refactor: migrate CI/CD workflows from GitHub Actions to Gitea Actions and remove legacy workflows

2026-03-27 15:23:13 -03:00
parent 433874d11e
commit cf073be6b0
8 changed files with 96 additions and 143 deletions
--- a/.github/agents/infra.agent.md
+++ b/.github/agents/infra.agent.md
@@ -1,6 +1,6 @@
 ---
 name: infra
-description: "Use when working on Docker configuration, Docker Compose files, Dockerfiles, Nginx config, Supervisor config, GitHub Actions workflows, CI/CD pipelines, environment variables, or overall project architecture in the condado-news-letter project. Trigger phrases: docker, dockerfile, compose, nginx, ci/cd, github actions, publish image, build fails, infra, architecture, environment variables, container, supervisor, allinone image, docker hub."
+description: "Use when working on Docker configuration, Docker Compose files, Dockerfiles, Nginx config, Supervisor config, Gitea Actions workflows, CI/CD pipelines, environment variables, or overall project architecture in the condado-news-letter project. Trigger phrases: docker, dockerfile, compose, nginx, ci/cd, gitea actions, build fails, infra, architecture, environment variables, container, supervisor, allinone image."
 tools: [read, edit, search, execute, todo]
 argument-hint: "Describe the infrastructure change or Docker/CI task to implement."
 ---
@@ -21,8 +21,7 @@ You are a senior DevOps / infrastructure engineer and software architect for the
 | `frontend/nginx.docker.conf` | Nginx config embedded in frontend image |
 | `docker/supervisord.conf` | Supervisor config (manages postgres + java + nginx inside allinone) |
 | `docker/entrypoint.sh` | Allinone container entrypoint (DB init, env wiring, supervisord start) |
-| `.github/workflows/ci.yml` | CI: backend tests + frontend tests on every push/PR |
-| `.github/workflows/publish.yml` | CD: build & push allinone image to Docker Hub on `main` merge |
+| `.gitea/workflows/ci.yml` | CI: backend tests + frontend tests on pull requests to `develop` |
 | `.env.example` | Template for all environment variables |

 ## System Topology
@@ -80,14 +79,9 @@ All injected at runtime — never hardcoded in images.

 | Workflow | Trigger | What it does |
 |---|---|---|
-| `ci.yml` | Push / PR to any branch | Backend `./gradlew test` + Frontend `npm run test` |
-| `publish.yml` | Push to `main` | Builds `Dockerfile.allinone`, pushes `latest` + `<sha>` tags to Docker Hub |
+| `ci.yml` | Pull request to `develop` | Backend `./gradlew test` + Frontend `npm run test` |

-**Required GitHub Secrets:** `DOCKERHUB_USERNAME`, `DOCKERHUB_TOKEN`
-
-**Image tags on main merge:**
- `<user>/condado-newsletter:latest`
- `<user>/condado-newsletter:<git-sha>`
+Legacy publish/version workflows were removed from in-repo automation.

 ## Implementation Rules

--- a/.github/agents/orchestrator.agent.md
+++ b/.github/agents/orchestrator.agent.md
@@ -8,6 +8,8 @@ argument-hint: "Describe the feature, bug, or change to deliver end-to-end."

 You are the **delivery orchestrator** for the **Condado Abaixo da Média SA** project. You own the full lifecycle of a work item — from the moment the user describes what they want, to a merged-ready pull request with the version bumped. You never implement code yourself; you coordinate specialist agents and run git/shell commands.

+Git hosting is Gitea at `http://gitea.lab/sancho41/condado-newsletter.git`, and workflow follows strict Git Flow.
+
 ## Pipeline Overview

 ```
@@ -41,10 +43,10 @@ Announce the label before proceeding: **"Classified as: `<label>`"**
 ## Step 2 — Create Branch

 1. Verify the working tree is clean: `git status --short`. If dirty, stop and warn the user.
-2. Ensure you are on `main` and it is up to date: `git checkout main && git pull`.
+2. Ensure `main` and `develop` are up to date: `git checkout main && git pull && git checkout develop && git pull`.
 3. Create and checkout the branch:
   ```bash
-   git checkout -b <prefix>/<kebab-case-short-description>
+   git checkout -b <prefix>/<kebab-case-short-description> develop
   ```
   Branch name must be lowercase, kebab-case, max 50 chars.
 4. Announce the branch name.
@@ -118,11 +120,12 @@ Read the new version from `frontend/package.json` after bumping.
   git push -u origin <branch-name>
   ```

-2. Open a pull request using the GitHub CLI:
+2. Open a pull request targeting `develop`.
+    If `tea` (Gitea CLI) is available, use:
   ```bash
-   gh pr create \
-     --title "<conventional-commit-type>(<scope>): <short description>" \
-     --body "$(cat <<'EOF'
+    tea pr create \
+       --title "<conventional-commit-type>(<scope>): <short description>" \
+       --description "$(cat <<'EOF'
   ## Summary
   <1-3 sentences describing what was done and why>

@@ -141,9 +144,10 @@ Read the new version from `frontend/package.json` after bumping.
   - Build green: `./gradlew build` + `npm run build`
   EOF
   )" \
-     --base main \
-     --head <branch-name>
+       --base develop \
+       --head <branch-name>
   ```
+    If `tea` is unavailable, provide the exact PR title/body and instruct opening a PR in the Gitea web UI with base `develop`.

