Get https working for production deployment (#125)

* Change non-secret env vars to variables instead of secrets to be easier to work with.

* We no longer need the debug parameter since we use env vars instead of secrets.

* Use the new NEXT_PUBLIC_BACKEND_SERVICE_API_PATH env var to make backend API requests.

* No longer leave .env checked into the repo

* Add 2 missing env vars

* Hard code USER_SESSIONS_LOGINURL to prove it out

* Fix up BACKEND_PORT --> BACKEND_SERVICE_PORT, and restore the fully dynamic USER_SESSIONS_LOGINURL

* Adds a new GitHub workflow file that allows the backend deploy_to_do.yml to determine where the frontend env vars come from when deploying the application.

* Set the right list of env vars.

* Set NEXT_PUBLIC_TIPTAP_APP_ID

* Remove 2 unused env vars

* Provide a default value for the backend API path

* Undo last commit, no good.

* Hard code /api path

* Found the issue with NEXT_PUBLIC_BACKEND_SERVICE_API_PATH not being passed through to the frontend app at build time.

* Remove extra network debug tools from Dockerfile.

* Trigger backend deploy workflow isn't needed.

* Make sure production image build also has the backend service API path set

* Clean up debug statements for USER_SESSIONS_LOGINURL

* Reduce the minimum width on the CoachingSessionList component on the Dashboard page so it fits better in mobile portrait screen sizes.

Author: jhodapp

.env

@@ -7,12 +7,6 @@ on:
     branches: [main]
     types: [opened, synchronize, reopened]
   workflow_dispatch:
-    inputs:
-      enable_env_var_debugging:  # Optional debugging parameter useful to debug the build args and env vars
-        description: 'Enable build args & env vars debugging'  # Help text shown in UI
-        required: false  # Not required to run the workflow
-        default: false   # Disabled by default
-        type: boolean    # Simple checkbox in the UI
 
 env:
   REGISTRY: ghcr.io
@@ -42,18 +36,6 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Debug Environment Variables
-        if: ${{ inputs.enable_env_var_debugging == true }}  # Only run when debugging is enabled
-        run: |
-          echo "Building with the following environment variables:" && \
-          echo "NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL: ${NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL}" && \
-          echo "NEXT_PUBLIC_BACKEND_SERVICE_HOST: ${NEXT_PUBLIC_BACKEND_SERVICE_HOST}" && \
-          echo "NEXT_PUBLIC_BACKEND_SERVICE_PORT: ${NEXT_PUBLIC_BACKEND_SERVICE_PORT}" && \
-          echo "NEXT_PUBLIC_BACKEND_API_VERSION: ${NEXT_PUBLIC_BACKEND_API_VERSION}" && \
-          echo "FRONTEND_SERVICE_INTERFACE: ${FRONTEND_SERVICE_INTERFACE}" && \
-          echo "FRONTEND_SERVICE_PORT: ${FRONTEND_SERVICE_PORT}"
-
-
       - name: Set Image Tag
         id: vars
         run: |
@@ -73,12 +55,14 @@ jobs:
           provenance: true
           sbom: true
           build-args: |
-            NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ secrets.BACKEND_SERVICE_PROTOCOL }}
-            NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ secrets.BACKEND_SERVICE_HOST }}
-            NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ secrets.BACKEND_PORT }}
-            NEXT_PUBLIC_BACKEND_API_VERSION=${{ secrets.BACKEND_API_VERSION }}
-            FRONTEND_SERVICE_PORT=${{ secrets.FRONTEND_SERVICE_PORT }}
-            FRONTEND_SERVICE_INTERFACE=${{ secrets.FRONTEND_SERVICE_INTERFACE }}
+            NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ vars.BACKEND_SERVICE_PROTOCOL }}
+            NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ vars.BACKEND_SERVICE_HOST }}
+            NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ vars.BACKEND_SERVICE_PORT }}
+            NEXT_PUBLIC_BACKEND_SERVICE_API_PATH=${{ vars.BACKEND_SERVICE_API_PATH }}
+            NEXT_PUBLIC_BACKEND_API_VERSION=${{ vars.BACKEND_API_VERSION }}
+            NEXT_PUBLIC_TIPTAP_APP_ID=${{ vars.TIPTAP_APP_ID }}
+            FRONTEND_SERVICE_PORT=${{ vars.FRONTEND_SERVICE_PORT }}
+            FRONTEND_SERVICE_INTERFACE=${{ vars.FRONTEND_SERVICE_INTERFACE }}
           tags: ${{ steps.vars.outputs.tag }}
           cache-from: type=gha,scope=amd64
           cache-to: type=gha,mode=max,scope=amd64
@@ -124,12 +108,14 @@ jobs:
           provenance: true
           sbom: true
           build-args: |
-            NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ secrets.BACKEND_SERVICE_PROTOCOL }}
-            NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ secrets.BACKEND_SERVICE_HOST }}
-            NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ secrets.BACKEND_PORT }}
-            NEXT_PUBLIC_BACKEND_API_VERSION=${{ secrets.BACKEND_API_VERSION }}
-            FRONTEND_SERVICE_PORT=${{ secrets.FRONTEND_SERVICE_PORT }}
-            FRONTEND_SERVICE_INTERFACE=${{ secrets.FRONTEND_SERVICE_INTERFACE }}
+            NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ vars.BACKEND_SERVICE_PROTOCOL }}
+            NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ vars.BACKEND_SERVICE_HOST }}
+            NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ vars.BACKEND_SERVICE_PORT }}
+            NEXT_PUBLIC_BACKEND_SERVICE_API_PATH=${{ vars.BACKEND_SERVICE_API_PATH }}
+            NEXT_PUBLIC_BACKEND_API_VERSION=${{ vars.BACKEND_API_VERSION }}
+            NEXT_PUBLIC_TIPTAP_APP_ID=${{ vars.TIPTAP_APP_ID }}
+            FRONTEND_SERVICE_PORT=${{ vars.FRONTEND_SERVICE_PORT }}
+            FRONTEND_SERVICE_INTERFACE=${{ vars.FRONTEND_SERVICE_INTERFACE }}
           tags: ${{ steps.vars.outputs.tag }}
           cache-from: type=gha,scope=arm64
           cache-to: type=gha,mode=max,scope=arm64

.github/workflows/build_and_push_nonproduction_images.yml

@@ -85,12 +85,13 @@ jobs:
           provenance: true             # Enable provenance metadata
           sbom: true                   # Generate Software Bill of Materials
           build-args: |                # Environment variables for the build
-            NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ secrets.BACKEND_SERVICE_PROTOCOL }}
-            NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ secrets.BACKEND_SERVICE_HOST }}
-            NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ secrets.BACKEND_PORT }}
-            NEXT_PUBLIC_BACKEND_API_VERSION=${{ secrets.BACKEND_API_VERSION }}
-            FRONTEND_SERVICE_PORT=${{ secrets.FRONTEND_SERVICE_PORT }}
-            FRONTEND_SERVICE_INTERFACE=${{ secrets.FRONTEND_SERVICE_INTERFACE }}
+            NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ vars.BACKEND_SERVICE_PROTOCOL }}
+            NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ vars.BACKEND_SERVICE_HOST }}
+            NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ vars.BACKEND_SERVICE_PORT }}
+            NEXT_PUBLIC_BACKEND_SERVICE_API_PATH=${{ vars.BACKEND_SERVICE_API_PATH }}
+            NEXT_PUBLIC_BACKEND_API_VERSION=${{ vars.BACKEND_API_VERSION }}
+            FRONTEND_SERVICE_PORT=${{ vars.FRONTEND_SERVICE_PORT }}
+            FRONTEND_SERVICE_INTERFACE=${{ vars.FRONTEND_SERVICE_INTERFACE }}
           tags: ${{ steps.tags.outputs.frontend_tags }}  # Use "stable" tag from previous step
           cache-from: type=gha         # Use GitHub Actions cache
           cache-to: type=gha,mode=max  # Cache for future builds

