sh -lc 'su -l indiekit -c "cd /usr/local/indiekit && if ! grep -Eq \"^SECRET=.*\" .env; then echo \"Missing SECRET in /usr/local/indiekit/.env\"; exit 1; fi; if ! (grep -Eq \"^PASSWORD_SECRET=.*\" .env || grep -Eq \"^INDIEKIT_ALLOW_PASSWORD_SETUP=1\" .env); then echo \"Missing PASSWORD_SECRET (or set INDIEKIT_ALLOW_PASSWORD_SETUP=1 for one-time recovery) in /usr/local/indiekit/.env\"; exit 1; fi"'