feat: simplifie la configuration des workflows de déploiement et améliorer le processus de déploiement sur le serveur de production

.gitea/workflows/deploy.yml

@@ -1,83 +1,50 @@
 name: Deploy Webzine
-run-name: Deploy to ${{ inputs.deploy_target }} by @${{ github.actor }}
+run-name: Deploy to production by @${{ github.actor }}
+
 on: [push]
 
 jobs:
   # ─────────────────────────────────────────────
-  # COMPILATION — commun aux deux branches
-  # ─────────────────────────────────────────────
-  build:
-    name: Build & Push Docker Image
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # Le tag d'image dépend de la branche :
-      #   main → webzine:latest
-      - name: Set image tag
-        id: vars
-        run: |
-          echo "IMAGE_TAG=latest" >> $GITEA_OUTPUT
-          echo "ENV_LABEL=production" >> $GITEA_OUTPUT
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-        with:
-          buildkitd-config-inline: |
-            [registry."${{ vars.REGISTRY_URL }}"]
-            http = true
-            insecure = true
-
-      # Connexion au registry Gitea intégré
-      - name: Log in to Gitea Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ vars.REGISTRY_URL }}
-          username: ${{ secrets.REGISTRY_USERNAME }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
-
-      # Construction et publication de l'image Docker
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          file: ./Webzine.WebApplication/Dockerfile
-          push: true
-          tags: ${{ vars.REGISTRY_URL }}/webzine/webzine:${{ steps.vars.outputs.IMAGE_TAG }}
-          cache-from: type=registry,ref=${{ vars.REGISTRY_URL }}/webzine/webzine:buildcache-${{ steps.vars.outputs.IMAGE_TAG }}
-          cache-to: type=registry,ref=${{ vars.REGISTRY_URL }}/webzine/webzine:buildcache-${{ steps.vars.outputs.IMAGE_TAG }},mode=max
-
-    outputs:
-      image_tag: ${{ steps.vars.outputs.IMAGE_TAG }}
-      env_label: ${{ steps.vars.outputs.ENV_LABEL }}
-
-  # ─────────────────────────────────────────────
-  # DÉPLOIEMENT — Serveur de PRODUCTION (branche main)
+  # DÉPLOIEMENT — Build et démarrage sur le serveur
   # ─────────────────────────────────────────────
   deploy-production:
     name: Deploy to Production
-    needs: build
     runs-on: ubuntu-latest
 
     steps:
-      - name: Deploy via SSH to PRODUCTION server
-        uses: appleboy/ssh-action@v1.0.3
-        with:
-          host: ${{ secrets.PROD_HOST }}
-          username: ${{ secrets.PROD_USER }}
-          key: ${{ secrets.PROD_SSH_KEY }}
-          port: ${{ secrets.PROD_SSH_PORT || 22 }}
-          script: |
+      # Écriture de la clé SSH dans un fichier temporaire
+      - name: Setup SSH key
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.PROD_SSH_KEY }}" > ~/.ssh/id_prod
+          chmod 600 ~/.ssh/id_prod
+          ssh-keyscan -p ${{ secrets.PROD_SSH_PORT || 22 }} ${{ secrets.PROD_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
+
+      # Transfert du code source sur le serveur
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Upload source to server
+        run: |
+          rsync -az --delete \
+            -e "ssh -i ~/.ssh/id_prod -p ${{ secrets.PROD_SSH_PORT || 22 }} -o StrictHostKeyChecking=no" \
+            ./ \
+            ${{ secrets.PROD_USER }}@${{ secrets.PROD_HOST }}:/opt/webzine/prod/src/
+
+      # Build et redémarrage du conteneur directement sur le serveur
+      - name: Build and deploy on PRODUCTION server
+        run: |
+          ssh -i ~/.ssh/id_prod \
+              -p ${{ secrets.PROD_SSH_PORT || 22 }} \
+              -o StrictHostKeyChecking=no \
+              ${{ secrets.PROD_USER }}@${{ secrets.PROD_HOST }} << 'ENDSSH'
             set -e
 
-            echo "=== [PROD] Récupération de l'image ==="
-            docker login ${{ vars.REGISTRY_URL }} \
-              -u ${{ secrets.REGISTRY_USERNAME }} \
-              -p ${{ secrets.REGISTRY_PASSWORD }}
-
-            docker pull ${{ vars.REGISTRY_URL }}/webzine/webzine:latest
+            echo "=== [PROD] Construction de l'image ==="
+            docker build \
+              -t webzine:latest \
+              -f /opt/webzine/prod/src/Webzine.WebApplication/Dockerfile \
+              /opt/webzine/prod/src/
 
             echo "=== [PROD] Arrêt de l'ancien conteneur ==="
             docker stop webzine-prod 2>/dev/null || true
@@ -92,9 +59,10 @@ jobs:
               -v /opt/webzine/prod/data:/app/Data \
               -v /opt/webzine/prod/logs:/Logs \
               -e ASPNETCORE_ENVIRONMENT=Production \
-              ${{ vars.REGISTRY_URL }}/webzine/webzine:latest
+              webzine:latest
 
             echo "=== [PROD] Nettoyage des anciennes images ==="
             docker image prune -f
 
-            echo "=== [PROD] Déploiement terminé ==="
+            echo "=== [PROD] Déploiement terminé ==="
+          ENDSSH

.gitea/workflows/pr-endpoint-check.yml

@@ -1,11 +1,6 @@
 name: PR Endpoint Performance Check
 
-on:
-  pull_request:
-    branches:
-      - main
-      - master
-      - develop
+on: [pull_request]
 
 jobs:
   endpoint-performance-check: