chore: clean up release workflow and document Doppler usage

2026-04-15 20:14:45 +05:00
parent 6d0dac256d
commit 2864c4a6c0
2 changed files with 13 additions and 89 deletions
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@@ -62,95 +62,7 @@ jobs:
          path: ui/build
          retention-days: 1

-  # ── ui: source map upload ─────────────────────────────────────────────────────
-  # Commented out — re-enable when GlitchTip source map uploads are needed again.
-  #
-  # upload-sourcemaps:
-  #   name: Upload source maps
-  #   runs-on: ubuntu-latest
-  #   needs: [check-ui]
-  #   steps:
-  #     - name: Compute release version (strip leading v)
-  #       id: ver
-  #       run: |
-  #         V="${{ gitea.ref_name }}"
-  #         echo "version=${V#v}" >> "$GITHUB_OUTPUT"
-  #
-  #     - name: Download build artifacts
-  #       uses: actions/download-artifact@v3
-  #       with:
-  #         name: ui-build
-  #         path: build
-  #
-  #     - name: Install sentry-cli
-  #       run: npm install -g @sentry/cli
-  #
-  #     - name: Inject debug IDs into build artifacts
-  #       run: sentry-cli sourcemaps inject ./build
-  #       env:
-  #         SENTRY_URL: https://errors.libnovel.cc/
-  #         SENTRY_AUTH_TOKEN: ${{ secrets.GLITCHTIP_AUTH_TOKEN }}
-  #         SENTRY_ORG: libnovel
-  #         SENTRY_PROJECT: ui
-  #
-  #     - name: Upload injected build (for docker-ui)
-  #       uses: actions/upload-artifact@v3
-  #       with:
-  #         name: ui-build-injected
-  #         path: build
-  #         retention-days: 1
-  #
-  #     - name: Create GlitchTip release
-  #       run: sentry-cli releases new ${{ steps.ver.outputs.version }}
-  #       env:
-  #         SENTRY_URL: https://errors.libnovel.cc/
-  #         SENTRY_AUTH_TOKEN: ${{ secrets.GLITCHTIP_AUTH_TOKEN }}
-  #         SENTRY_ORG: libnovel
-  #         SENTRY_PROJECT: ui
-  #
-  #     - name: Upload source maps to GlitchTip
-  #       run: sentry-cli sourcemaps upload ./build --release ${{ steps.ver.outputs.version }}
-  #       env:
-  #         SENTRY_URL: https://errors.libnovel.cc/
-  #         SENTRY_AUTH_TOKEN: ${{ secrets.GLITCHTIP_AUTH_TOKEN }}
-  #         SENTRY_ORG: libnovel
-  #         SENTRY_PROJECT: ui
-  #
-  #     - name: Finalize GlitchTip release
-  #       run: sentry-cli releases finalize ${{ steps.ver.outputs.version }}
-  #       env:
-  #         SENTRY_URL: https://errors.libnovel.cc/
-  #         SENTRY_AUTH_TOKEN: ${{ secrets.GLITCHTIP_AUTH_TOKEN }}
-  #         SENTRY_ORG: libnovel
-  #         SENTRY_PROJECT: ui
-  #
-  #     - name: Prune old GlitchTip releases (keep latest 10)
-  #       run: |
-  #         set -euo pipefail
-  #         KEEP=10
-  #         OLD=$(curl -sf \
-  #           -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
-  #           "$SENTRY_URL/api/0/organizations/$SENTRY_ORG/releases/?project=$SENTRY_PROJECT&per_page=100" \
-  #           | python3 -c "
-  #         import sys, json
-  #         releases = json.load(sys.stdin)
-  #         for r in releases[$KEEP:]:
-  #             print(r['version'])
-  #         " KEEP=$KEEP)
-  #         for ver in $OLD; do
-  #           echo "Deleting old release: $ver"
-  #           sentry-cli releases delete "$ver" || true
-  #         done
-  #       env:
-  #         SENTRY_URL: https://errors.libnovel.cc
-  #         SENTRY_AUTH_TOKEN: ${{ secrets.GLITCHTIP_AUTH_TOKEN }}
-  #         SENTRY_ORG: libnovel
-  #         SENTRY_PROJECT: ui
-
  # ── docker: build + push all images via docker bake ──────────────────────────
-  # docker-bake.hcl owns all tag logic (semver, major.minor, latest) via HCL
-  # functions — no docker/metadata-action needed.  BuildKit builds all five
-  # targets in parallel, sharing the Go builder stage across backend/runner/pocketbase.
  docker:
    name: Docker
    runs-on: ubuntu-latest
@@ -192,7 +104,8 @@ jobs:
          set: |
            *.output=type=image,push=true
        env:
-          GIT_TAG: ${{ gitea.ref_name }}
+          VERSION: ${{ steps.ver.outputs.version }}
+          MAJOR_MINOR: ${{ steps.ver.outputs.major_minor }}
          COMMIT: ${{ gitea.sha }}
          BUILD_TIME: ${{ gitea.event.head_commit.timestamp }}

--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -2,6 +2,17 @@

 This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

+## Environment / Secrets
+
+All project environment variables are stored in **Doppler**. When you need to access any secret or env var (e.g. API tokens, database URLs, credentials), fetch them via:
+
+```bash
+doppler run -- <command>        # inject all secrets into a command
+doppler secrets get SECRET_NAME # inspect a specific secret
+```
+
+Never use `.env` files. Do not ask the user to provide secrets manually — they are available via Doppler.
+
 ## Commands

 ### Docker (via `just` — the primary way to run services)