# Deployment

Docker images are built via `.github/workflows/publish.yml` and pushed to GHCR (`ghcr.io`). Portainer redeploys via `.github/workflows/re-pull.yml`. Supports `dev`, `stg`, and `prod` stacks.

The Dockerfile uses a two-stage build: Bun builder → Bun runner (non-root user, port 3000).

## Git Remote Structure

| Remote | URL | Purpose |
|--------|-----|---------|
| `origin` | wibugit.wibudev.com/wibu/sistem-desa-mandiri | Repo kerja tim |
| `build` | github.com/bipprojectbali/desa-plus | Repo deployment (trigger CI/CD) |

**Branch mapping:**
- `origin/staging` — branch integrasi tim (bukan deployment target)
- `build/stg` — branch deployment stg (trigger publish image + Portainer repull)
- `build/prod` — branch deployment prod
- `build/dev` — branch deployment dev

## Deploy to STG Flow

Cukup jalankan MCP `deploy-stg` — handles otomatis: cek migrasi → bump version → commit → push ke `build/stg` → trigger publish workflow (`ref: stg`) → tunggu selesai → trigger repull Portainer → verify version via `BASE_URL${VERSION_PATH}`.

> `origin` tidak punya branch `stg` (hanya `staging`). "stg" selalu merujuk ke `build/stg`.

## MCP `deploy-stg`

Lokasi: `.mcp/deploy-stg/server.ts`. Berkomunikasi langsung dengan GitHub REST API (tidak butuh `gh` CLI), hanya perlu `git` & `prisma` lokal.

**Env vars** (di `.mcp.json` atau `.env`):
- `GH_TOKEN` — PAT dengan scope `repo` + `workflow` untuk trigger Actions
- `GH_URL` — repo build target, format `owner/repo` atau full URL
- `BASE_URL` — base URL stg untuk verifikasi versi
- `VERSION_PATH` — endpoint cek versi (default `/api/version-app`)
- `STACK_NAME` — nama stack Portainer

**Tools:** `deploy`, `publish`, `repull`, `run_status`, `check_version`.

**Penting:** workflow `publish.yml` & `re-pull.yml` di-trigger dengan `ref: stg` agar `actions/checkout@v4` checkout dari branch `stg`, bukan default branch (`main`).