Local Docker Compose Fixes

.env.example

@@ -1,29 +1,52 @@
-# Required
-AUTH_SECRET="" # openssl rand -base64 32
-DATABASE_URL="" # Format: "postgresql://postgres:[email protected]:5432/comp"
-RESEND_DOMAIN="" # Domain configured in Resend, e.g. mail.trycomp.ai
-RESEND_API_KEY="" # API key from Resend for email authentication / invites
-RESEND_FROM_MARKETING="Lewis Carhart <[email protected]>"
-RESEND_FROM_SYSTEM="Comp AI <[email protected]>"
-RESEND_FROM_DEFAULT="Comp AI <[email protected]>"
-RESEND_TO_TEST="[email protected]"
-RESEND_REPLY_TO_MARKETING="[email protected]"
-REVALIDATION_SECRET="" # openssl rand -base64 32
-NEXT_PUBLIC_PORTAL_URL="http://localhost:3002" # The employee portal uses port 3002 by default
+# Commented out variables are optional -- NOTE: This is for local Docker-compose use only, additional variables will need to be set to deploy on development+
 
-# Recommended
-# Store attachemnts in any S3 compatible bucket, we use AWS
-APP_AWS_ACCESS_KEY_ID="" # AWS Access Key ID
-APP_AWS_SECRET_ACCESS_KEY="" # AWS Secret Access Key
-APP_AWS_REGION="" # AWS Region
-APP_AWS_BUCKET_NAME="" # AWS Bucket Name
-
-TRIGGER_SECRET_KEY="" # For background jobs. Self-host or use cloud-version @ https://trigger.dev
-# TRIGGER_API_URL="" # Only set if you are self-hosting
-TRIGGER_API_KEY="" # API key from Trigger.dev
-TRIGGER_SECRET_KEY="" # Secret key from Trigger.dev
-
-OPENAI_API_KEY="" # AI Chat + Auto Generated Policies, Risks + Vendors
-FIRECRAWL_API_KEY="" # For research, self-host or use cloud-version @ https://firecrawl.dev
-
-AUTH_TRUSTED_ORIGINS=http://localhost:3000,https://*.trycomp.ai,http://localhost:3002
+APP_AWS_ACCESS_KEY_ID=
+APP_AWS_BUCKET_NAME=
+APP_AWS_REGION=
+APP_AWS_SECRET_ACCESS_KEY=
+APP_ENVIRONMENT="local"       # Options are "local", "development", "staging", "production"
+# AUTH_GITHUB_ID=
+# AUTH_GITHUB_SECRET=
+# AUTH_GOOGLE_ID=
+# AUTH_GOOGLE_SECRET=
+# AUTH_SECRET=
+BETTER_AUTH_SECRET=
+DATABASE_URL=
+# DUB_API_KEY=
+# DUB_REFER_URL=
+FIRECRAWL_API_KEY=
+# FLEET_URL=
+# FLEET_TOKEN=
+FORCE_DATABASE_WIPE_AND_RESEED="false"            # Set to "true" to wipe and reseed Database
+# GA4_API_SECRET=
+# GA4_MEASUREMENT_ID=
+# LINKEDIN_CONVERSIONS_ACCESS_TOKEN=
+# NEXT_PUBLIC_API_URL=
+# NEXT_PUBLIC_BETTER_AUTH_URL=
+# NEXT_PUBLIC_GOOGLE_ADS_CONVERSION_LABEL=
+# NEXT_PUBLIC_GTM_ID=
+# NEXT_PUBLIC_IS_DUB_ENABLED=
+# NEXT_PUBLIC_LINKEDIN_CONVERSION_ID=
+# NEXT_PUBLIC_LINKEDIN_PARTNER_ID=
+# NEXT_PUBLIC_PORTAL_URL=
+# NEXT_PUBLIC_POSTHOG_HOST=
+# NEXT_PUBLIC_POSTHOG_KEY=
+OPENAI_API_KEY=
+REVALIDATION_SECRET=
+RESEND_API_KEY=
+RESEND_DOMAIN=
+RESEND_FROM_DEFAULT=
+RESEND_FROM_MARKETING=
+RESEND_FROM_SYSTEM=
+# TRIGGER_API_KEY=
+# TRIGGER_API_URL=
+TRIGGER_ACCESS_TOKEN=
+TRIGGER_PROJECT_ID=
+TRIGGER_SECRET_KEY=
+# TRIGGER_QUEUE_CONCURRENCY=10
+# TRUST_PORTAL_PROJECT_ID=
+UPSTASH_REDIS_REST_TOKEN=
+UPSTASH_REDIS_REST_URL=
+# VERCEL_ACCESS_TOKEN=
+# VERCEL_PROJECT_ID=
+# VERCEL_TEAM_ID=

