Changed internal port to 80

README.md

@@ -11,7 +11,6 @@ Table of Contents
   - [Installation](#installation)
 - [Usage](#usage)
   - [Deploy](#deploy)
-  - [Slug](#slug)
   - [Cleanup](#cleanup)
 - [Roadmap](#roadmap)
 
@@ -72,65 +71,47 @@ See `examples/deploy.yml` for a complete workflow covering production, preview,
 
 ### Deploy
 
-Builds the Docker image, starts the container, and registers a Pangolin resource.
+Builds the Docker image, starts the container, and registers a Pangolin resource. The branch name drives everything else: pushes to the repo's default branch deploy as `production`, all other branches deploy as previews with a slugified tag, a deterministic host port, and a `${slug}.${app-name}` subdomain.
 
     - uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/deploy@v1
       with:
         app-name: my-app
-        tag: production
-        port: "3001"
-        environment: production
-        subdomain: my-app
+        branch: ${{ github.ref_name }}
 
 Inputs
 
 `app-name`
 
-Application name (used for image/container naming)
+Application name (used for image/container naming, and as the production subdomain)
 
-`tag`
+`branch`
 
-Image/container tag (e.g. `production` or a branch slug)
-
-`port`
-
-Host port to expose
+Branch name. Matches against `github.event.repository.default_branch` to decide production vs. preview. `refs/heads/` prefix is stripped.
 
 `internal-port`
 
 Port the app listens on inside the container (default `3000`)
 
-`environment`
-
-`production` or `preview`
-
-`subdomain`
-
-Subdomain for the Pangolin resource
-
 `build-args`
 
 Extra `KEY=VALUE` docker build args (space-separated)
 
-### Slug
+`env-vars`
 
-Derives a URL-safe slug and a deterministic port from a branch name. Strips `refs/heads/` so either `github.ref_name` or `github.event.ref` works.
+Runtime env vars for the container, one `KEY=VALUE` per line. Merged on top of `/opt/apps/${app-name}/.env.${environment}` on the runner — keys defined here win. Reference secrets here so values stay masked in logs.
 
-    - id: slug
-      uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/slug@v1
-      with:
-        branch: ${{ github.ref_name }}
-
-Outputs: `slug`, `port`.
+    env-vars: |
+      DATABASE_URL=${{ secrets.DATABASE_URL }}
+      API_KEY=${{ secrets.API_KEY }}
 
 ### Cleanup
 
-Stops the preview container and removes its Pangolin resource. Intended for `delete` branch events.
+Stops the preview container and removes its Pangolin resource. Intended for `delete` branch events — the slug is derived from the branch name internally.
 
     - uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/cleanup@v1
       with:
         app-name: my-app
-        slug: ${{ steps.slug.outputs.slug }}
+        branch: ${{ github.event.ref }}
 
 ## Roadmap
 

cleanup/action.yml

@@ -1,27 +1,41 @@
 name: Cleanup Preview
-description: Stop container and remove Pangolin resource
+description: Stop container and remove Pangolin resource for a deleted branch
 
 inputs:
   app-name:
     required: true
     description: Application name (used for image/container naming)
-  slug:
+  branch:
     required: true
-    description: Branch slug to clean up
+    description: Branch name being cleaned up
 
 runs:
   using: composite
   steps:
+    - name: Derive cleanup parameters
+      id: derive
+      shell: bash
+      env:
+        BRANCH: ${{ inputs.branch }}
+      run: |
+        BRANCH="${BRANCH#refs/heads/}"
+        SLUG=$(echo "$BRANCH" | tr '/_' '--' | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]//g' | cut -c1-40)
+        REPO_SLUG="${GITHUB_REPOSITORY//\//-}"
+        {
+          echo "slug=$SLUG"
+          echo "resource-name=${REPO_SLUG}-${SLUG}"
+        } >> "$GITHUB_OUTPUT"
+
     - name: Remove Pangolin resource
       shell: bash
       run: |
         bash ${{ github.action_path }}/pangolin-delete.sh \
-          --resource-name "${{ inputs.app-name }}-${{ inputs.slug }}"
+          --resource-name "${{ steps.derive.outputs.resource-name }}"
 
