feat(infra): Auto-provision shared S3 bucket per generated app#16
Open
liuxing wants to merge 1 commit into
Open
feat(infra): Auto-provision shared S3 bucket per generated app#16liuxing wants to merge 1 commit into
liuxing wants to merge 1 commit into
Conversation
Add S3 to the kickoff-infra auto-provisioning flow alongside Postgres and Redis. Unlike PG/Redis (one Dokploy container each), S3 uses a single shared bucket configured once on the server; every generated app gets an isolated folder (key prefix = app slug). - types: InfraServiceKind gains "s3"; RequiredServices gains needsS3; InfraServiceInfo gains optional `env` map for multi-key services - detect: regex + LLM service-detector now classify S3 (file/image/media upload, object storage, presigned URLs) - s3.ts: reads BLUEPRINT_S3_* shared-bucket config, allocates per-app prefix, emits the AWS_S3_* env bundle (no Dokploy call) - index: S3 provisioning runs independently of Dokploy; adds s3EnvFrom() - coding/route + deploy/pipeline: inject S3 env into backend/.env and the deployed compose env - generated-code-env: add generic upsertEnvVars for multi-key sets - InfraSection UI: S3 chip (skips ping / port display) - .env.example: document BLUEPRINT_S3_* (AWS / R2 / MinIO compatible) Secrets only land in gitignored .blueprint/kickoff-infra.json and the generated .env; UI/metadata expose only the s3://bucket/prefix string. Tests: detect + s3 unit suites (34 passing).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds S3 object storage to the kickoff infra auto-provisioning flow, alongside the existing Postgres/Redis support.
Unlike Postgres/Redis (one Dokploy container per app), S3 uses one shared bucket configured once on the Agentic Builder server. Every generated app gets an isolated folder inside it (key prefix = app slug) — ideal for throwaway test projects. No Dokploy call is involved; S3 provisioning is fully decoupled.
How it works
.env.local(BLUEPRINT_S3_BUCKET+ credentials; AWS / Cloudflare R2 / MinIO compatible).needsS3.app-slug/) and injects theAWS_S3_*bundle into the generated app'sbackend/.env, and into the deployed compose env at deploy time.Changes
InfraServiceKind+="s3";RequiredServices+=needsS3;InfraServiceInfo+= optionalenvmap (S3 needs multiple keys, not a single URL)kickoff-infra/s3.ts(new): reads shared config, derives per-app prefix, buildsAWS_S3_*envs3EnvFrom()backend/.envand the deployed containerupsertEnvVarsfor multi-key setsBLUEPRINT_S3_*Security
Secrets land only in gitignored
.blueprint/kickoff-infra.jsonand the generated.env. UI/metadata expose only thes3://bucket/prefixdisplay string — never the keys.Test plan
detectunit suite — S3 regex + orchestration (incl. negative case for text-only CRUD)s3unit suite — prefix derivation, env bundle, config reading, provisioning (34 tests passing)deploy/pipelineregression suite updated (s3EnvFrom mock) — passingtsc --noEmitclean for all touched files;next lintcleanBLUEPRINT_S3_*, run a kickoff for an app with image upload, verifyAWS_S3_*in generatedbackend/.env🤖 Generated with Claude Code