From 7ca62bfc462664cde96a74d45580b6d2a0a59d22 Mon Sep 17 00:00:00 2001
From: Matthieu <mtholot19@gmail.com>
Date: Thu, 2 Apr 2026 12:16:16 +0200
Subject: [PATCH] chore(infra) : remove release artefact pipeline and baremetal
 deploy

Keep only Docker-based deployment workflow.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .gitea/workflows/release-artefact.yml | 65 ------------------
 infra/prod/deploy-release.sh          | 96 ---------------------------
 infra/prod/nginx-baremetal.conf       | 50 --------------
 3 files changed, 211 deletions(-)
 delete mode 100644 .gitea/workflows/release-artefact.yml
 delete mode 100755 infra/prod/deploy-release.sh
 delete mode 100644 infra/prod/nginx-baremetal.conf

diff --git a/.gitea/workflows/release-artefact.yml b/.gitea/workflows/release-artefact.yml
deleted file mode 100644
index 9c0f36a..0000000
--- a/.gitea/workflows/release-artefact.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-name: Build Release Artefact
-
-on:
-  push:
-    tags:
-      - "v*"
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false
-
-      - name: Setup PHP
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: "8.4"
-          extensions: mbstring, intl, pdo_pgsql, xml, curl, zip, gd
-
-      - name: Setup Node
-        uses: actions/setup-node@v4
-        with:
-          node-version: "lts/*"
-
-      - name: Install backend deps (prod)
-        env:
-          APP_ENV: prod
-          APP_DEBUG: "0"
-        run: composer install --no-dev --optimize-autoloader --no-interaction --no-scripts
-
-      - name: Build frontend (static)
-        run: |
-          cd frontend
-          npm ci
-          CI=1 NUXT_TELEMETRY_DISABLED=1 NUXT_PUBLIC_API_BASE=/api NUXT_PUBLIC_APP_BASE=/ npm run generate
-          test -f .output/public/index.html
-
-      - name: Build artefact
-        shell: bash
-        run: |
-          set -euo pipefail
-          mkdir -p release
-          tar -czf "release/lesstime-${GITHUB_REF_NAME}.tar.gz" \
-            .env \
-            bin \
-            config \
-            migrations \
-            public \
-            src \
-            vendor \
-            composer.json \
-            composer.lock \
-            symfony.lock \
-            frontend/.output
-
-      - name: Create Release
-        uses: softprops/action-gh-release@v2
-        with:
-          files: release/lesstime-${{ github.ref_name }}.tar.gz
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
diff --git a/infra/prod/deploy-release.sh b/infra/prod/deploy-release.sh
deleted file mode 100755
index 86d656b..0000000
--- a/infra/prod/deploy-release.sh
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-# Usage: ./infra/prod/deploy-release.sh v0.1.0
-# Requires: curl, tar, (optional) rsync
-#
-# Auth token: set RELEASE_TOKEN env var or create /etc/lesstime-release-token
-umask 002
-
-TAG="${1:-}"
-if [ -z "$TAG" ]; then
-  echo "Usage: $0 v0.1.0" >&2
-  exit 1
-fi
-
-REPO_OWNER="MALIO-DEV"
-REPO_NAME="Lesstime"
-GITEA_API="https://gitea.malio.fr/api/v1"
-DEPLOY_DIR="/var/www/lesstime"
-
-if [ -f /etc/lesstime-release-token ] && [ -z "${RELEASE_TOKEN:-}" ]; then
-  RELEASE_TOKEN="$(cat /etc/lesstime-release-token)"
-fi
-
-tmp_dir="$(mktemp -d)"
-cleanup() {
-  rm -rf "$tmp_dir"
-}
-trap cleanup EXIT
-
-release_json="$tmp_dir/release.json"
-curl_opts=(-sS)
-if [ -n "${RELEASE_TOKEN:-}" ]; then
-  curl_opts+=(-H "Authorization: token ${RELEASE_TOKEN}")
-fi
-curl "${curl_opts[@]}" \
-  "${GITEA_API}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${TAG}" \
-  -o "$release_json"
-
-asset_url="$(python3 - "$release_json" <<'PY'
-import json, sys
-data = json.load(open(sys.argv[1], 'r'))
-assets = data.get("assets", [])
-for a in assets:
-    name = a.get("name", "")
-    if name.startswith("lesstime-") and name.endswith(".tar.gz"):
-        print(a.get("browser_download_url", ""))
-        break
-PY
-)"
-
-if [ -z "$asset_url" ]; then
-  echo "Release asset not found for tag ${TAG}" >&2
-  exit 1
-fi
-
-archive="$tmp_dir/artefact.tar.gz"
-curl "${curl_opts[@]}" -L "$asset_url" -o "$archive"
-
-tar -xzf "$archive" -C "$tmp_dir"
-
-if command -v rsync >/dev/null 2>&1; then
-  rsync -a --delete --no-perms --no-owner --no-group \
-    --exclude ".env" \
-    --exclude ".env.local" \
-    --exclude "config/jwt" \
-    --exclude "var" \
-    "$tmp_dir"/ "$DEPLOY_DIR"/
-else
-  cp -a "$tmp_dir"/. "$DEPLOY_DIR"/
-fi
-
-# Ensure Nginx can traverse the deploy path.
