ci: moving on from vercel

[megasanjay]

This PR adds docker support for our nextjs application. It also support the generation of preview environments and preview urls for review. currently this is not how i would do staging environment based deployment but we are getting there. First steps

Summary by Sourcery

Introduce Docker/Kamal-based deployment for the Next.js app, including preview and production workflows, and adjust app configuration and dependencies accordingly.

New Features:

• Add Dockerfile to build and run the Next.js application in a multi-stage containerized setup.
• Add Kamal deployment configuration for production and preview environments.
• Add GitHub Actions workflows to deploy production and per-branch preview environments and comment preview URLs on pull requests.

Enhancements:

• Allow disabling Next.js image optimization via environment variable and expand allowed remote image domains.
• Update Next.js, React, React DOM, and ESLint Next config dependencies to newer compatible versions.
• Adjust lint-staged configuration and remove the gallery_id script from the postinstall hook.
• Tag the homepage hero heading to distinguish this deployment variant.

CI:

• Introduce CI workflows for automated preview environment creation/removal and production deployment via Kamal.

Deployment:

• Configure Kamal-based deployment, including registry credentials, proxy/SSL setup, and environment configuration for production and preview.

[fairdataihub-bot]

Thank you for submitting this pull request! We appreciate your contribution to the project. Before we can merge it, we need to review the changes you've made to ensure they align with our code standards and meet the requirements of the project. We'll get back to you as soon as we can with feedback. Thanks again!

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
fairdataihub-website	Ready	Preview, Comment	Mar 5, 2026 11:43pm

[sourcery-ai]

Reviewer's Guide

Adds Docker/Kamal-based deployment support with preview environments, updates CI workflows for production and preview deployments, adjusts Next.js image settings for reverse-proxy/docker compatibility, and bumps core frontend dependencies to the latest patch versions.

Sequence diagram for preview environment deployment and PR comment

sequenceDiagram
  actor Dev
  participant GH as GitHub
  participant WF as deploy-preview-app.yml
  participant Kamal
  participant Reg as ContainerRegistry
  participant Srv as Server
  participant PR as PullRequest

  Dev->>GH: Push to feature branch
  GH-->>WF: Trigger workflow (push, branch != main/next)

  WF->>WF: Compute BRANCH_SLUG
  WF->>WF: Set KAMAL_APP_NAME, KAMAL_APP_DOMAIN

  WF->>Reg: Build & push Docker image
  WF->>Kamal: kamal deploy -d preview
  Kamal->>Srv: Provision/Update preview container
  Kamal->>Srv: Run Next.js app (NODE_ENV=preview)

  WF->>GH: github-script list open PRs for branch
  GH-->>WF: Matching PR (if any)

  WF->>PR: Create or update comment
  Note over WF,PR: "## Preview deployment ready" with preview URL

  Dev->>PR: Open PR, click preview URL

Loading

Sequence diagram for preview environment removal on PR close or branch delete

sequenceDiagram
  actor Maint as Maintainer
  participant GH as GitHub
  participant WF as deploy-preview-app.yml
  participant Kamal
  participant Srv as Server
  participant PR as PullRequest

  Maint->>GH: Close PR or delete branch
  GH-->>WF: Trigger remove-preview job

  WF->>WF: Determine branch name
  WF->>WF: Compute BRANCH_SLUG
  WF->>WF: Set KAMAL_APP_NAME, KAMAL_APP_DOMAIN

  WF->>Kamal: kamal remove -y -d preview
  Kamal->>Srv: Stop and remove preview container

  alt Event is pull_request closed
    WF->>PR: Comment "Preview deployment removed"
  else Branch delete event
    WF->>GH: No PR comment
  end

