Skip to content

fix(scripts): renew stale frontend node_modules anonymous volumes (#306)#308

Merged
alexandervazquez98 merged 10 commits into
mainfrom
fix/306-renew-frontend-node-modules-volumes
Jun 21, 2026
Merged

fix(scripts): renew stale frontend node_modules anonymous volumes (#306)#308
alexandervazquez98 merged 10 commits into
mainfrom
fix/306-renew-frontend-node-modules-volumes

Conversation

@alexandervazquez98

@alexandervazquez98 alexandervazquez98 commented Jun 21, 2026

Copy link
Copy Markdown
Owner

Descripción del Cambio

Cierra #306.

El dev frontend service monta ./frontend:/app + un volumen anónimo en /app/node_modules para hot reload. Cuando cambia frontend/pnpm-lock.yaml, el volumen anónimo viejo oculta las dependencias recién construidas y deja al container con módulos faltantes (caso real: sonner faltó aunque la imagen sí lo tenía).

Qué hace este PR

  • scripts/safe-rebuild.sh ahora detecta cambios en frontend/pnpm-lock.yaml comparando el hash SHA-256 contra un sentinel en $BACKUP_DIR/frontend-pnpm-lock.sha256. Si cambió, emite docker compose up -d --force-recreate --renew-anon-volumes frontend (scoped al servicio frontend, nunca service-wide).
  • scripts/refresh-frontend-deps.sh (nuevo) da a los operadores un recovery explícito cuando aparece este síntoma en producción sin esperar al próximo safe-rebuild.
  • Docs en docs/backup-restore.md y README.md aclaran la distinción entre volúmenes de datos (preservar: postgres-data, neo4j-data, backups) y volúmenes build-artifact (renovar cuando aplica: /app/node_modules).
  • Tests shell RED-first (scripts/test-safe-rebuild-frontend-volume.sh, scripts/test-refresh-frontend-deps.sh) cubren los 8 requirements del spec frontend-dependency-volume-renewal.

Cambios

File Change
scripts/safe-rebuild.sh Helpers de hash (compute_frontend_lockfile_hash, frontend_lockfile_changed, maybe_renew_frontend_anonymous_volume) + wiring entre docker compose build y el up -d post-build. Pre-backup mount (L188) queda intacto.
scripts/refresh-frontend-deps.sh Script nuevo de recovery para operadores. POSIX sh, --dry-run, require_command docker.
scripts/test-safe-rebuild-frontend-volume.sh Tests RED-first sandbox+stub-docker para R1-R4 (sin cambios cuando el lockfile no cambió, renovación scoped cuando cambió, dry-run, no comandos destructivos).
scripts/test-refresh-frontend-deps.sh Tests RED-first CLI para R5-R8 (run normal, dry-run, missing docker, flag inválido).
docs/backup-restore.md Callout de volúmenes de datos vs build-artifact, cerca del warning existente de docker compose down -v.
README.md Pointer al recovery script en troubleshooting.
openspec/specs/frontend-dependency-volume-renewal/spec.md Spec promovido al catálogo principal (8 requirements / 8 scenarios).
openspec/changes/archive/2026-06-21-renew-frontend-node-modules-volumes/ Audit trail completo: proposal, design, tasks, apply-progress, verify-report, archive-report.

Tipo de Cambio

  • Fix (Reparación de error)
  • Feat (Nueva funcionalidad)
  • Docs (Documentación)
  • Performance (Optimización)

¿Cómo se probó?

  • sh scripts/test-safe-rebuild-frontend-volume.sh → exit 0 (9 helper + sandbox assertions verdes)
  • sh scripts/test-refresh-frontend-deps.sh → exit 0 (8 CLI assertions verdes)
  • sh scripts/test-safe-rebuild-path-validation.sh → exit 0 (regresión preexistente OK)
  • sh scripts/test-neo4j-offline-backup-flags.sh → exit 0 (regresión preexistente OK)
  • sh scripts/test-ci-cd-check-runner-contract.sh → exit 0 (regresión preexistente OK)
  • sh scripts/test-check-frontend-deps.sh → exit 0 (3/3, regresión preexistente OK)
  • sh -n syntax check sobre los 4 scripts nuevos/modificados → OK
  • sh scripts/safe-rebuild.sh --dry-run con .env válido → exit 0, emite + docker compose up -d --force-recreate --renew-anon-volumes frontend entre docker compose build y el up -d final
  • sh scripts/refresh-frontend-deps.sh --dry-run → exit 0, imprime el comando sin ejecutar Docker
  • shellcheck sobre los scripts → NO DISPONIBLE en este entorno (la sandbox no tiene shellcheck instalado). El verify-report marca esto como WARNING; si la política del repo requiere shellcheck en CI, correr en un host con la herramienta antes de mergear.

Verify report completo: openspec/changes/archive/2026-06-21-renew-frontend-node-modules-volumes/verify-report.md.

Checklist de Seguridad

  • He verificado que NO hay secretos ni llaves API en el código.
  • Los cambios respetan el .gitignore (.env no se commitea).
  • El código sigue la estructura de carpetas definida.

