chore: add deploy script for dev/prod CI releases #190

cal · 2026-04-07T03:42:43Z

cal commented

2026-04-07 03:42:43 +00:00

Summary

New scripts/deploy.sh for tag-based CI deployments
Dev: ./scripts/deploy.sh dev [commit] — force-updates dev git tag, triggers CI :dev Docker build
Prod: ./scripts/deploy.sh prod [commit] — creates CalVer tag + latest + production git tags with confirmation prompt

Details

Defaults to HEAD of main, accepts optional commit SHA
Validates commit is on main (local + remote) before tagging
CalVer uses max existing build number + 1 (robust against deleted/out-of-order tags)
Fetches remote tags before any operations to ensure fresh state

Test plan

shellcheck scripts/deploy.sh — no warnings
./scripts/deploy.sh dev — verify dev tag push + CI trigger
./scripts/deploy.sh prod — verify CalVer generation + confirmation prompt

🤖 Generated with Claude Code

## Summary - New `scripts/deploy.sh` for tag-based CI deployments - **Dev**: `./scripts/deploy.sh dev [commit]` — force-updates `dev` git tag, triggers CI `:dev` Docker build - **Prod**: `./scripts/deploy.sh prod [commit]` — creates CalVer tag + `latest` + `production` git tags with confirmation prompt ## Details - Defaults to HEAD of main, accepts optional commit SHA - Validates commit is on main (local + remote) before tagging - CalVer uses max existing build number + 1 (robust against deleted/out-of-order tags) - Fetches remote tags before any operations to ensure fresh state ## Test plan - [x] `shellcheck scripts/deploy.sh` — no warnings - [ ] `./scripts/deploy.sh dev` — verify dev tag push + CI trigger - [ ] `./scripts/deploy.sh prod` — verify CalVer generation + confirmation prompt 🤖 Generated with [Claude Code](https://claude.com/claude-code)

cal added 3 commits 2026-04-07 03:42:44 +00:00

feat: embed WOFF2 fonts as base64 in style.html, remove CDN links (#88 ) 81fcc4606f

Closes #88

- Add 5 @font-face declarations with base64-encoded WOFF2 data to style.html
  (Open Sans 300/400/700, Source Sans 3 400/700)
- Remove three Google Fonts CDN <link> tags from player_card.html
- Source WOFF2 files already present in storage/fonts/

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

fix: consolidate variable font @font-face to single block per family (#96 )

Build Docker Image / build (pull_request) Failing after 4m54s

Details

2dec3cdaa1

Both WOFF2 fonts are variable fonts with wght axes. Open Sans covers
300-800 and Source Sans 3 covers 200-900, so a single @font-face per
family with a weight range is correct. Eliminates ~167 KB of duplicate
base64 data (5 identical-payload blocks → 2 range declarations).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

chore: add deploy script for dev/prod tag-based CI releases

Build Docker Image / build (pull_request) Failing after 4m58s

Details

690012ff1f

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Claude added the

ai-reviewing

label 2026-04-07 03:45:59 +00:00

Claude requested changes 2026-04-07 03:49:18 +00:00

Claude left a comment

AI Code Review

Files Reviewed

scripts/deploy.sh (added)
storage/templates/player_card.html (modified — not described in PR)
storage/templates/style.html (modified — not described in PR)

Findings

Correctness

BLOCKING — Undisclosed template changes not in scope for this PR

The diff includes modifications to two HTML template files that are not mentioned anywhere in the PR title, summary, or test plan:

storage/templates/player_card.html: removes 3 Google Fonts <link> tags
storage/templates/style.html: adds @font-face declarations with base64-encoded WOFF2 data URIs (5 font variants: Open Sans 300/400/700, Source Sans 3 400/700)

These changes match open PR #96 ("feat: self-hosted WOFF2 fonts via base64 embedding") exactly. Merging this PR would silently land those font changes without the review and test plan that PR #96 provides. The branch should be rebased onto current main with the font changes removed — they belong in PR #96.

BLOCKING — PR is not currently mergeable

mergeable: false — there are merge conflicts with main that must be resolved before this can land.

Security

No issues found in scripts/deploy.sh. Confirmation prompt before prod push is appropriate. Force-push is scoped to floating tags only (dev, latest, production), not the immutable CalVer tag.

Style & Conventions

MINOR — sed with unescaped dots in PREFIX

scripts/deploy.sh line ~63:

LAST_BUILD=$(git tag -l "${PREFIX}*" | sed "s/^${PREFIX}//" | sort -n | tail -1)

PREFIX expands to e.g. 2026.4.. In sed, . is a regex metacharacter matching any character. While benign in practice (CalVer tags are controlled), strictly correct form escapes the dots. The git tag -l glob already pre-filters, so this only causes problems if a tag like 2026X4Y1 existed (impossible in practice). Note only, non-blocking.

MINOR — ENV variable name

ENV="$1" shadows the POSIX $ENV variable (used by some shells to locate the initialization file). Convention is to use a less generic name like DEPLOY_ENV. Low real-world risk.

Suggestions

scripts/deploy.sh logic is otherwise well-constructed:

set -euo pipefail ✓
git fetch --tags before any tagging operations ✓
Branch validation regex (grep -qE '(^|\s)(main|remotes/origin/main)$') correctly handles * main and remotes/origin/main output formats ✓
${LAST_BUILD:-0} empty-guard for first build of a month ✓
CalVer max + 1 approach is robust against deleted/out-of-order tags ✓

Verdict: REQUEST_CHANGES

Two blockers: (1) the diff silently includes the player_card.html + style.html font-embedding changes from open PR #96 with no mention in this PR's description — those changes must be removed from this branch; (2) the PR has a merge conflict with main that needs resolution. The scripts/deploy.sh itself is clean and ready once the branch is corrected.

Automated review by Claude PR Reviewer

## AI Code Review ### Files Reviewed - `scripts/deploy.sh` (added) - `storage/templates/player_card.html` (modified — **not described in PR**) - `storage/templates/style.html` (modified — **not described in PR**) --- ### Findings #### Correctness **BLOCKING — Undisclosed template changes not in scope for this PR** The diff includes modifications to two HTML template files that are not mentioned anywhere in the PR title, summary, or test plan: - `storage/templates/player_card.html`: removes 3 Google Fonts `<link>` tags - `storage/templates/style.html`: adds `@font-face` declarations with base64-encoded WOFF2 data URIs (5 font variants: Open Sans 300/400/700, Source Sans 3 400/700) These changes match open PR #96 ("feat: self-hosted WOFF2 fonts via base64 embedding") exactly. Merging this PR would silently land those font changes without the review and test plan that PR #96 provides. The branch should be rebased onto current `main` with the font changes removed — they belong in PR #96. **BLOCKING — PR is not currently mergeable** `mergeable: false` — there are merge conflicts with `main` that must be resolved before this can land. #### Security No issues found in `scripts/deploy.sh`. Confirmation prompt before prod push is appropriate. Force-push is scoped to floating tags only (`dev`, `latest`, `production`), not the immutable CalVer tag. #### Style & Conventions **MINOR — `sed` with unescaped dots in PREFIX** `scripts/deploy.sh` line ~63: ```bash LAST_BUILD=$(git tag -l "${PREFIX}*" | sed "s/^${PREFIX}//" | sort -n | tail -1) ``` `PREFIX` expands to e.g. `2026.4.`. In sed, `.` is a regex metacharacter matching any character. While benign in practice (CalVer tags are controlled), strictly correct form escapes the dots. The `git tag -l` glob already pre-filters, so this only causes problems if a tag like `2026X4Y1` existed (impossible in practice). Note only, non-blocking. **MINOR — `ENV` variable name** `ENV="$1"` shadows the POSIX `$ENV` variable (used by some shells to locate the initialization file). Convention is to use a less generic name like `DEPLOY_ENV`. Low real-world risk. #### Suggestions `scripts/deploy.sh` logic is otherwise well-constructed: - `set -euo pipefail` ✓ - `git fetch --tags` before any tagging operations ✓ - Branch validation regex (`grep -qE '(^|\s)(main|remotes/origin/main)$'`) correctly handles `* main` and ` remotes/origin/main` output formats ✓ - `${LAST_BUILD:-0}` empty-guard for first build of a month ✓ - CalVer `max + 1` approach is robust against deleted/out-of-order tags ✓ --- ### Verdict: REQUEST_CHANGES Two blockers: (1) the diff silently includes the `player_card.html` + `style.html` font-embedding changes from open PR #96 with no mention in this PR's description — those changes must be removed from this branch; (2) the PR has a merge conflict with `main` that needs resolution. The `scripts/deploy.sh` itself is clean and ready once the branch is corrected. --- *Automated review by Claude PR Reviewer*

Claude added

ai-changes-requested

and removed

ai-reviewing

labels 2026-04-07 03:49:38 +00:00

cal referenced this issue from a commit

2026-04-07 03:49:49 +00:00

chore: add deploy script for dev/prod tag-based CI releases

cal referenced this pull request

2026-04-07 03:52:57 +00:00

chore: add deploy script for dev/prod CI releases #191

cal closed this pull request