     - name: Stop preview container
       shell: bash
       run: |
-        CONTAINER="${{ inputs.app-name }}-${{ inputs.slug }}"
+        CONTAINER="${{ inputs.app-name }}-${{ steps.derive.outputs.slug }}"
         docker stop "$CONTAINER" 2>/dev/null || true
         docker rm   "$CONTAINER" 2>/dev/null || true
-        docker rmi  "${{ inputs.app-name }}:${{ inputs.slug }}" 2>/dev/null || true
+        docker rmi  "${{ inputs.app-name }}:${{ steps.derive.outputs.slug }}" 2>/dev/null || true

deploy/action.yml

@@ -5,58 +5,103 @@ inputs:
   app-name:
     required: true
     description: Application name (used for image/container naming)
-  tag:
+  branch:
     required: true
-    description: Image/container tag (e.g., "production" or a branch slug)
-  port:
-    required: true
-    description: Host port to expose
+    description: Branch name; the repo's default branch deploys as production, everything else as a preview
   internal-port:
     required: false
-    default: "3000"
+    default: "80"
     description: Port the app listens on inside the container
-  environment:
-    required: true
-    description: Environment name ("production" or "preview")
-  subdomain:
-    required: true
-    description: Subdomain for Pangolin resource
   build-args:
     required: false
     default: ""
     description: Extra docker build args (space-separated KEY=VALUE pairs)
+  env-vars:
+    required: false
+    default: ""
+    description: |
+      Runtime env vars for the container, one KEY=VALUE per line.
+      Merged on top of /opt/apps/${app-name}/.env.${environment} on the runner;
+      keys defined here win. Use secrets to avoid leaking values into logs.
 
 runs:
   using: composite
   steps:
+    - name: Derive deploy parameters
+      id: derive
+      shell: bash
+      env:
+        APP_NAME: ${{ inputs.app-name }}
+        BRANCH: ${{ inputs.branch }}
+        DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
+      run: |
+        BRANCH="${BRANCH#refs/heads/}"
+        DEFAULT_BRANCH="${DEFAULT_BRANCH:-main}"
+
+        if [[ "$BRANCH" == "$DEFAULT_BRANCH" ]]; then
+          TAG="production"
+          ENVIRONMENT="production"
+          SUBDOMAIN="$APP_NAME"
+          PORT=$(( 10000 + ( $(echo -n "${APP_NAME}-production" | cksum | awk '{print $1}') % 10000 ) ))
+        else
+          SLUG=$(echo "$BRANCH" | tr '/_' '--' | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]//g' | cut -c1-40)
+          TAG="$SLUG"
+          ENVIRONMENT="preview"
+          SUBDOMAIN="${SLUG}.${APP_NAME}"
+          PORT=$(( 20000 + ( $(echo -n "$SLUG" | cksum | awk '{print $1}') % 10000 ) ))
+        fi
+
+        REPO_SLUG="${GITHUB_REPOSITORY//\//-}"
+
+        {
+          echo "tag=$TAG"
+          echo "environment=$ENVIRONMENT"
+          echo "subdomain=$SUBDOMAIN"
+          echo "port=$PORT"
+          echo "resource-name=${REPO_SLUG}-${TAG}"
+        } >> "$GITHUB_OUTPUT"
+
     - name: Build Docker image
       shell: bash
       run: |
-        BUILD_ARGS="--build-arg APP_ENV=${{ inputs.environment }}"
+        BUILD_ARGS="--build-arg APP_ENV=${{ steps.derive.outputs.environment }}"
         for arg in ${{ inputs.build-args }}; do
           BUILD_ARGS="$BUILD_ARGS --build-arg $arg"
         done
         docker build \
           $BUILD_ARGS \
-          -t ${{ inputs.app-name }}:${{ inputs.tag }} \
+          -t ${{ inputs.app-name }}:${{ steps.derive.outputs.tag }} \
           -f dockerfile .
 
