Conversation
There was a problem hiding this comment.
Pull request overview
Updates the CD workflow’s VM deploy script to synchronize the deployment repo’s local scripts before continuing, aiming to ensure the VM uses the latest deployment scripts/config when running remote commands.
Changes:
- Add a
git fetch/checkout/pullsequence on the VM (when$DEPLOY_PATHcontains a.gitdirectory) before reading env/config and running deploy steps.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Keep VM source scripts in sync with latest main before running any local script. | ||
| if [ -d .git ]; then | ||
| git fetch origin | ||
| git checkout main | ||
| git pull --ff-only origin main | ||
| fi |
There was a problem hiding this comment.
This block force-checks out main on the VM even when the workflow is triggered by a release tag (startsWith(github.ref, 'refs/tags/v')). That means tag deployments will always run the latest main docker-compose.prod.yml / deploy/scripts rather than the scripts corresponding to the tagged commit, which can cause version mismatches (e.g., compose/service name or script expectation drift relative to the images being deployed).
If tag deploys should be reproducible, pass the desired ref (e.g., github.ref_name/github.sha) into the SSH step and check out that ref on the VM, or gate this sync block to only run on refs/heads/main deployments.
… execution