refactor: drop PayloadCMS legacy traces and consolidate DB SSL handling#18
Conversation
정관, 개인정보처리방침, 이용약관, 총회/이사회
chore: add AGENTS.md
- Delete one-shot `scripts/migrate-payload-to-prisma.ts` and the SSL-wrapping `run-prisma-migrate-*.mjs` runners; `db:migrate` and `db:migrate:deploy` now invoke `prisma migrate` directly. - Introduce `src/utils/database-url.ts#withDatabaseSslParams` that auto-appends `sslmode=require&uselibpqcompat=true` for `*.rds.amazonaws.com` hosts, and use it from both `src/utils/prisma.ts` and `prisma.config.ts` to keep runtime and migrations aligned. - Remove `PAYLOAD_*` env vars (`PAYLOAD_DATABASE_URL`, `PAYLOAD_DATABASE_SSL_REJECT_UNAUTHORIZED`, `PAYLOAD_S3_BASE_URL`, `PAYLOAD_S3_SOURCE_BUCKET`) and rename `PAYLOAD_S3_TARGET_BUCKET` -> `S3_BUCKET` across source, Dockerfile, GitHub Actions CD secrets, and `.env` / `.env.example`. - Drop direct `pg` / `@types/pg` deps (still installed transitively via `@prisma/adapter-pg`). - Scrub remaining Payload references from `README.md`, `AGENTS.md`, and `src/app/AGENTS.md`; drop the obsolete `DATABASE_SSL_REJECT_UNAUTHORIZED` override note. - Apply `prettier:write` across the repo (admin dashboard/actions, info pages, footer, scrolling logos, cms util, CI workflow).
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
CI copies `.env.example` to `.env` before running `pnpm build`, but the previous placeholder `postgres://user:password@url:port/schema` is not a valid URL (WHATWG URL parser rejects non-numeric `port`), causing `prisma generate` to crash while loading `prisma.config.ts` via `withDatabaseSslParams` -> `new URL(...)`. - Use a parseable placeholder in `.env.example` (`host:5432`). - Wrap `new URL(...)` in `withDatabaseSslParams` with try/catch so any unparseable DATABASE_URL is returned as-is instead of breaking the Prisma config load.
Prisma 7's `prisma.config.ts` resolves `env('DATABASE_URL')` eagerly at
config load time, so `prisma generate` aborts with PrismaConfigEnvError
when the env var is missing -- e.g. during the Docker build stage of
the CD workflow where the DATABASE_URL secret is sourced per-RUN and
is absent (or empty) on the very first evaluation of the config.
Switch to a direct `process.env.DATABASE_URL` read with a non-empty
placeholder fallback so config loading and `prisma generate` are
decoupled from whether the runtime secret is wired up. Real migrations
and runtime use still require a proper DATABASE_URL, and will surface a
clear connection error if the placeholder is ever reached.
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 11c6a1e51b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - name: Deploy Prisma migrations | ||
| if: github.event_name != 'pull_request' | ||
| env: | ||
| DATABASE_URL: ${{ secrets.DATABASE_URL }} | ||
| run: pnpm db:migrate:deploy |
There was a problem hiding this comment.
In .github/workflows/cd.yml the production migration step runs before the Docker build/push steps, so a failed build, registry login, or image push can leave the database schema advanced while production is still running the previous image. This creates a real rollout hazard for non-backward-compatible migrations (old app against new schema) and can require manual rollback/recovery; move migration execution to a post-build deploy phase that only runs after the artifact is successfully built and published.
Useful? React with 👍 / 👎.
1 participant
요약
PayloadCMS 기반 CMS를 Prisma + better-auth DIY CMS로 전환한 뒤 남아있던 레거시 흔적을 정리하고, DB 연결/SSL 설정을 앱 런타임과 Prisma CLI가 일관되게 사용하도록 일원화합니다. 기능/디자인 변경은 없습니다.
주요 변경
1. PayloadCMS 레거시 제거
scripts/migrate-payload-to-prisma.ts삭제 — 이미 완료된 1회성 마이그레이션 스크립트scripts/폴더 전체 제거 —db:migrate/db:migrate:deploy가 Prisma CLI를 직접 호출하도록 변경PAYLOAD_DATABASE_URL,PAYLOAD_DATABASE_SSL_REJECT_UNAUTHORIZED,PAYLOAD_S3_BASE_URL,PAYLOAD_S3_SOURCE_BUCKETPAYLOAD_S3_TARGET_BUCKET→S3_BUCKETpg,@types/pg제거 (@prisma/adapter-pg가 transitive로 계속 제공)README.md,AGENTS.md,src/app/AGENTS.md에서 Payload 관련 문구/anti-pattern 정리2. DB 연결/SSL 일원화
src/utils/database-url.ts신설 —withDatabaseSslParams(url)헬퍼가 호스트가*.rds.amazonaws.com일 때에 한해sslmode=require&uselibpqcompat=true를 자동 추가src/utils/prisma.ts와prisma.config.ts양쪽에서 동일한 헬퍼를 경유하므로 런타임과 migration이 동일한 SSL 정책을 사용DATABASE_SSL_REJECT_UNAUTHORIZED환경변수 및 관련 분기 제거scripts/run-prisma-migrate-*.mjsshell wrapper 불필요해져 삭제3. 배포 파이프라인 정리
Dockerfile:PAYLOAD_S3_BASE_URLsecret mount 제거,PAYLOAD_S3_TARGET_BUCKET→S3_BUCKET.github/workflows/cd.yml: 빌드 secret 리스트에서 동일하게 정리, migrate 스텝의DATABASE_SSL_REJECT_UNAUTHORIZED전달 삭제.env.example스키마 축소4. 코드 포맷 정리
pnpm prettier:write적용 (admin dashboard/actions, 정보 페이지, footer, scrolling-logos,utils/cms.ts, CI workflow)병합 전 배포 체크리스트
PAYLOAD_S3_BASE_URL,PAYLOAD_S3_TARGET_BUCKET,DATABASE_SSL_REJECT_UNAUTHORIZED삭제하고S3_BUCKET추가docker-compose.yml—PAYLOAD_S3_TARGET_BUCKET→S3_BUCKET교체,DATABASE_SSL_REJECT_UNAUTHORIZED라인 제거DATABASE_URL—?sslmode=...수동 파라미터 없이도 동작 (RDS 호스트면withDatabaseSslParams가 자동 처리, 아니면 그대로 전달)검증
pnpm build통과 (전체 라우트 정상 빌드)pnpm lint통과 (경고 없음)src/LSP diagnostics 0 errorsgrep -i payload결과 0건참고
feat@add-contents-with-payload를refactor@drop-payloadcms-legacy로 rename한 결과입니다. 구 원격 브랜치는 별도로 정리해주세요.Summary by CodeRabbit
New Features
Documentation
Chores