+    - name: Write workflow env-vars to file
+      id: env-file
+      shell: bash
+      env:
+        ENV_VARS: ${{ inputs.env-vars }}
+      run: |
+        OVERRIDE_FILE=""
+        if [[ -n "$ENV_VARS" ]]; then
+          OVERRIDE_FILE=$(mktemp)
+          printf '%s\n' "$ENV_VARS" > "$OVERRIDE_FILE"
+        fi
+        echo "path=$OVERRIDE_FILE" >> "$GITHUB_OUTPUT"
+
     - name: Deploy container
       shell: bash
       run: |
         bash ${{ github.action_path }}/deploy.sh \
           --name "${{ inputs.app-name }}" \
-          --tag "${{ inputs.tag }}" \
-          --port "${{ inputs.port }}" \
+          --tag "${{ steps.derive.outputs.tag }}" \
+          --port "${{ steps.derive.outputs.port }}" \
           --internal-port "${{ inputs.internal-port }}" \
-          --env "${{ inputs.environment }}"
+          --env "${{ steps.derive.outputs.environment }}" \
+          --env-override "${{ steps.env-file.outputs.path }}"
 
     - name: Register Pangolin resource
       shell: bash
       run: |
-        REPO_SLUG="${GITHUB_REPOSITORY//\//-}"
         bash ${{ github.action_path }}/pangolin-upsert.sh \
-          --subdomain "${{ inputs.subdomain }}" \
-          --port "${{ inputs.port }}" \
-          --resource-name "${REPO_SLUG}-${{ inputs.tag }}" \
+          --subdomain "${{ steps.derive.outputs.subdomain }}" \
+          --port "${{ steps.derive.outputs.port }}" \
+          --resource-name "${{ steps.derive.outputs.resource-name }}" \
           --target-ip "$PANGOLIN_TARGET_IP"

deploy/deploy.sh

@@ -4,29 +4,47 @@ set -euo pipefail
 APP_NAME=""
 TAG=""
 PORT=""
-INTERNAL_PORT="3000"
+INTERNAL_PORT="80"
 ENV=""
+ENV_OVERRIDE=""
 
 while [[ $# -gt 0 ]]; do
 case $1 in
-    --name)          APP_NAME="$2";      shift 2 ;;
-    --tag)           TAG="$2";           shift 2 ;;
-    --port)          PORT="$2";          shift 2 ;;
-    --internal-port) INTERNAL_PORT="$2"; shift 2 ;;
-    --env)           ENV="$2";           shift 2 ;;
+    --name)          APP_NAME="$2";     shift 2 ;;
+    --tag)           TAG="$2";          shift 2 ;;
+    --port)          PORT="$2";         shift 2 ;;
+    --internal-port) INTERNAL_PORT="$2";shift 2 ;;
+    --env)           ENV="$2";          shift 2 ;;
+    --env-override)  ENV_OVERRIDE="$2"; shift 2 ;;
     *) echo "Unknown arg: $1"; exit 1 ;;
 esac
 done
 
 CONTAINER="${APP_NAME}-${TAG}"
+ON_DISK="/opt/apps/${APP_NAME}/.env.${ENV}"
 
 echo "→ Deploying container: ${CONTAINER} on port ${PORT}"
 
 docker stop "${CONTAINER}" 2>/dev/null && docker rm "${CONTAINER}" 2>/dev/null || true
 
 ENV_FILE_ARG=""
-if [[ -f "/opt/apps/${APP_NAME}/.env.${ENV}" ]]; then
-ENV_FILE_ARG="--env-file /opt/apps/${APP_NAME}/.env.${ENV}"
+HAS_ON_DISK=0
+HAS_OVERRIDE=0
+[[ -f "${ON_DISK}" ]] && HAS_ON_DISK=1
+[[ -n "${ENV_OVERRIDE}" && -f "${ENV_OVERRIDE}" ]] && HAS_OVERRIDE=1
+
+if (( HAS_ON_DISK == 1 && HAS_OVERRIDE == 0 )); then
+  ENV_FILE_ARG="--env-file ${ON_DISK}"
+elif (( HAS_OVERRIDE == 1 && HAS_ON_DISK == 0 )); then
+  ENV_FILE_ARG="--env-file ${ENV_OVERRIDE}"
+elif (( HAS_ON_DISK == 1 && HAS_OVERRIDE == 1 )); then
+  MERGED=$(mktemp)
+  # On-disk first, override second; tac/awk/tac keeps the last occurrence per key.
+  { cat "${ON_DISK}"; echo; cat "${ENV_OVERRIDE}"; } \
+    | grep -Ev '^[[:space:]]*(#|$)' \
+    | tac | awk -F= '!seen[$1]++' | tac \
+    > "${MERGED}"
+  ENV_FILE_ARG="--env-file ${MERGED}"
 fi
 
 docker run -d \

examples/deploy.yml

@@ -2,7 +2,7 @@ name: Deploy
 
 on:
   push:
-    branches: ["main", "**"]
+    branches: ["**"]
   delete:
 
 env:
@@ -14,8 +14,8 @@ env:
   PANGOLIN_TARGET_IP: ${{ secrets.PANGOLIN_TARGET_IP }}
 
 jobs:
-  deploy-production:
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+  deploy:
+    if: github.event_name == 'push'
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -23,43 +23,15 @@ jobs:
       - uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/deploy@v1
         with:
           app-name: ${{ vars.APP_NAME }}
-          tag: production
-          port: ${{ vars.PROD_PORT }}
-          internal-port: ${{ vars.INTERNAL_PORT }}
-          environment: production
-          subdomain: ${{ vars.PROD_SUBDOMAIN }}
-
-  deploy-preview:
-    if: github.event_name == 'push' && github.ref != 'refs/heads/main'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Compute preview slug
-        id: slug
-        uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/slug@v1
-        with:
           branch: ${{ github.ref_name }}
-
-      - uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/deploy@v1
-        with:
-          app-name: ${{ vars.APP_NAME }}
-          tag: ${{ steps.slug.outputs.slug }}
-          port: ${{ steps.slug.outputs.port }}
-          internal-port: ${{ vars.INTERNAL_PORT }}
-          environment: preview
-          subdomain: ${{ steps.slug.outputs.slug }}.${{ vars.APP_NAME }}
+          env-vars: |
+            DATABASE_URL=${{ secrets.DATABASE_URL }}
+            API_KEY=${{ secrets.API_KEY }}
 
   cleanup-preview:
     if: github.event_name == 'delete' && github.event.ref_type == 'branch'
     runs-on: ubuntu-latest
     steps:
-      - name: Compute preview slug
-        id: slug
-        uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/slug@v1
-        with:
-          branch: ${{ github.event.ref }}
-
       - uses: actions/checkout@v4
         with:
           ref: main
@@ -67,4 +39,4 @@ jobs:
       - uses: https://git.zyrrus.dev/eighty-six/node-deploy-action/cleanup@v1
         with:
           app-name: ${{ vars.APP_NAME }}
-          slug: ${{ steps.slug.outputs.slug }}
+          branch: ${{ github.event.ref }}

slug/action.yml

@@ -1,29 +0,0 @@
-name: Compute Preview Slug
-description: Derive a URL-safe slug and deterministic port from a branch name
-
-inputs:
-  branch:
-    required: true
-    description: Branch name to slugify
-
-outputs:
-   slug:
-     description: URL-safe branch slug
-     value: ${{ steps.compute.outputs.slug }}
-   port:
-     description: Deterministic port derived from the slug
-     value: ${{ steps.compute.outputs.port }}
-
-runs:
-  using: composite
-  steps:
-    - name: Compute slug and port
-      id: compute
-      shell: bash
-      run: |
-        BRANCH="${{ inputs.branch }}"
-        BRANCH="${BRANCH#refs/heads/}"
-        SLUG=$(echo "$BRANCH" | tr '/' '-' | tr '_' '-' | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]//g' | cut -c1-40)
-        echo "slug=$SLUG" >> "$GITHUB_OUTPUT"
-        PORT=$(( 20000 + ( $(echo -n "$SLUG" | cksum | awk '{print $1}') % 10000 ) ))
-        echo "port=$PORT" >> "$GITHUB_OUTPUT"