.husky/commit-msg

@@ -1,4 +1 @@
-#!/usr/bin/env sh
-. "$(dirname "$0")/_/husky.sh"
-
 npx commitlint --edit $1

Dockerfile

@@ -1,3 +1,4 @@
+# syntax=docker/dockerfile:1.6
 # =============================================================================
 # STAGE 1: Dependencies - Install and cache workspace dependencies
 # =============================================================================
@@ -45,8 +46,22 @@ RUN bun install
 RUN cp -R packages/db/prisma/migrations node_modules/@trycompai/db/dist/
 
 # Run migrations against the combined schema published by @trycompai/db
-RUN echo "Running migrations against @trycompai/db combined schema"
-CMD ["bunx", "prisma", "migrate", "deploy", "--schema=node_modules/@trycompai/db/dist/schema.prisma"]
+RUN cat <<'EOF' > /migrate.sh
+#!/bin/sh
+set -eu
+
+echo "[Migrator] Starting prisma migrate deploy"
+
+if [ "${FORCE_DATABASE_WIPE_AND_RESEED:-false}" = "true" ]; then
+  echo "[Migrator] FORCE_DATABASE_WIPE_AND_RESEED=true detected. Resetting database before running migrations."
+  bunx prisma migrate reset --force --skip-seed --schema=node_modules/@trycompai/db/dist/schema.prisma
+fi
+
+bunx prisma migrate deploy --schema=node_modules/@trycompai/db/dist/schema.prisma
+echo "[Migrator] Prisma migrate deploy finished"
+EOF
+RUN chmod +x /migrate.sh
+CMD ["/migrate.sh"]
 
 # =============================================================================
 # STAGE 3: App Builder
@@ -55,6 +70,11 @@ FROM deps AS app-builder
 
 WORKDIR /app
 
+# Install system packages needed for Trigger CLI during build
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
 # Copy all source code needed for build
 COPY packages ./packages
 COPY apps/app ./apps/app
@@ -67,8 +87,10 @@ RUN cd packages/db && node scripts/combine-schemas.js
 RUN cp packages/db/dist/schema.prisma apps/app/prisma/schema.prisma
 
 # Ensure Next build has required public env at build-time
+ARG TRIGGER_PROJECT_ID
 ARG NEXT_PUBLIC_BETTER_AUTH_URL
 ARG NEXT_PUBLIC_PORTAL_URL
+ARG APP_ENVIRONMENT
 ARG NEXT_PUBLIC_POSTHOG_KEY
 ARG NEXT_PUBLIC_POSTHOG_HOST
 ARG NEXT_PUBLIC_IS_DUB_ENABLED
@@ -77,7 +99,8 @@ ARG NEXT_PUBLIC_LINKEDIN_PARTNER_ID
 ARG NEXT_PUBLIC_LINKEDIN_CONVERSION_ID
 ARG NEXT_PUBLIC_GOOGLE_ADS_CONVERSION_LABEL
 ARG NEXT_PUBLIC_API_URL
-ENV NEXT_PUBLIC_BETTER_AUTH_URL=$NEXT_PUBLIC_BETTER_AUTH_URL \
+ENV TRIGGER_PROJECT_ID=$TRIGGER_PROJECT_ID \
+    NEXT_PUBLIC_BETTER_AUTH_URL=$NEXT_PUBLIC_BETTER_AUTH_URL \
     NEXT_PUBLIC_PORTAL_URL=$NEXT_PUBLIC_PORTAL_URL \
     NEXT_PUBLIC_POSTHOG_KEY=$NEXT_PUBLIC_POSTHOG_KEY \
     NEXT_PUBLIC_POSTHOG_HOST=$NEXT_PUBLIC_POSTHOG_HOST \
@@ -87,26 +110,61 @@ ENV NEXT_PUBLIC_BETTER_AUTH_URL=$NEXT_PUBLIC_BETTER_AUTH_URL \
     NEXT_PUBLIC_LINKEDIN_CONVERSION_ID=$NEXT_PUBLIC_LINKEDIN_CONVERSION_ID \
     NEXT_PUBLIC_GOOGLE_ADS_CONVERSION_LABEL=$NEXT_PUBLIC_GOOGLE_ADS_CONVERSION_LABEL \
     NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL \
+    APP_ENVIRONMENT=$APP_ENVIRONMENT \
     NEXT_TELEMETRY_DISABLED=1 NODE_ENV=production \
     NEXT_OUTPUT_STANDALONE=true \
     NODE_OPTIONS=--max_old_space_size=6144
 
