- Refactor index.ts to skip start() when NODE_ENV=test
- Add test setup with mocks for db, keys, browser, verification, email, usage
- Add vitest.config.ts with setup file
- Rewrite tests to work with mocks (42 tests, all passing)
- Add new tests: signup 410, recovery validation, CORS headers, error format, API root
- Add test step to CI pipeline before Docker build
The promote workflow previously pulled :latest, which could be stale if the
staging build hadn't finished yet. Now it pulls the exact :SHA image that
deploy.yml produces, with retry logic (up to 10min) if staging is still building.
- Push to main builds ARM64 image and deploys to docfast-staging namespace
- Push a version tag (v*) promotes latest image to docfast namespace (prod)
- Both use same deployer SA with namespace-scoped RBAC
- Build ARM64 image via QEMU/buildx on x86 runner
- Push to Forgejo container registry (uses built-in GITHUB_TOKEN)
- Deploy via kubectl with scoped deployer SA (docfast namespace only)
- No SSH, no secrets on infra, no Docker on k3s-mgr
- Add .forgejo/workflows/deploy.yml for automated deployment
- Include rollback mechanism with image tagging
- Add health check verification (http://127.0.0.1:3100/health)
- Create manual rollback script for emergency use
- Add deployment documentation and setup instructions
- Supports auto-rollback on deployment failure