 3. Announce the PR URL.

@@ -152,13 +156,13 @@ Read the new version from `frontend/package.json` after bumping.
 ## Constraints

 - DO NOT implement any code yourself — delegate everything to specialist agents.
- DO NOT commit directly to `main`.
+- DO NOT commit directly to `main` or `develop`.
 - DO NOT use `--force`, `--no-verify`, or `git reset --hard`.
 - DO NOT proceed to the next step if the current step's tests are not green.
 - DO NOT bump the version before all implementation commits are done.
 - ALWAYS verify `git status` is clean before creating the branch.
- ALWAYS use `gh pr create` (GitHub CLI) for pull requests — never instruct the user to open one manually unless `gh` is unavailable.
- If `gh` is not installed, clearly tell the user and provide the exact PR title and body to paste into the GitHub UI.
+- ALWAYS target `develop` for regular feature/fix/chore PRs.
+- Use Gitea flow for PR creation (`tea` if available, otherwise web UI instructions with exact PR metadata).
 - ALWAYS enforce backend ownership of business/domain data; do not accept frontend browser storage solutions for domain persistence.
 - ALWAYS enforce backend-mediated LLM calls; frontend must never call LLM providers directly.

--- a/.github/agents/planner.agent.md
+++ b/.github/agents/planner.agent.md
@@ -14,7 +14,7 @@ Full-stack monorepo:
 - **Frontend:** React 18 + Vite + TypeScript + shadcn/ui + TanStack Query v5 + Axios + React Router v6
 - **Auth:** Single admin, password via `APP_PASSWORD` env var, JWT in `httpOnly` cookie
 - **Infra:** Docker Compose (dev + prod) + all-in-one Dockerfile, Nginx reverse proxy
- **CI/CD:** GitHub Actions — tests on every PR, Docker Hub publish on `main` merge
+- **CI/CD:** Gitea Actions — tests on pull requests to `develop`

 ## Your Workflow

--- a/.github/workflows/bump-version.yml
+++ b/.github/workflows/bump-version.yml
@@ -1,60 +0,0 @@
-name: Bump Frontend Version
-
-on:
-  workflow_dispatch:
-    inputs:
-      bump:
-        description: Version bump type
-        required: true
-        default: patch
-        type: choice
-        options:
-          - patch
-          - minor
-          - major
-
-permissions:
-  contents: write
-
-jobs:
-  bump-version:
-    name: Bump frontend package version
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Set up Node 20
-        uses: actions/setup-node@v4
-        with:
-          node-version: "20"
-
-      - name: Bump frontend version
-        working-directory: frontend
-        run: npm version ${{ inputs.bump }} --no-git-tag-version
-
-      - name: Commit and push version update
-        run: |
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git add frontend/package.json
-          if [ -f frontend/package-lock.json ]; then
-            git add frontend/package-lock.json
-          fi
-          if git diff --cached --quiet; then
-            echo "No version changes to commit"
-            exit 0
-          fi
-          NEW_VERSION=$(node -p "require('./frontend/package.json').version")
-          TAG_NAME="frontend-v${NEW_VERSION}"
-          git commit -m "chore(frontend): bump version to ${NEW_VERSION}"
-          if git rev-parse "${TAG_NAME}" >/dev/null 2>&1; then
-            echo "Tag ${TAG_NAME} already exists"
-            exit 1
-          fi
-          git tag -a "${TAG_NAME}" -m "Frontend ${NEW_VERSION}"
-          git push
-          git push origin "${TAG_NAME}"
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,10 +1,8 @@
 name: CI

 on:
-  push:
-    branches: ["**"]
  pull_request:
-    branches: ["**"]
+    branches: ["develop"]

 jobs:
  backend-test:
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,36 +0,0 @@
-name: Publish to Docker Hub
-
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  build-and-push:
-    name: Build & Push All-in-one Image
-    runs-on: ubuntu-latest
-    environment:
-      name: production
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Log in to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Build and push
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          file: Dockerfile.allinone
-          push: true
-          tags: |
-            ${{ secrets.DOCKERHUB_USERNAME }}/condado-newsletter:latest
-            ${{ secrets.DOCKERHUB_USERNAME }}/condado-newsletter:${{ github.sha }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max