Generado por SDD cycle (auto mode) sobre issue #306.

@alexandervazquez98 alexandervazquez98 force-pushed the fix/306-renew-frontend-node-modules-volumes branch from 2793915 to cc020a1 Compare June 21, 2026 22:09
This was referenced Jun 21, 2026
Closed
Merged
alexandervazquez98 added a commit that referenced this pull request Jun 21, 2026
@alexandervazquez98
fix(ci): scope shellcheck.yml to changed files only (#314)
8d68fda 
Mirror the proven changed-files pattern from .github/workflows/lint.yml
L97-123: detect touched shell files with tj-actions/changed-files (same
SHA pin and CVE-2025-30022 comment as lint.yml) and run shellcheck -x
only against that subset. Trigger paths filters and the push-to-main
trigger are preserved unchanged.

Drops the redundant Install ShellCheck step — Ubuntu 24.04 runners ship
shellcheck preinstalled, the same assumption lint.yml relies on. Adds
an explicit 'No shell files changed — skipping.' branch to match the
proven skip behavior.

Fixes #313 by unblocking PR #308 (and any
future PR that touches a non-shell path): pre-existing findings in
unmodified scripts no longer gate unrelated work. PR #308's own 22
findings in scripts/test-refresh-frontend-deps.sh and
scripts/test-safe-rebuild-frontend-volume.sh remain PR #308's
responsibility.

Co-authored-by: Alex <alex@alex.dev>
alexandervazquez98 pushed a commit that referenced this pull request Jun 21, 2026
ci: retrigger checks against updated main (#313 merged)
96e39be 
Re-run CI after the shellcheck.yml scoping fix landed on main to confirm
pre-existing shellcheck findings in scripts/test-check-frontend-deps.sh and
scripts/validate-env.sh no longer block this PR. PR #308's own new findings
in test-refresh-frontend-deps.sh and test-safe-rebuild-frontend-volume.sh
remain as blockers and must be cleaned up by this PR's author.
Alex added 10 commits June 21, 2026 16:18
test(scripts): add RED-first bash tests for frontend volume renewal
c0c6d2a
test(scripts): add RED-first bash tests for refresh-frontend-deps CLI
46ed5bd
feat(scripts): add frontend lockfile hash helpers to safe-rebuild
e1e1b14
feat(scripts): conditionally renew frontend anon volume in safe-rebuild
1061c4b
feat(scripts): add refresh-frontend-deps operator recovery script
c139b9a 
Also fixes the test grep invocations to pipe LAST_OUT through stdin
instead of treating it as a filename argument (POSIX sh limitation).
docs(backup-restore): clarify data-volume vs build-artifact volume re…
ff7786f 
…covery
docs(readme): point operators to refresh-frontend-deps for stale deps
7b1ed58
chore(sdd): add apply-phase CHANGELOG to renew-frontend-node-modules-…
8b9ad85 
…volumes tasks
chore(sdd): archive renew-frontend-node-modules-volumes — branch at 1…
77ded1b 
…cdb651

Moves the change folder to openspec/changes/archive/2026-06-21-renew-frontend-node-modules-volumes/ and promotes the delta spec to the canonical capability at openspec/specs/frontend-dependency-volume-renewal/spec.md.

Branch fix/306-renew-frontend-node-modules-volumes is ready for review; PR to be opened by user or next session. Main SHA at archive: NOT YET MERGED. Linked PR: NOT YET OPENED. See openspec/changes/archive/2026-06-21-renew-frontend-node-modules-volumes/archive-report.md for cycle summary, accepted warnings (shellcheck unavailable, .env dry-run precondition, non-POSIX local in test helpers), and lessons learned.

Capability: frontend-dependency-volume-renewal (R1-R8). Out of scope: docker-compose.yml anonymous volume removal, frontend-prod, .github/workflows/cd.yml, destructive volume cleanup, --pull on docker compose build, --renew-frontend-anon-volumes safe-rebuild flag.

Issue: #306.
ci: retrigger checks against updated main (#313 merged)
dfc8ab8 
Re-run CI after the shellcheck.yml scoping fix landed on main to confirm
pre-existing shellcheck findings in scripts/test-check-frontend-deps.sh and
scripts/validate-env.sh no longer block this PR. PR #308's own new findings
in test-refresh-frontend-deps.sh and test-safe-rebuild-frontend-volume.sh
remain as blockers and must be cleaned up by this PR's author.
@alexandervazquez98 alexandervazquez98 force-pushed the fix/306-renew-frontend-node-modules-volumes branch from 96e39be to dfc8ab8 Compare June 21, 2026 23:18
@alexandervazquez98 alexandervazquez98 mentioned this pull request Jun 21, 2026
Open
2 tasks
@alexandervazquez98 alexandervazquez98 merged commit 923b69b into main Jun 21, 2026
8 checks passed
@alexandervazquez98 alexandervazquez98 mentioned this pull request Jun 21, 2026
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

type:bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alexandervazquez98