Loading

File-Level Changes

Change	Details	Files
Enable Docker-based build and runtime for the Next.js app and wire it into Kamal deployments.	Introduce a multi-stage Dockerfile that installs dependencies, builds the Next.js app in production mode, and runs it with next start using a non-root user. Standardize on NODE_ENV=production and NEXT_IMAGE_UNOPTIMIZED=true during build and runtime to better support running behind a reverse proxy. Ensure lockfile-driven installs with npm/yarn/pnpm and leverage Docker cache mounts for faster builds.	Dockerfile
Configure Kamal for production and preview environments and add GitHub Actions workflows to deploy and clean up preview/production apps.	Add main Kamal deploy config pointing to registry/server, proxy/SSL settings, and shared env vars including NEXT_IMAGE_UNOPTIMIZED. Add a preview deploy config for Kamal that sets NODE_ENV=preview and image behavior. Create a production deployment workflow that runs on pushes to next, installs Kamal, sets up SSH/Buildx, releases locks, and runs kamal setup/deploy. Create a preview deployment workflow that builds/deploys per branch, computes branch-based app names/domains, posts/updates preview URLs on PRs, and removes preview envs on PR close/branch delete. Add placeholder Kamal hook files and secrets files to support future customization and environment-specific secrets.	config/deploy.yml config/deploy.preview.yml .github/workflows/deploy-app.yml .github/workflows/deploy-preview-app.yml .kamal/hooks/docker-setup.sample .kamal/hooks/post-deploy.sample .kamal/hooks/post-proxy-reboot.sample .kamal/hooks/pre-build.sample .kamal/hooks/pre-connect.sample .kamal/hooks/pre-deploy.sample .kamal/hooks/pre-proxy-reboot.sample .kamal/secrets .kamal/secrets-common .kamal/secrets-preview
Adjust Next.js image configuration for Docker/reverse-proxy usage and expand allowed remote image hosts.	Add NEXT_IMAGE_UNOPTIMIZED-driven unoptimized flag to Next.js images config and document why it’s needed for Docker behind a reverse proxy. Normalize remotePatterns entries to include port and pathname, and add GitHub-related hostnames for more robust image loading in previews and production.	next.config.js
Update core frontend dependency versions and tweak project scripts/lint-staged settings.	Relax version pins for next, react, react-dom, and eslint-config-next to caret ranges and bump them to the latest patch versions. Remove gallery_id script from postinstall to avoid side effects during Docker installs/CI. Change lint-staged pattern from a broad TS/JS glob to a narrower .mx pattern (likely temporary/mistaken and worth double-checking).	package.json yarn.lock
Minor UI copy update on the home page to mark the deployment iteration.	Append "(next-21)" to the main hero heading text to reflect the deployment iteration.	src/pages/index.tsx

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[fairdataihub-bot]

Thanks for making updates to your pull request. Our team will take a look and provide feedback as soon as possible. Please wait for any GitHub Actions to complete before editing your pull request. If you have any additional questions or concerns, feel free to let us know. Thank you for your contributions!

[sourcery-ai]

Hey - I've found 3 issues, and left some high level feedback:

• The lint-staged pattern in package.json was changed from ./src/**/*.{ts,js,jsx,tsx} to ./src/**/*.{mx}, which will effectively disable linting/formatting on real source files; this looks accidental and should be adjusted to the intended extensions.
• The heading text change to The FAIR Data wave (next-21) in src/pages/index.tsx appears environment/version-specific and may not be suitable for production UI; consider removing the suffix or deriving it dynamically if needed for debugging.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The `lint-staged` pattern in `package.json` was changed from `./src/**/*.{ts,js,jsx,tsx}` to `./src/**/*.{mx}`, which will effectively disable linting/formatting on real source files; this looks accidental and should be adjusted to the intended extensions.
- The heading text change to `The FAIR Data wave (next-21)` in `src/pages/index.tsx` appears environment/version-specific and may not be suitable for production UI; consider removing the suffix or deriving it dynamically if needed for debugging.

## Individual Comments

### Comment 1
<location path="package.json" line_range="35" />
<code_context>
   },
   "lint-staged": {
-    "./src/**/*.{ts,js,jsx,tsx}": [
+    "./src/**/*.{mx}": [
       "yarn lint --fix",
       "yarn format"
</code_context>
<issue_to_address>
**issue (bug_risk):** The lint-staged glob `./src/**/*.{mx}` looks off and will likely stop linting from running on your TS/JS files.

