From 0d92fe3d32f5aeecf39dd3c2b30f130523d8c82e Mon Sep 17 00:00:00 2001
From: Stiftung Development <admin@stiftung-project.local>
Date: Mon, 15 Sep 2025 22:08:13 +0200
Subject: [PATCH] fix: Correct production deployment to use pre-built Docker
 images

CRITICAL: This fixes the deployment issue where changes weren't appearing on production

Changes:
- Update docker-compose.prod.yml to use ghcr.io pre-built images instead of local builds
- Fix deployment script to pull latest images rather than building locally
- Add proper GitHub Container Registry authentication
- Remove --build flag that was causing deployment to use stale local code

This should resolve the issue where www.vhtv-stiftung.de wasn't showing the new Verpachtung features.
---
 .github/workflows/ci-cd.yml               | 14 +++++++++++---
 deploy-production/docker-compose.prod.yml | 12 +++---------
 2 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
index 236f2b1..c6ed23b 100644
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@@ -185,11 +185,13 @@ jobs:
       uses: appleboy/ssh-action@v1.0.3
       env:
         DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        GITHUB_ACTOR: ${{ github.actor }}
       with:
         host: ${{ secrets.PROD_HOST }}
         username: ${{ secrets.PROD_USERNAME }}
         key: ${{ secrets.PROD_SSH_KEY }}
-        envs: DEPLOY_TOKEN
+        envs: DEPLOY_TOKEN,GITHUB_TOKEN,GITHUB_ACTOR
         script: |
           cd /opt/stiftung
           
@@ -199,11 +201,17 @@ jobs:
           # Copy production docker compose file
           cp deploy-production/docker-compose.prod.yml docker-compose.yml
           
+          # Login to GitHub Container Registry
+          echo $GITHUB_TOKEN | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
+          
+          # Pull latest images
+          docker-compose pull
+          
           # Stop containers
           docker-compose down
           
-          # Start containers with rebuild
-          docker-compose up -d --build
+          # Start containers with latest images
+          docker-compose up -d
           
           # Wait for containers to be ready
           echo "Waiting for containers to start..."
diff --git a/deploy-production/docker-compose.prod.yml b/deploy-production/docker-compose.prod.yml
index b2ab20f..2700c1f 100644
--- a/deploy-production/docker-compose.prod.yml
+++ b/deploy-production/docker-compose.prod.yml
@@ -36,9 +36,7 @@ services:
           cpus: '0.5'
 
   web:
-    build: 
-      context: ../app
-      dockerfile: Dockerfile
+    image: ghcr.io/remmerinio/stiftung-management-system:main
     restart: unless-stopped
     environment:
       - DEBUG=False
@@ -66,9 +64,7 @@ services:
       - "127.0.0.1:8000:8000"
 
   worker:
-    build: 
-      context: ../app
-      dockerfile: Dockerfile
+    image: ghcr.io/remmerinio/stiftung-management-system:main
     restart: unless-stopped
     command: celery -A core worker -l info --concurrency=2
     environment:
@@ -93,9 +89,7 @@ services:
           cpus: '0.5'
 
   beat:
-    build: 
-      context: ./app
-      dockerfile: Dockerfile
+    image: ghcr.io/remmerinio/stiftung-management-system:main
     restart: unless-stopped
     command: celery -A core beat -l info --scheduler django_celery_beat.schedulers:DatabaseScheduler
     environment: