fix(ci): pin DOCKER_API_VERSION=1.43 for e2e job

The runner's Docker client negotiates API 1.53 but the daemon on the NAS only supports up to 1.43. Pin the version for all docker commands in the e2e job, including the new network connect step. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(ci): connect job container to compose network for DB/MinIO access
2026-03-19 15:13:17 +01:00 · 2026-03-19 15:13:17 +01:00 · 2026-03-19 15:13:17 +01:00 · 2026-03-19 15:13:17 +01:00 · 2026-03-19 15:13:17 +01:00
4 changed files with 15 additions and 8 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -92,6 +92,7 @@ jobs:

    # These env vars are picked up by docker-compose (overrides .env file)
    env:
+      DOCKER_API_VERSION: "1.43"
      POSTGRES_USER: archive_user
      POSTGRES_PASSWORD: ci_db_password
      POSTGRES_DB: family_archive_db
@@ -109,15 +110,18 @@ jobs:

      # ── Infrastructure ──────────────────────────────────────────────────────
      - name: Cleanup leftover containers from previous runs
-        run: docker compose down --volumes --remove-orphans || true
+        run: docker compose -f docker-compose.yml -f docker-compose.ci.yml down --volumes --remove-orphans || true

      - name: Start DB and MinIO
-        run: docker compose up -d db minio create-buckets
+        run: docker compose -f docker-compose.yml -f docker-compose.ci.yml up -d db minio create-buckets

      - name: Wait for DB to be ready
        run: |
          timeout 30 bash -c \
-            'until docker compose exec -T db pg_isready -U archive_user; do sleep 2; done'
+            'until docker compose -f docker-compose.yml -f docker-compose.ci.yml exec -T db pg_isready -U archive_user; do sleep 2; done'
+
+      - name: Connect job container to compose network
+        run: docker network connect familienarchiv_archive-net $(cat /etc/hostname)

      # ── Backend ─────────────────────────────────────────────────────────────
      - uses: actions/setup-java@v4
@@ -142,10 +146,10 @@ jobs:
        run: |
          java -jar backend/target/*.jar \
            --spring.profiles.active=e2e \
-            --SPRING_DATASOURCE_URL=jdbc:postgresql://localhost:5433/family_archive_db \
+            --SPRING_DATASOURCE_URL=jdbc:postgresql://db:5432/family_archive_db \
            --SPRING_DATASOURCE_USERNAME=archive_user \
            --SPRING_DATASOURCE_PASSWORD=ci_db_password \
-            --S3_ENDPOINT=http://localhost:9100 \
+            --S3_ENDPOINT=http://minio:9000 \
            --S3_ACCESS_KEY=minio_admin \
            --S3_SECRET_KEY=ci_minio_password \
            --S3_BUCKET_NAME=archive-documents \
--- a/frontend/src/hooks.server.ts
+++ b/frontend/src/hooks.server.ts
@@ -27,7 +27,8 @@ const userGroup: Handle = async ({ event, resolve }) => {

    if (auth) {
        try {
-            const response = await fetch('http://localhost:8080/api/users/me', {
+            const apiUrl = env.API_INTERNAL_URL || 'http://localhost:8080';
+            const response = await fetch(`${apiUrl}/api/users/me`, {
                        headers: { Authorization: auth }

            });
--- a/frontend/src/routes/api/persons/+server.ts
+++ b/frontend/src/routes/api/persons/+server.ts
@@ -1,5 +1,6 @@
 import { json } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
+import { env } from 'process';

 export const GET: RequestHandler = async ({ url, fetch }) => {
    // 1. Suchparameter aus der URL des Browsers holen
@@ -8,7 +9,7 @@ export const GET: RequestHandler = async ({ url, fetch }) => {
    try {
        // 3. Anfrage an das Java-Backend weiterleiten (Server-to-Server)
        // Wir nutzen hier den internen Docker-Hostnamen oder localhost, je nach Netzwerk
-        const backendUrl = `http://localhost:8080/api/persons?q=${encodeURIComponent(q)}`;
+        const backendUrl = `${env.API_INTERNAL_URL || 'http://localhost:8080'}/api/persons?q=${encodeURIComponent(q)}`;

        const response = await fetch(backendUrl, {
            method: 'GET',
--- a/frontend/src/routes/api/tags/+server.ts
+++ b/frontend/src/routes/api/tags/+server.ts
@@ -1,5 +1,6 @@
 import { json } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
+import { env } from 'process';

 export const GET: RequestHandler = async ({ url, fetch }) => {
    // 1. Suchparameter aus der URL des Browsers holen
@@ -8,7 +9,7 @@ export const GET: RequestHandler = async ({ url, fetch }) => {
    try {
        // 3. Anfrage an das Java-Backend weiterleiten (Server-to-Server)
        // Wir nutzen hier den internen Docker-Hostnamen oder localhost, je nach Netzwerk
-        const backendUrl = `http://localhost:8080/api/tags?q=${encodeURIComponent(q)}`;
+        const backendUrl = `${env.API_INTERNAL_URL || 'http://localhost:8080'}/api/tags?q=${encodeURIComponent(q)}`;

        const response = await fetch(backendUrl, {
            method: 'GET',
Author	SHA1	Message	Date
Marcel	db6dc28528	fix(ci): pin DOCKER_API_VERSION=1.43 for e2e job Some checks failed CI / Unit & Component Tests (push) Has been cancelled Details CI / Backend Unit Tests (push) Has been cancelled Details CI / E2E Tests (push) Has been cancelled Details The runner's Docker client negotiates API 1.53 but the daemon on the NAS only supports up to 1.43. Pin the version for all docker commands in the e2e job, including the new network connect step. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-19 15:13:17 +01:00
Marcel	208dc87d69	fix(ci): connect job container to compose network for DB/MinIO access The act_runner job runs inside a Docker container. Docker Compose port mappings bind to the Docker host, not the job container's localhost — so localhost:5433 was always refused. Fix: after compose starts, connect the job container (identified by /etc/hostname) to the archive-net compose network. Then switch the backend startup args to use service names db:5432 and minio:9000 instead of host-mapped ports. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-19 15:13:17 +01:00
Marcel	d943372ea7	fix(ci): pass docker-compose.ci.yml override to e2e compose commands The e2e job was calling plain `docker compose up` without the CI override file, so it used the base compose bind-mount for MinIO (./data/minio) which doesn't exist on the runner. The CI override replaces bind mounts with ephemeral named volumes. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-19 15:13:17 +01:00
Marcel	4e8de3658f	fix(api): use API_INTERNAL_URL in tags and persons proxy routes Both SvelteKit API proxy routes were hardcoding http://localhost:8080, breaking typeahead search in Docker environments. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-19 15:13:17 +01:00
Marcel	b6361e6cbc	fix(auth): use API_INTERNAL_URL in userGroup hook The userGroup hook was hardcoding http://localhost:8080 instead of reading API_INTERNAL_URL from the environment. In Docker this caused the /api/users/me fetch to fail silently, leaving event.locals.user unset and triggering the handleAuth guard to redirect every page to /login — including the login form action itself, creating an infinite redirect loop. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-19 15:13:17 +01:00