diff --git a/deploy.sh b/deploy.sh index a5d2160..c0a3555 100755 --- a/deploy.sh +++ b/deploy.sh @@ -27,7 +27,22 @@ echo "=== Pulling latest from git ===" # stranding new commits on an old checkout. Discard those generated changes first # so the pull always fast-forwards. (Only generated paths are reset.) git checkout -- site/public site/src 2>/dev/null || true -git pull origin main +git fetch origin main +# Hard-reset the tracked tree to origin/main: the deploy box is a pure mirror of +# origin (all real changes land via git), so any other tracked-file drift is also +# generated/stale and must not be allowed to abort the pull. Untracked files +# (data/*, .secrets/) are preserved. This makes "stranded on an old commit" +# impossible — the previous `git pull` could silently abort, this cannot. +git reset --hard origin/main +# Assert we actually advanced to the just-fetched origin tip; fail LOUDLY (not +# masked by a `| tail` in the caller) if somehow we did not. +LOCAL_HEAD="$(git rev-parse HEAD)" +ORIGIN_HEAD="$(git rev-parse origin/main)" +if [ "$LOCAL_HEAD" != "$ORIGIN_HEAD" ]; then + echo "FATAL: working tree is at $LOCAL_HEAD but origin/main is $ORIGIN_HEAD — deploy aborting." >&2 + exit 1 +fi +echo "Deploying commit $LOCAL_HEAD" # Single source of truth for the site header: rewrite every static page's #