 # Build the app (schema already combined above)
 RUN cd apps/app && SKIP_ENV_VALIDATION=true bun run build:docker
 
+# Run Trigger.dev deploy during build (pinned version)
+RUN --mount=type=secret,id=trigger_env_file \
+    sh -c 'set -eu; \
+      set -a; \
+      . /run/secrets/trigger_env_file; \
+      set +a; \
+      cd apps/app; \
+      CI=1 bun x [email protected] deploy --env-file /run/secrets/trigger_env_file'
+
 # =============================================================================
 # STAGE 4: App Production
 # =============================================================================
 FROM node:22-alpine AS app
 
+ARG TRIGGER_PROJECT_ID
+ARG NEXT_PUBLIC_BETTER_AUTH_URL
+ARG NEXT_PUBLIC_PORTAL_URL
+ARG APP_ENVIRONMENT
+ARG NEXT_PUBLIC_POSTHOG_KEY
+ARG NEXT_PUBLIC_POSTHOG_HOST
+ARG NEXT_PUBLIC_IS_DUB_ENABLED
+ARG NEXT_PUBLIC_GTM_ID
+ARG NEXT_PUBLIC_LINKEDIN_PARTNER_ID
+ARG NEXT_PUBLIC_LINKEDIN_CONVERSION_ID
+ARG NEXT_PUBLIC_GOOGLE_ADS_CONVERSION_LABEL
+ARG NEXT_PUBLIC_API_URL
+
+ENV TRIGGER_PROJECT_ID=${TRIGGER_PROJECT_ID} \
+    NEXT_PUBLIC_BETTER_AUTH_URL=${NEXT_PUBLIC_BETTER_AUTH_URL} \
+    NEXT_PUBLIC_PORTAL_URL=${NEXT_PUBLIC_PORTAL_URL} \
+    NEXT_PUBLIC_POSTHOG_KEY=${NEXT_PUBLIC_POSTHOG_KEY} \
+    NEXT_PUBLIC_POSTHOG_HOST=${NEXT_PUBLIC_POSTHOG_HOST} \
+    NEXT_PUBLIC_IS_DUB_ENABLED=${NEXT_PUBLIC_IS_DUB_ENABLED} \
+    NEXT_PUBLIC_GTM_ID=${NEXT_PUBLIC_GTM_ID} \
+    NEXT_PUBLIC_LINKEDIN_PARTNER_ID=${NEXT_PUBLIC_LINKEDIN_PARTNER_ID} \
+    NEXT_PUBLIC_LINKEDIN_CONVERSION_ID=${NEXT_PUBLIC_LINKEDIN_CONVERSION_ID} \
+    NEXT_PUBLIC_GOOGLE_ADS_CONVERSION_LABEL=${NEXT_PUBLIC_GOOGLE_ADS_CONVERSION_LABEL} \
+    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
+    APP_ENVIRONMENT=${APP_ENVIRONMENT}
+
 WORKDIR /app
 
 # Copy Next standalone output
 COPY --from=app-builder /app/apps/app/.next/standalone ./
 COPY --from=app-builder /app/apps/app/.next/static ./apps/app/.next/static
 COPY --from=app-builder /app/apps/app/public ./apps/app/public
 
-
 EXPOSE 3000
 CMD ["node", "apps/app/server.js"]
 
@@ -153,4 +211,4 @@ COPY --from=portal-builder /app/apps/portal/public ./apps/portal/public
 EXPOSE 3000
 CMD ["node", "apps/portal/server.js"]
 
-# (Trigger.dev hosted; no local runner stage)
+# (Trigger.dev hosted; no local runner stage)