Rework on updating the homepage

[megasanjay]

Summary by Sourcery

Set up Kamal-based deployment for the Nuxt application and adjust the container startup process to support database migrations.

Build:

• Update Dockerfile to include Busybox utilities, copy Prisma schema and migrations, and delegate startup to an external script that can run migrations before launching the app.

CI:

• Add a GitHub Actions workflow to deploy the development environment using Kamal and Azure Container Registry.

Deployment:

• Add Kamal deployment configuration, secrets, and hook placeholders for managing app deployment and related services.

Chores:

• Add a startup script for the application container to orchestrate database readiness, (optional) migrations, and app startup.

[fairdataihub-bot]

Thank you for submitting this pull request! We appreciate your contribution to the project. Before we can merge it, we need to review the changes you've made to ensure they align with our code standards and meet the requirements of the project. We'll get back to you as soon as we can with feedback. Thanks again!

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
dmpchef-website	Ready	Preview, Comment	Jan 14, 2026 9:05pm

[sourcery-ai]

Reviewer's Guide

Adds Kamal-based deployment configuration and GitHub Actions workflow for development deployments, updates the Docker image to support Prisma migrations and custom startup script, and introduces deployment-related scripts and hooks scaffolding.

Sequence diagram for Kamal-based development deployment via GitHub Actions

sequenceDiagram
  actor Developer
  participant GitHub
  participant GitHubActions
  participant KamalCLI
  participant Registry
  participant WebServer
  participant DockerEngine
  participant AppContainer

  Developer->>GitHub: Push changes to feature/update-ui
  GitHub-->>GitHubActions: Trigger deploy-dev workflow

  GitHubActions->>GitHubActions: Load secrets and env vars
  GitHubActions->>KamalCLI: Install kamal
  GitHubActions->>WebServer: Configure SSH agent

  GitHubActions->>Registry: Login with KAMAL_REGISTRY credentials
  GitHubActions->>KamalCLI: kamal lock release
  GitHubActions->>KamalCLI: kamal setup

  KamalCLI->>Registry: Build and push Docker image (image: KAMAL_APP_NAME)
  KamalCLI->>WebServer: Orchestrate deployment
  WebServer->>DockerEngine: Pull latest image from Registry
  DockerEngine->>AppContainer: Start container with env (DATABASE_URL, DMP_API, NUXT_SESSION_PASSWORD)
  AppContainer->>AppContainer: Run scripts/start.sh entrypoint
  AppContainer->>Developer: Expose app on port 3000 via proxy

Loading

File-Level Changes

Change	Details	Files
Update runtime Docker image to support Kamal deployment and Prisma migrations via a dedicated startup script.	Change image metadata description to reflect DMP Chef branding. Install busybox-extras alongside openssl to provide netcat for database readiness checks. Copy Prisma schema and migrations into the runtime image so prisma migrate deploy can run in the container. Replace inline generated start.sh with a tracked scripts/start.sh and mark it executable. Adjust container startup to rely on the external startup script rather than an inlined shell script.	Dockerfile scripts/start.sh
Introduce Kamal deployment configuration for the Nuxt application.	Create config/deploy.yml with application service name, image, web server configuration, SSL proxy settings, registry credentials, and environment variable wiring. Document optional accessories for Postgres, Redis, and S3-based backup services in commented sections of the config. Configure SSH user and provide commented guidance for volumes, rolling deploys, and asset handling.	config/deploy.yml
Add GitHub Actions workflow to deploy the development environment using Kamal and Azure Container Registry.	Create .github/workflows/deploy-dev.yml to deploy on pushes to feature/update-ui and manual dispatch. Configure environment variables from GitHub secrets for Kamal, registry, and application runtime settings. Set up Ruby and Kamal, SSH agent, Docker login to Azure Container Registry, and Docker Buildx, then run kamal lock release and kamal setup as part of the deployment job. Stub out a commented migration job for future database migration automation.	.github/workflows/deploy-dev.yml
Add Kamal hooks and secrets scaffolding for future customization.	Add empty sample hook scripts for various Kamal lifecycle events (pre-build, post-deploy, proxy reboot hooks, etc.). Introduce a .kamal/secrets file placeholder to integrate with Kamal’s secret management.	.kamal/hooks/docker-setup.sample .kamal/hooks/post-deploy.sample .kamal/hooks/post-proxy-reboot.sample .kamal/hooks/pre-build.sample .kamal/hooks/pre-connect.sample .kamal/hooks/pre-deploy.sample .kamal/hooks/pre-proxy-reboot.sample .kamal/secrets

