From 5c07499e990406062429b01b0c394f35ba2a7871 Mon Sep 17 00:00:00 2001 From: kianiadee Date: Fri, 29 May 2026 00:39:07 +0300 Subject: [PATCH] Bake git SHA into image so /health reports it under Coolify source builds Co-Authored-By: Claude Opus 4.8 --- Dockerfile | 12 ++++++++++++ scripts/entrypoint.sh | 9 +++++++++ 2 files changed, 21 insertions(+) diff --git a/Dockerfile b/Dockerfile index 0ba2caa..145ffb9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,6 +2,17 @@ ARG PYTHON_VERSION=3.12-slim +# Resolve the git SHA from the build context's .git checkout. Coolify builds +# from source and sets SOURCE_COMMIT to the literal "unknown", so the CI +# GIT_SHA build-arg isn't present on those builds — this stage recovers it. +FROM python:${PYTHON_VERSION} AS gitsha +WORKDIR /src +RUN apt-get update \ + && apt-get install -y --no-install-recommends git \ + && rm -rf /var/lib/apt/lists/* +COPY .git ./.git +RUN git rev-parse --short=12 HEAD > /git_sha 2>/dev/null || echo unknown > /git_sha + FROM python:${PYTHON_VERSION} AS builder ENV PYTHONDONTWRITEBYTECODE=1 \ @@ -35,6 +46,7 @@ RUN apt-get update \ && useradd --create-home --shell /bin/sh --uid 1000 app COPY --from=builder /opt/venv /opt/venv +COPY --from=gitsha /git_sha /etc/git_sha WORKDIR /srv/app COPY app/ ./app/ diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh index 73d63e9..4cf92c3 100644 --- a/scripts/entrypoint.sh +++ b/scripts/entrypoint.sh @@ -1,6 +1,15 @@ #!/bin/sh set -eu +# Fall back to the git SHA baked into the image at build time when the runtime +# env didn't supply a real one. Coolify builds from source and injects +# SOURCE_COMMIT="unknown", so without this /health would always report +# image_sha="unknown". +if [ -z "${APP_GIT_SHA:-}" ] || [ "${APP_GIT_SHA}" = "unknown" ]; then + APP_GIT_SHA="$(cat /etc/git_sha 2>/dev/null || echo unknown)" + export APP_GIT_SHA +fi + ROLE="${APP_ROLE:-gateway}" case "$ROLE" in