.github/workflows/build_and_push_production_images.yml

@@ -51,7 +51,7 @@ jobs:
             echo "${{ secrets.GHCR_PAT }}" | docker login ghcr.io -u ${{ secrets.GHCR_USERNAME }} --password-stdin
             
             # Pull the latest frontend image
-            docker pull ${{ secrets.FRONTEND_IMAGE_NAME }}
+            docker pull ${{ vars.FRONTEND_IMAGE_NAME }}
             
             # Stop and remove existing container if it exists
             docker stop nextjs-app 2>/dev/null || true
@@ -60,15 +60,15 @@ jobs:
             # Run new container with environment variables
             docker run -d --name nextjs-app \
               --restart unless-stopped \
-              -p ${{ secrets.FRONTEND_SERVICE_PORT }}:${{ secrets.FRONTEND_SERVICE_PORT }} \
-              -e NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ secrets.NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL }} \
-              -e NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ secrets.NEXT_PUBLIC_BACKEND_SERVICE_HOST }} \
-              -e NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ secrets.NEXT_PUBLIC_BACKEND_SERVICE_PORT }} \
-              -e NEXT_PUBLIC_BACKEND_API_VERSION=${{ secrets.NEXT_PUBLIC_BACKEND_API_VERSION }} \
+              -p ${{ vars.FRONTEND_SERVICE_PORT }}:${{ vars.FRONTEND_SERVICE_PORT }} \
+              -e NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=${{ vars.NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL }} \
+              -e NEXT_PUBLIC_BACKEND_SERVICE_HOST=${{ vars.NEXT_PUBLIC_BACKEND_SERVICE_HOST }} \
+              -e NEXT_PUBLIC_BACKEND_SERVICE_PORT=${{ vars.NEXT_PUBLIC_BACKEND_SERVICE_PORT }} \
+              -e NEXT_PUBLIC_BACKEND_API_VERSION=${{ vars.NEXT_PUBLIC_BACKEND_API_VERSION }} \
               -e NEXT_PUBLIC_TIPTAP_APP_ID=${{ secrets.NEXT_PUBLIC_TIPTAP_APP_ID }} \
-              -e FRONTEND_SERVICE_INTERFACE=${{ secrets.FRONTEND_SERVICE_INTERFACE }} \
-              -e FRONTEND_SERVICE_PORT=${{ secrets.FRONTEND_SERVICE_PORT }} \
-              ${{ secrets.FRONTEND_IMAGE_NAME }}
+              -e FRONTEND_SERVICE_INTERFACE=${{ vars.FRONTEND_SERVICE_INTERFACE }} \
+              -e FRONTEND_SERVICE_PORT=${{ vars.FRONTEND_SERVICE_PORT }} \
+              ${{ vars.FRONTEND_IMAGE_NAME }}
             
             # Verify the container is running
             echo "⏳ Waiting for container to initialize..." # Wait for startup

.github/workflows/deploy_to_do.yml

@@ -25,9 +25,6 @@ npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 
-# local env files
-.env*.local
-
 # vercel
 .vercel
 
@@ -38,6 +35,6 @@ next-env.d.ts
 # vscode
 .vscode/
 
-# environment file
-.env
+# environment files
+.env*
 

.gitignore

@@ -9,6 +9,7 @@ ARG TARGETPLATFORM
 ARG NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL
 ARG NEXT_PUBLIC_BACKEND_SERVICE_HOST
 ARG NEXT_PUBLIC_BACKEND_SERVICE_PORT
+ARG NEXT_PUBLIC_BACKEND_SERVICE_API_PATH
 ARG NEXT_PUBLIC_BACKEND_API_VERSION
 ARG FRONTEND_SERVICE_INTERFACE
 ARG FRONTEND_SERVICE_PORT
@@ -27,6 +28,9 @@ RUN npm install
 