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[fairdataihub-bot]

Thanks for making updates to your pull request. Our team will take a look and provide feedback as soon as possible. Please wait for any GitHub Actions to complete before editing your pull request. If you have any additional questions or concerns, feel free to let us know. Thank you for your contributions!

[sourcery-ai]

Hey - I've found 4 issues, and left some high level feedback:

• The Dockerfile no longer defines a CMD/ENTRYPOINT after switching to scripts/start.sh; consider adding CMD ["/bin/sh", "/app/scripts/start.sh"] (or similar) so containers actually start with the intended script.
• In scripts/start.sh, the database wait and Prisma migrate logic are fully commented out despite adding BusyBox and copying the Prisma schema/migrations; either re-enable this behavior or remove the unused dependencies/steps to avoid confusion.
• The Kamal config and deploy workflow set NODE_ENV: test for the dev deployment; verify that this is intentional, as many Nuxt/Node behaviors differ between test, development, and production modes.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The Dockerfile no longer defines a CMD/ENTRYPOINT after switching to `scripts/start.sh`; consider adding `CMD ["/bin/sh", "/app/scripts/start.sh"]` (or similar) so containers actually start with the intended script.
- In `scripts/start.sh`, the database wait and Prisma migrate logic are fully commented out despite adding BusyBox and copying the Prisma schema/migrations; either re-enable this behavior or remove the unused dependencies/steps to avoid confusion.
- The Kamal config and deploy workflow set `NODE_ENV: test` for the dev deployment; verify that this is intentional, as many Nuxt/Node behaviors differ between `test`, `development`, and `production` modes.

## Individual Comments

### Comment 1
<location> `Dockerfile:30-31` </location>
<code_context>

-RUN apk add --no-cache openssl
+# Busybox is used netcat for waiting for Postgres to be ready
+RUN apk add --no-cache openssl busybox-extras

 WORKDIR /app
</code_context>

<issue_to_address>
**suggestion:** busybox-extras is installed but netcat usage is currently commented out in the startup script.

Since the `nc`-based Postgres wait in `scripts/start.sh` is commented out, `busybox-extras` isn’t currently used. Either re-enable the readiness check (and keep `busybox-extras`) or remove `busybox-extras` to avoid an unused dependency and keep the image smaller.

```suggestion
RUN apk add --no-cache openssl
```
</issue_to_address>

### Comment 2
<location> `scripts/start.sh:4-13` </location>
<code_context>
+# This script ensures the database is ready, runs any pending migrations,
</code_context>

<issue_to_address>
**issue (bug_risk):** Startup script comments describe DB wait and migrations, but all related logic is commented out so it just starts Node.

All of the behavior described in the comment (`set -e`, DB readiness check via `nc`, `npx prisma migrate deploy`) is currently commented out, so the script only runs `node /app/server/index.mjs`. If migrations or DB readiness are expected to be handled here, this can lead to race conditions or schema drift. Either restore the needed logic (with sensible timeouts) or update the script/Dockerfile comments to accurately reflect what actually happens.
</issue_to_address>

### Comment 3
<location> `config/deploy.yml:66-67` </location>
<code_context>
+# Inject ENV variables into all containers (secrets come from .kamal/secrets).
+# Environment variables are available to your application at runtime
+env:
+  clear:
+    NODE_ENV: test # Set to 'production' for production deployments
+  secret:
+    - DATABASE_URL # Database connection string
</code_context>

<issue_to_address>
**question (bug_risk):** Using NODE_ENV=test for a deployed environment may not match expected runtime behavior.