-chmod o+rx "$(dirname "$DEPLOY_DIR")" "$DEPLOY_DIR" 2>/dev/null || true
-
-# Create frontend/dist symlink if needed (nginx serves from frontend/dist)
-if [ -d "${DEPLOY_DIR}/frontend/.output/public" ] && [ ! -L "${DEPLOY_DIR}/frontend/dist" ]; then
-  ln -sfn "${DEPLOY_DIR}/frontend/.output/public" "${DEPLOY_DIR}/frontend/dist"
-fi
-
-echo "Release ${TAG} deployed to ${DEPLOY_DIR}"
-
-# Ensure var/log exists and is writable by PHP (www-data)
-mkdir -p "${DEPLOY_DIR}/var/log"
-chown www-data:www-data "${DEPLOY_DIR}/var/log"
-chmod 775 "${DEPLOY_DIR}/var/log"
-
-if [ -f "${DEPLOY_DIR}/.env.local" ]; then
-  echo "Clearing cache..."
-  php "${DEPLOY_DIR}/bin/console" cache:clear --env=prod --no-debug
-
-  echo "Running migrations (if any)..."
-  php "${DEPLOY_DIR}/bin/console" doctrine:migrations:migrate --no-interaction --env=prod
-else
-  echo "Skip post-deploy: ${DEPLOY_DIR}/.env.local not found" >&2
-fi
diff --git a/infra/prod/nginx-baremetal.conf b/infra/prod/nginx-baremetal.conf
deleted file mode 100644
index ef9abd4..0000000
--- a/infra/prod/nginx-baremetal.conf
+++ /dev/null
@@ -1,50 +0,0 @@
-server {
-  listen 80;
-  listen [::]:80;
-  server_name project.malio-dev.fr;
-
-  root /var/www/lesstime/frontend/.output/public;
-  index index.html;
-
-  client_max_body_size 55m;
-
-    location ^~ /api/ {
-        root /var/www/lesstime/public;
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ^~ /bundles/ {
-        root /var/www/lesstime/public;
-        try_files $uri =404;
-    }
-
-    location = /api/login_check {
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME /var/www/lesstime/public/index.php;
-        fastcgi_param DOCUMENT_ROOT /var/www/lesstime/public;
-        fastcgi_param SCRIPT_NAME /index.php;
-        fastcgi_param PATH_INFO /login_check;
-        fastcgi_param REQUEST_URI /login_check;
-        fastcgi_pass unix:/run/php/php8.4-fpm.sock;
-    }
-
-    location ^~ /_mcp {
-        root /var/www/lesstime/public;
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ ^/index\.php(/|$) {
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME /var/www/lesstime/public/index.php;
-        fastcgi_param DOCUMENT_ROOT /var/www/lesstime/public;
-        fastcgi_pass unix:/run/php/php8.4-fpm.sock;
-    }
-
-  location ~ \.php$ {
-      return 404;
-  }
-
-  location / {
-      try_files $uri $uri/ /index.html;
-  }
-}