Benjamin Admin
e2be51b0aa
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / validate-canonical-controls (push) Successful in 16s
CI / detect-changes (push) Successful in 11s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 16s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m42s
CI / test-go (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 41s
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Has been skipped
P106 — mc_audit_type.py: zentrales Quality-Thema. Klassifiziert pro MC: verifiable / process_internal / doc_internal / ambiguous. Pattern-Match auf check_question + title + fail_criteria (Schulung, AVV abgeschlossen, TOM umgesetzt, DSFA durchgefuehrt, Ausnahmen dokumentieren, kostenfrei zur Verfuegung, opt-out intern ermoeglichen, …). Interne MCs werden in der MC-Auswertung NICHT mehr als FAIL gewertet, sondern als CHECK markiert (audit_status='check'). Sie zaehlen im build_scorecard als skipped (nicht failed) damit der Score realistisch ist. build_internal_checks_block_html() rendert sie als separaten blauen Block 'Pruefungen die wir von aussen NICHT durchfuehren koennen' nach dem MC-Scorecard. Erwartete Wirkung: bei VW 95 FAILs → wahrscheinlich 30-40 echte verifiable_fails + 50-60 internal_checks. GF-Mail wird drastisch realistischer (statt 'Sie haben 95 Verstoesse' → 'Sie haben 35 extern sichtbare Themen + 60 interne Checks, bitte mit DSB klaeren'). P83 — BUILD_SHA in backend/admin/consent-tester Dockerfiles als ARG + ENV. check-rebuild-needed.sh kann jetzt deployed vs local SHA vergleichen + REBUILD REQUIRED melden. P80 v2 — check_replay.py macht jetzt vollstaendigen Replay aller post-fetch Quality-Generatoren: vendor_normalizer (Dedup), audit_quality_checks, cookie_compliance_audit, tcf_vendor_authority, cookie_value_entropy, cookie_network_tracer. Snapshots aus alter Zeit zeigen jetzt im Replay den aktuellen Audit-Stand. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
64 lines
1.4 KiB
Docker
64 lines
1.4 KiB
Docker
# Build stage
|
|
FROM node:20-alpine AS builder
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy package files
|
|
COPY package.json package-lock.json* ./
|
|
|
|
# Install dependencies
|
|
RUN npm install
|
|
|
|
# Copy source code
|
|
COPY . .
|
|
|
|
# Build arguments for environment variables
|
|
ARG NEXT_PUBLIC_API_URL
|
|
ARG NEXT_PUBLIC_OLD_ADMIN_URL
|
|
ARG NEXT_PUBLIC_SDK_URL
|
|
|
|
# Set environment variables for build
|
|
ENV NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL
|
|
ENV NEXT_PUBLIC_OLD_ADMIN_URL=$NEXT_PUBLIC_OLD_ADMIN_URL
|
|
ENV NEXT_PUBLIC_SDK_URL=$NEXT_PUBLIC_SDK_URL
|
|
|
|
# Ensure public directory exists (Next.js standalone needs it)
|
|
RUN mkdir -p public
|
|
|
|
# Build the application
|
|
RUN npm run build
|
|
|
|
# Production stage
|
|
FROM node:20-alpine AS runner
|
|
|
|
WORKDIR /app
|
|
|
|
# Set to production
|
|
ENV NODE_ENV=production
|
|
|
|
# Create non-root user
|
|
RUN addgroup -S -g 1001 nodejs
|
|
RUN adduser -S -u 1001 -G nodejs nextjs
|
|
|
|
# Copy built assets
|
|
COPY --from=builder /app/public ./public
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
|
|
COPY --from=builder --chown=nextjs:nodejs /app/agent-core ./agent-core
|
|
|
|
# Switch to non-root user
|
|
USER nextjs
|
|
|
|
# Expose port (internal port is 3000, mapped to 3002 externally)
|
|
EXPOSE 3000
|
|
|
|
# Set hostname
|
|
ENV HOSTNAME="0.0.0.0"
|
|
|
|
# P83 — Build-SHA fuer check-rebuild-needed.sh
|
|
ARG BUILD_SHA="unknown"
|
|
ENV BUILD_SHA=${BUILD_SHA}
|
|
|
|
# Start the application
|
|
CMD ["node", "server.js"]
|