[WIP] Amélioration de l'infrastructure et du déploiement#65
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Co-authored-by: vidaluca77-cloud <226796821+vidaluca77-cloud@users.noreply.github.com>
Co-authored-by: vidaluca77-cloud <226796821+vidaluca77-cloud@users.noreply.github.com>
|
Deployment failed with the following error: |
There was a problem hiding this comment.
Pull Request Overview
This pull request implements the infrastructure foundation for the La Vida Luca platform, focusing on deployment configurations and API setup. The goal is to establish the necessary infrastructure components for a functional deployment pipeline with proper environment configuration.
- Establishes deployment configurations for Vercel (frontend) and Render (IA API)
- Creates comprehensive Supabase database schema with security policies and seed data
- Sets up CI/CD pipelines with GitHub Actions for automated testing and deployment
Reviewed Changes
Copilot reviewed 16 out of 21 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| vercel.json | Vercel deployment configuration with build settings and environment variables |
| render.yaml | Render service configuration for Python FastAPI deployment |
| infra/supabase/schema.sql | Complete database schema with tables, indexes, and triggers |
| infra/supabase/policies.sql | Row-level security policies and access control functions |
| infra/supabase/seeds.sql | Sample data for development and testing |
| apps/ia/main.py | FastAPI application structure with basic endpoints |
| apps/ia/requirements.txt | Python dependencies for the IA API |
| apps/ia/tests/ | Test structure and configuration files |
| .github/workflows/ | CI/CD pipeline configurations |
| DEPLOYMENT.md | Comprehensive deployment documentation |
| .env.example | Environment variable templates |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| { | ||
| "source": "/api/ia/:path*", | ||
| "destination": "$NEXT_PUBLIC_IA_API_URL/api/:path*" | ||
| } |
There was a problem hiding this comment.
Using environment variables in rewrite destinations may not work as expected in Vercel. Consider using a hardcoded URL pattern or implementing the proxy logic in middleware instead.
| } |
| healthCheckPath: /health | ||
|
|
||
| # Scaling configuration | ||
| numInstances: 1 |
There was a problem hiding this comment.
The numInstances field is deprecated in favor of the scaling configuration. Remove this line since scaling is already configured below.
| numInstances: 1 |
| WHERE id = ( | ||
| SELECT session_id FROM activity_registrations | ||
| WHERE activity_id = NEW.activity_id | ||
| AND session_date = (SELECT scheduled_date FROM activity_sessions WHERE activity_id = NEW.activity_id ORDER BY scheduled_date LIMIT 1) |
There was a problem hiding this comment.
The subquery logic in the trigger function is flawed. It tries to find a session_id column in activity_registrations table, but this column doesn't exist in the schema. The logic should directly reference activity_sessions table or use a proper join.
| AND session_date = (SELECT scheduled_date FROM activity_sessions WHERE activity_id = NEW.activity_id ORDER BY scheduled_date LIMIT 1) | |
| SELECT id FROM activity_sessions | |
| WHERE activity_id = NEW.activity_id | |
| AND scheduled_date = NEW.session_date | |
| ); | |
| ELSIF TG_OP = 'UPDATE' AND OLD.status != 'confirmed' AND NEW.status = 'confirmed' THEN | |
| UPDATE activity_sessions | |
| SET current_participants = current_participants + 1 | |
| WHERE id = ( | |
| SELECT id FROM activity_sessions | |
| WHERE activity_id = NEW.activity_id | |
| AND scheduled_date = NEW.session_date | |
| ); | |
| ELSIF TG_OP = 'UPDATE' AND OLD.status = 'confirmed' AND NEW.status != 'confirmed' THEN | |
| UPDATE activity_sessions | |
| SET current_participants = current_participants - 1 | |
| WHERE id = ( | |
| SELECT id FROM activity_sessions | |
| WHERE activity_id = NEW.activity_id | |
| AND scheduled_date = NEW.session_date |
|
|
||
| -- Le système peut créer des notifications pour n'importe quel utilisateur | ||
| CREATE POLICY "System can create notifications" ON notifications | ||
| FOR INSERT WITH CHECK (true); |
There was a problem hiding this comment.
Allowing unrestricted INSERT access to notifications could be a security risk. Consider adding authentication checks or limiting this to service accounts only.
| FOR INSERT WITH CHECK (true); | |
| -- Seuls les comptes système peuvent créer des notifications pour n'importe quel utilisateur | |
| CREATE POLICY "System can create notifications" ON notifications | |
| FOR INSERT WITH CHECK ( | |
| EXISTS ( | |
| SELECT 1 FROM users | |
| WHERE id = auth.uid() AND role = 'system' | |
| ) | |
| ); |
| # Configuration CORS | ||
| origins = os.getenv("ALLOWED_ORIGINS", "").split(",") | ||
| if not origins or origins == [""]: | ||
| origins = ["http://localhost:3000", "https://*.vercel.app"] |
There was a problem hiding this comment.
Using wildcard patterns like '*.vercel.app' in CORS origins is not supported and can be a security risk. Define specific allowed origins or implement dynamic CORS validation.
| origins = ["http://localhost:3000", "https://*.vercel.app"] | |
| origins = ["http://localhost:3000", "https://your-app.vercel.app"] |
| vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }} | ||
| scope: ${{ secrets.VERCEL_ORG_ID }} | ||
| alias-domains: | | ||
| la-vida-luca-staging.vercel.app |
There was a problem hiding this comment.
The alias domain configuration should use environment-specific secrets rather than hardcoded values to ensure flexibility across different environments.
✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.