santhoshj/astro-website
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
439b886a1b1a7c5a3a0ad3877b5efa4c796f53e9
astro-website/openspec/changes/archive/2026-02-10-deploy-without-node/design.md
Santhosh Janardhanan 3b0b97f139
Some checks failed
ci / site (push) Has been cancelled
Details
publish-image / publish (push) Has been cancelled
Details
deploy without node
2026-02-10 02:52:14 -05:00

3.1 KiB
Raw Blame History

Context

  • Production server environment is intentionally minimal: Docker is available, but Node.js is not installed on the host.
  • The site needs a repeatable way to get to the latest built content on that server.

Goals / Non-Goals

Goals:

  • Update the deployed site to the latest content using Docker-only operations on the server.
  • Keep the server host clean (no Node.js installation required).
  • Make the refresh procedure repeatable and verifiable.

Non-Goals:

  • Building site artifacts directly on the server host outside containers.
  • Introducing a new CMS/content authoring workflow.
  • Solving content freshness triggers end-to-end (webhooks, scheduling) beyond what is needed to support a Docker-based refresh.

Decisions

  1. Build in CI, deploy as a Docker image Why: keeps host clean and makes deploy deterministic. Alternatives considered:
  • Install Node.js on the host: rejected (violates clean server requirement).
  • Build on the host inside a one-off container writing to a bind mount/volume: possible, but adds operational complexity and makes server resources part of the build pipeline.
  1. Refresh by pulling a published image and restarting the service Why: the server only needs Docker + registry access. Alternatives considered:
  • File-based sync (rsync/scp) of static assets: can work, but requires separate artifact distribution and is easier to drift.
  • Automated image updating (e.g., watchtower): may be useful later, but start with an explicit, documented operator command.
  1. Version visibility via image metadata Why: operators need to confirm what is running. Approach:
  • Publish images with an immutable identifier (digest) and a human-friendly tag.
  • Expose build metadata through standard Docker inspection and/or a small endpoint/static file in the image.

Risks / Trade-offs

  • [Risk] Content can be stale if the CI build does not run when content changes Mitigation: add a scheduled build and/or content-change trigger in CI (future enhancement if not already present).

  • [Risk] Registry auth/secrets management on the server Mitigation: use least-privilege registry credentials and Docker-native secret handling where available.

  • [Risk] Short downtime during restart Mitigation: use docker compose up -d to minimize downtime; consider health checks and rolling strategies if/when multiple replicas are used.

Migration Plan

  • Add or update the Docker image build to produce a deployable image containing the built site output.
  • Update server deployment configuration (compose/service) to run the published image.
  • Document the operator refresh command(s): pull latest image, restart service, verify deployed version.
  • Rollback strategy: re-deploy the previously known-good image tag/digest.

Open Questions

  • What is the authoritative "latest content" source (e.g., WordPress, filesystem, git) and what is the trigger to rebuild/publish a new image?
  • Where should operator commands live (Makefile, ops/ scripts, README section)?
  • What is the current deployment target (single host compose, swarm, k8s) and should this change be scoped to one?
Reference in New Issue View Git Blame Copy Permalink