Production hardening: CI gate, Docker limits, health/SEO/analytics, bug fixes#1
Merged
Conversation
…tics, lint fixes - CI pipeline: lint + typecheck + build gate the SSH deploy; post-deploy Playwright smoke suite runs against the live droplet - Docker: node:24-alpine, npm ci, dev-deps pruned from runtime image; compose gets real cpu/mem limits (old swarm-only deploy block was ignored), log rotation, /api/health healthcheck - App: /api/health route, error & 404 pages, security headers, robots.txt, sitemap.xml, OpenGraph metadata - Analytics: first-party analytics_events pipeline (page views, signups, logins) + phase11 migration with insert-only RLS - Fixes: cron scheduler no longer dies when an Apify run fails (process.exit in library path); deterministic map marker offsets (Math.random in render); setState-in-effect lint errors restructured; ESLint pinned to v9 (plugin-react incompatible with v10); supervised cron restart in entrypoint - Tests: playwright.config.ts with PLAYWRIGHT_BASE_URL, expanded smoke suite (health, sitemap, detail page, role auth pages, 404) Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
✅ Deploy Preview for shimmering-alpaca-0d10ab ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
❌ Deploy Preview for rentwise777 failed. Why did it fail? →
|
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
This PR hardens production deploy reliability and observability for the RentWise Next.js + Supabase app by gating deployment on CI, adding health/SEO infrastructure endpoints and metadata, and introducing first‑party analytics tracking.
Changes:
- Add CI (lint/typecheck/build) gating for droplet deploy, plus post-deploy Playwright smoke tests against the live site.
- Add production infra endpoints and SEO metadata:
/api/health,robots.txt,sitemap.xml, plus App Router error/404 pages and security headers. - Introduce first-party analytics event tracking to Supabase (
analytics_events) and wire page_view/signup/login events.
Reviewed changes
Copilot reviewed 37 out of 38 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| tests/e2e/userflow.spec.ts | Expands smoke coverage (health/robots/sitemap/auth/404/dashboard) and uses baseURL-relative navigation. |
| test-results/.last-run.json | Removes committed Playwright last-run artifact. |
| src/utils/supabase/middleware.ts | Adjusts cookie handling during Supabase session refresh in middleware. |
| src/utils/analytics.ts | Adds client-side fire-and-forget analytics event insertion into Supabase. |
| src/components/providers/AnalyticsTracker.tsx | Tracks page_view on route changes via usePathname(). |
| src/components/property/TourScheduler.tsx | Adds a reference string to the tour confirmation display. |
| src/components/property/PropertyReviews.tsx | Replaces straight quotes with proper HTML entities for review text. |
| src/components/property/MapboxCluster.tsx | Makes map marker “scatter” deterministic and tightens click event typing. |
| src/components/FilterBar.tsx | Improves type-safety of setFilters without any. |
| src/components/dashboard/TenantApplications.tsx | Refactors fetch to promise chain with cancellation guard to avoid setState-in-effect lint issues. |
| src/components/dashboard/LandlordApplications.tsx | Refactors fetch similarly and updates quoting style for intent text. |
| src/components/dashboard/LandlordApplications 2.tsx | Adds a second landlord applications component variant (currently appears redundant). |
| src/app/sitemap.ts | Adds dynamic sitemap including recent property detail routes via Supabase. |
| src/app/robots.ts | Adds robots.txt metadata route and sitemap pointer. |
| src/app/register/tenant/page.tsx | Tracks tenant signup event. |
| src/app/register/landlord/page.tsx | Tracks landlord signup event. |
| src/app/page.tsx | Fixes apostrophe escaping in homepage copy. |
| src/app/not-found.tsx | Adds a custom 404 page. |
| src/app/messages/page.tsx | Defers effect-triggered state updates to microtasks to avoid cascading render lint errors. |
| src/app/login/tenant/page.tsx | Tracks tenant login event and trims unused auth response data. |
| src/app/login/landlord/page.tsx | Tracks landlord login event and trims unused auth response data. |
| src/app/layout.tsx | Adds richer SEO metadata (OG/Twitter), sets metadataBase, and mounts AnalyticsTracker. |
| src/app/error.tsx | Adds a custom global error page for App Router errors. |
| src/app/dashboard/DashboardContent.tsx | Improves typing for favorites→properties join mapping. |
| src/app/api/health/route.ts | Adds a no-store JSON liveness endpoint for healthchecks/monitors. |
| scripts/scraper.ts | Exports extractOwnerName and tightens error typing. |
| scripts/entrypoint.sh | Supervises cron scraper loop and uses exec for proper PID1 behavior. |
| scripts/apify_sync.ts | Adds typed Apify item interface and removes process.exit from library path (rethrows instead). |
| README.md | Updates framework version note and documents CI/CD, testing, and analytics setup. |
| playwright.config.ts | Adds Playwright runner config with PLAYWRIGHT_BASE_URL override. |
| package.json | Adds typecheck and test:e2e scripts; pins ESLint to v9. |
| package-lock.json | Updates lockfile for ESLint v9 and related dependency graph. |
| next.config.ts | Adds baseline security headers and disables x-powered-by. |
| eslint.config.mjs | Disables @next/next/no-img-element to support arbitrary scraped image hosts. |
| Dockerfile | Moves to node:24-alpine, switches to npm ci, prunes dev deps for runtime image. |
| docker-compose.yml | Adds real resource limits/log rotation and healthcheck against /api/health. |
| db/migrations/supabase_migration_phase11_analytics.sql | Adds analytics_events table with insert-only RLS and a daily summary view. |
| CLAUDE.md | Adds repo-specific contributor notes (commands, architecture, constraints). |
| .github/workflows/deploy.yml | Splits CI/deploy/smoke jobs; gates deploy on CI and runs post-deploy Playwright checks. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+84
to
+88
| test('Protected dashboard redirects unauthenticated users', async ({ page }) => { | ||
| await page.goto('/dashboard'); | ||
| // Should land on login (client-side redirect) or stay on dashboard shell | ||
| await page.waitForURL(/login|dashboard/, { timeout: 10_000 }); | ||
| }); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
npm cireproducible installs, dev-deps pruned from runtime image, real cpu/mem limits (olddeploy:block was swarm-only and silently ignored), log rotation, healthcheck on/api/healthanalytics_events(page views, signups, logins) with insert-only RLS — rundb/migrations/supabase_migration_phase11_analytics.sqlin the Supabase SQL editorprocess.exitin library code path)Math.randomduring render).then()callbacksTest plan
🤖 Generated with Claude Code