 # Stage 2: Builder
 FROM base AS builder
+
+RUN apk update && apk upgrade --no-cache && apk add --no-cache bash vim
+
 WORKDIR /app
 COPY --from=deps /app/node_modules ./node_modules
 COPY . .
@@ -35,6 +39,7 @@ COPY . .
 ENV NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=$NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL
 ENV NEXT_PUBLIC_BACKEND_SERVICE_HOST=$NEXT_PUBLIC_BACKEND_SERVICE_HOST
 ENV NEXT_PUBLIC_BACKEND_SERVICE_PORT=$NEXT_PUBLIC_BACKEND_SERVICE_PORT
+ENV NEXT_PUBLIC_BACKEND_SERVICE_API_PATH=$NEXT_PUBLIC_BACKEND_SERVICE_API_PATH
 ENV NEXT_PUBLIC_BACKEND_API_VERSION=$NEXT_PUBLIC_BACKEND_API_VERSION
 
 # Build the Next.js application
@@ -63,6 +68,7 @@ EXPOSE 3000
 ENV NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL=$NEXT_PUBLIC_BACKEND_SERVICE_PROTOCOL
 ENV NEXT_PUBLIC_BACKEND_SERVICE_HOST=$NEXT_PUBLIC_BACKEND_SERVICE_HOST
 ENV NEXT_PUBLIC_BACKEND_SERVICE_PORT=$NEXT_PUBLIC_BACKEND_SERVICE_PORT
+ENV NEXT_PUBLIC_BACKEND_SERVICE_API_PATH=$NEXT_PUBLIC_BACKEND_SERVICE_API_PATH
 ENV NEXT_PUBLIC_BACKEND_API_VERSION=$NEXT_PUBLIC_BACKEND_API_VERSION
 
 # Runtime ENV for Compose

Dockerfile

@@ -73,9 +73,9 @@ export const UserSessionApi = {
    * @returns Promise resolving to the deleted UserSession object
    */
   delete: async (_id: Id): Promise<UserSession> =>
-  // TODO we are not using the id here as the backend extracts the user's ID from the session cookie
-  // at some point it may make sense to decouple user session related network operations from
-  // entity related network operations.
+    // TODO we are not using the id here as the backend extracts the user's ID from the session cookie
+    // at some point it may make sense to decouple user session related network operations from
+    // entity related network operations.
     EntityApi.deleteFn<null, UserSession>(`${USER_SESSIONS_LOGOUTURL}`),
 
   /**

src/lib/api/user-sessions.ts

@@ -1,6 +1,6 @@
 export const siteConfig = {
   name: "Refactor Coaching Platform",
-  url: "https://refactorcoach.com",
+  url: "https://refactor.engineer",
   ogImage: "https://ui.shadcn.com/og.jpg",
   locale: "us",
   titleStyle: SessionTitleStyle.CoachFirstLastCoacheeFirstLast,
@@ -18,7 +18,9 @@ export const siteConfig = {
       "://" +
       process.env.NEXT_PUBLIC_BACKEND_SERVICE_HOST +
       ":" +
-      process.env.NEXT_PUBLIC_BACKEND_SERVICE_PORT,
+      process.env.NEXT_PUBLIC_BACKEND_SERVICE_PORT +
+      "/" +
+      process.env.NEXT_PUBLIC_BACKEND_SERVICE_API_PATH,
     backendApiVersion: process.env.NEXT_PUBLIC_BACKEND_API_VERSION,
     frontendServicePort: process.env.FRONTEND_SERVICE_PORT,
     frontendServiceInterface: process.env.FRONTEND_SERVICE_INTERFACE,