The previous glob `./src/**/*.{ts,js,jsx,tsx}` matched your TS/JS files, but `./src/**/*.{mx}` matches none of them. Unless this was intentional, please restore a multi-extension glob so lint/format still run on your source files.
</issue_to_address>

### Comment 2
<location path=".github/workflows/deploy-app.yml" line_range="66" />
<code_context>
+      # Step 8: Initial Kamal setup (only needed once per server)
+      # Note: This step might need to be run manually on the server first time
+      # to add the user to the docker group: `sudo usermod -aG docker $USER | newgrp docker | docker ps`
+      - run: kamal setup
</code_context>
<issue_to_address>
**issue (bug_risk):** The production deployment workflow stops at `kamal setup` and never performs an actual deploy.

Given the workflow name and comments, this job appears intended to deploy on pushes to `next`, but it currently only runs `kamal setup`, which is typically a one-time or infrequent operation. Consider adding a `kamal deploy` (e.g., `kamal deploy -d <env>`) step so new pushes actually roll out to production instead of just re-running setup.
</issue_to_address>

### Comment 3
<location path="config/deploy.yml" line_range="2" />
<code_context>
+# Kamal Deployment Configuration
+# This file configures how your Nuxt.js application is deployed using Kamal
+# Kamal is a deployment tool that automates containerized app deployment
+
</code_context>
<issue_to_address>
**nitpick (typo):** The deploy config comments reference Nuxt.js while this repo is using Next.js.

Please update the comments to reference "Next.js" instead of "Nuxt.js" to align with the actual framework used in this repo and the Dockerfile.

Suggested implementation:

```
# This file configures how your Next.js application is deployed using Kamal

```

```
# Name of your Next.js application. Used to uniquely configure containers.

```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue (bug_risk): The lint-staged glob ./src/**/*.{mx} looks off and will likely stop linting from running on your TS/JS files.

The previous glob ./src/**/*.{ts,js,jsx,tsx} matched your TS/JS files, but ./src/**/*.{mx} matches none of them. Unless this was intentional, please restore a multi-extension glob so lint/format still run on your source files.

[sourcery-ai]

issue (bug_risk): The production deployment workflow stops at kamal setup and never performs an actual deploy.

Given the workflow name and comments, this job appears intended to deploy on pushes to next, but it currently only runs kamal setup, which is typically a one-time or infrequent operation. Consider adding a kamal deploy (e.g., kamal deploy -d <env>) step so new pushes actually roll out to production instead of just re-running setup.

[sourcery-ai]

nitpick (typo): The deploy config comments reference Nuxt.js while this repo is using Next.js.

Please update the comments to reference "Next.js" instead of "Nuxt.js" to align with the actual framework used in this repo and the Dockerfile.

Suggested implementation:

# This file configures how your Next.js application is deployed using Kamal

# Name of your Next.js application. Used to uniquely configure containers.

[megasanjay]

📝 Changed routes:

/
(view full size)

Commit 9d57666 (https://fairdataihub-website-dlhi9z93h-fairdataihub.vercel.app).

[slugb0t]

This doesn't trigger or wait for an actual deploy it seems. You could remove this and rely on the post-deploy comment from the deploy-ui job or update the message in this to say something along the lines of "Preview in progress"

[megasanjay]

comment-preview-on-pr has been broken. need to fix it. THis is for when you open the pr AFTER the app is deployed. still haven't figured out what the issue is

[slugb0t]

This overrides the hardcoded variable values. Should we just place them in the github secrets?

[megasanjay]

no because this is expected. the app name and domain will change for each branch

[slugb0t]

deploy-app.yml uses docker/setup-buildx-action@v3 so we could probably just add it onto here as well

[megasanjay]

i was using the vercel deployment example. need to see if it helps

[slugb0t]

Do we need all the dependencies in node_modules? We could build next.js in standalone mode from what I see in their documentation

[megasanjay]

We could test and see if it works

[slugb0t]

Tried this out and it went from 1gb image size to now 466MB. Build time was much faster with this enabled

[slugb0t]

To auto load these secrets for preview with renaming the file to: secrets.preview
Then in the config file adding -d preview to kamal deploy/setup will work out

[megasanjay]

intersting i though -env was the correct way. will have to fix