Dokploy · myagizmaktav · May 12, 2026 · May 12, 2026 · May 12, 2026 · May 12, 2026
@@ -138,6 +138,8 @@ jobs:
     needs: [combine-manifests]
     if: github.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.get_version.outputs.version }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -160,3 +162,80 @@ jobs:
           prerelease: false
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  sync-version:
+    needs: [generate-release]
+    if: github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Sync version to MCP repository
+        run: |
+          git clone https://x-access-token:${{ secrets.DOCS_SYNC_TOKEN }}@github.com/dokploy/mcp.git /tmp/mcp-repo
+          cd /tmp/mcp-repo
+
+          jq --arg v "${{ needs.generate-release.outputs.version }}" '.version = $v' package.json > package.json.tmp
+          mv package.json.tmp package.json
+
+          npm install -g pnpm
+          pnpm install
+          pnpm run fetch-openapi
+          pnpm run generate
+
+          git config user.name "Dokploy Bot"
+          git config user.email "bot@dokploy.com"
+          git add -A
+          git commit -m "chore: bump version to ${{ needs.generate-release.outputs.version }}" \
+            -m "Source: ${{ github.repository }}@${{ github.sha }}" \
+            --allow-empty
+          git push
+
+          echo "✅ MCP repo synced to version ${{ needs.generate-release.outputs.version }}"
+
+      - name: Sync version to CLI repository
+        run: |
+          git clone https://x-access-token:${{ secrets.DOCS_SYNC_TOKEN }}@github.com/dokploy/cli.git /tmp/cli-repo
+          cd /tmp/cli-repo
+
+          jq --arg v "${{ needs.generate-release.outputs.version }}" '.version = $v' package.json > package.json.tmp
+          mv package.json.tmp package.json
+
+          cp ${{ github.workspace }}/openapi.json ./openapi.json
+          npm install -g pnpm
+          pnpm install
+          pnpm run generate
+
+          git config user.name "Dokploy Bot"
+          git config user.email "bot@dokploy.com"
+          git add -A
+          git commit -m "chore: bump version to ${{ needs.generate-release.outputs.version }}" \
+            -m "Source: ${{ github.repository }}@${{ github.sha }}" \
+            --allow-empty
+          git push
+
+          echo "✅ CLI repo synced to version ${{ needs.generate-release.outputs.version }}"
+
+      - name: Sync version to SDK repository
+        run: |
+          git clone https://x-access-token:${{ secrets.DOCS_SYNC_TOKEN }}@github.com/dokploy/sdk.git /tmp/sdk-repo
+          cd /tmp/sdk-repo
+
+          jq --arg v "${{ needs.generate-release.outputs.version }}" '.version = $v' package.json > package.json.tmp
+          mv package.json.tmp package.json
+
+          cp ${{ github.workspace }}/openapi.json ./openapi.json
+          npm install -g pnpm
+          pnpm install
+          pnpm run generate
+
+          git config user.name "Dokploy Bot"
+          git config user.email "bot@dokploy.com"
+          git add -A
+          git commit -m "chore: bump version to ${{ needs.generate-release.outputs.version }}" \
+            -m "Source: ${{ github.repository }}@${{ github.sha }}" \
+            --allow-empty
+          git push
+
+          echo "✅ SDK repo synced to version ${{ needs.generate-release.outputs.version }}"
@@ -34,6 +34,7 @@ describe("Host rule format regression tests", () => {
 		stripPath: false,
 		customEntrypoint: null,
 		middlewares: null,
+		accessRules: [],
 	};
 
 	describe("Host rule format validation", () => {

@@ -23,6 +23,7 @@ describe("createDomainLabels", () => {
 		internalPath: "/",
 		stripPath: false,
 		middlewares: null,
+		accessRules: [],
 	};
 
 	it("should create basic labels for web entrypoint", async () => {
@@ -497,4 +498,30 @@ describe("createDomainLabels", () => {
 		// Should not contain redirect-to-https since there's only one router
 		expect(middlewareLabel).toBeUndefined();
 	});
+
+	it("should add router priority when access rules exist", async () => {
+		const labels = await createDomainLabels(appName, baseDomain, "web", {
+			hasAccessRules: true,
+		});
+
+		expect(labels).toContain("traefik.http.routers.test-app-1-web.priority=1");
+	});
+
+	it("should add access rule middlewares and priority", async () => {
+		const labels = await createDomainLabels(appName, baseDomain, "websecure", {
+			additionalRule: "Path(`/redirect`)",
+			additionalMiddlewares: ["rule-auth", "rule-ipallow"],
+			priority: 220,
+		});
+
+		expect(labels).toContain(
+			"traefik.http.routers.test-app-1-websecure.rule=Host(`example.com`) && (Path(`/redirect`))",
+		);
+		expect(labels).toContain(
+			"traefik.http.routers.test-app-1-websecure.middlewares=rule-auth,rule-ipallow",
+		);
+		expect(labels).toContain(
+			"traefik.http.routers.test-app-1-websecure.priority=220",
+		);
+	});
 });
@@ -148,6 +148,7 @@ const baseDomain: Domain = {
 	internalPath: "/",
 	stripPath: false,
 	middlewares: null,
+	accessRules: [],
 };
 
 const baseRedirect: Redirect = {
@@ -524,3 +525,24 @@ test("Subdomain with Russian IDN TLD converts non-ASCII part to punycode", async
 	expect(router.rule).toContain("Host(`app.xn--e1aybc.xn--p1ai`)");
 	expect(router.rule).not.toContain("тест.рф");
 });
+
+test("Access rule adds exact path and priority", async () => {
+	const router = await createRouterConfig(baseApp, baseDomain, "websecure", {
+		additionalRule: "Path(`/redirect`)",
+		additionalMiddlewares: ["access-app-1-0-rule-auth"],
+		priority: 150,
+	});
+
+	expect(router.rule).toContain("Host(``)");
+	expect(router.rule).toContain("Path(`/redirect`)");
+	expect(router.priority).toBe(150);
+	expect(router.middlewares).toContain("access-app-1-0-rule-auth");
+});
+
+test("Base router lowered when access rules exist", async () => {
+	const router = await createRouterConfig(baseApp, baseDomain, "websecure", {
+		hasAccessRules: true,
+	});
+
+	expect(router.priority).toBe(1);
+});