In this Kamal config, `NODE_ENV` is set to `test` even though it’s used for a real deployment. Many libraries change behavior based on `NODE_ENV` (logging, caching, error handling, optimizations), and `test` is typically intended only for automated test runs. If this environment is dev or staging, consider `development`; if it should mirror production behavior, use `production` instead.
</issue_to_address>

### Comment 4
<location> `.github/workflows/deploy-dev.yml:76-79` </location>
<code_context>
+      # Step 9: Initial Kamal setup (only needed once per server)
+      # Note: This step might need to be run manually on the server first time
+      # to add the user to the docker group: `sudo usermod -aG docker $USER | newgrp docker | docker ps`
+      - run: kamal setup
+
+  # Job for running database migrations
</code_context>

<issue_to_address>
**suggestion (performance):** Running `kamal setup` on every deploy can be slower and heavier than necessary once the server is initialized.

Since `kamal setup` is generally needed only once per server, running it on every deployment adds unnecessary overhead and potential fragility if setup behavior changes. Consider moving this to a one-time/manual step or separate workflow, and use `kamal deploy` (or the appropriate deploy command) for the regular deployment path.

```suggestion
      # Step 9: Initial Kamal setup (only needed once per server)
      # NOTE:
      # - `kamal setup` is generally required only the first time a server is provisioned.
      # - Running it on every deploy can be slow and introduce unnecessary risk if setup behavior changes.
      # - Prefer running this manually (or via a separate one-off workflow) when initializing a new server.
      # - Example manual command (on the server) to add the user to the docker group:
      #     sudo usermod -aG docker $USER | newgrp docker | docker ps
      #
      # If you do want GitHub Actions to perform initial setup, consider creating a dedicated
      # "setup" workflow that runs `kamal setup` explicitly, instead of doing so on every deploy.
      # - run: kamal setup
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

suggestion: busybox-extras is installed but netcat usage is currently commented out in the startup script.

Since the nc-based Postgres wait in scripts/start.sh is commented out, busybox-extras isn’t currently used. Either re-enable the readiness check (and keep busybox-extras) or remove busybox-extras to avoid an unused dependency and keep the image smaller.

Suggested change

	# Busybox is used netcat for waiting for Postgres to be ready
	RUN apk add --no-cache openssl busybox-extras
	RUN apk add --no-cache openssl

[sourcery-ai]

question (bug_risk): Using NODE_ENV=test for a deployed environment may not match expected runtime behavior.

In this Kamal config, NODE_ENV is set to test even though it’s used for a real deployment. Many libraries change behavior based on NODE_ENV (logging, caching, error handling, optimizations), and test is typically intended only for automated test runs. If this environment is dev or staging, consider development; if it should mirror production behavior, use production instead.

[sourcery-ai]

suggestion (performance): Running kamal setup on every deploy can be slower and heavier than necessary once the server is initialized.

Since kamal setup is generally needed only once per server, running it on every deployment adds unnecessary overhead and potential fragility if setup behavior changes. Consider moving this to a one-time/manual step or separate workflow, and use kamal deploy (or the appropriate deploy command) for the regular deployment path.

Suggested change

	# Step 9: Initial Kamal setup (only needed once per server)
	# Note: This step might need to be run manually on the server first time
	# to add the user to the docker group: `sudo usermod -aG docker $USER | newgrp docker | docker ps`
	- run: kamal setup
	# Step 9: Initial Kamal setup (only needed once per server)
	# NOTE:
	# - `kamal setup` is generally required only the first time a server is provisioned.
	# - Running it on every deploy can be slow and introduce unnecessary risk if setup behavior changes.
	# - Prefer running this manually (or via a separate one-off workflow) when initializing a new server.
	# - Example manual command (on the server) to add the user to the docker group:
	# sudo usermod -aG docker $USER | newgrp docker | docker ps
	#
	# If you do want GitHub Actions to perform initial setup, consider creating a dedicated
	# "setup" workflow that runs `kamal setup` explicitly, instead of doing so on every deploy.
	# - run: kamal setup

[fairdataihub-bot]

Thanks for closing this pull request! If you have any further questions, please feel free to open a new issue. We are always happy to help!