feat: migrate registry to gitea and simplify workflow

.gitea/workflows/deploy-api.yaml

@@ -12,107 +12,20 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Free disk space
+      - name: Push to Gitea Registry
         run: |
-          df -h
+          # Define Image Name (removes https:// and converts to lowercase)
-          sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc || true
+          IMAGE="git.simplifiquehc.com.br/${{ gitea.repository }}"
-          sudo apt-get clean || true
+          IMAGE_LOWER=$(echo "$IMAGE" | tr '[:upper:]' '[:lower:]')
-          docker system prune -af --volumes || true
-          df -h
 
-      - name: Build (develop) / Promote (main)
+          # Login to Gitea Registry (using the domain)
-        env:
+          echo "${{ secrets.GITEA }}" | docker login git.simplifiquehc.com.br -u "${{ gitea.actor }}" --password-stdin
-          REGISTRY: 172.35.0.216
-          DEV_PROJECT: vendaweb-dev
-          PROD_PROJECT: vendaweb-prod
-          IMAGE_REPO: vendaweb-api
-          PROMOTE_LEGACY: 'false'
-          HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }}
-          HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }}
-          HARBOR_DEV_USERNAME: ${{ secrets.HARBOR_DEV_USERNAME }}
-          HARBOR_DEV_PASSWORD: ${{ secrets.HARBOR_DEV_PASSWORD }}
-          HARBOR_PROD_USERNAME: ${{ secrets.HARBOR_PROD_USERNAME }}
-          HARBOR_PROD_PASSWORD: ${{ secrets.HARBOR_PROD_PASSWORD }}
-          HARBOR_LEGACY_USERNAME: ${{ secrets.HARBOR_LEGACY_USERNAME }}
-          HARBOR_LEGACY_PASSWORD: ${{ secrets.HARBOR_LEGACY_PASSWORD }}
-        run: |
-          set -euo pipefail
 
-          BRANCH="${GITHUB_REF_NAME:-${GITEA_REF_NAME:-}}"
+          # Build and Push
-          if [ -z "$BRANCH" ] && [ -n "${GITHUB_REF:-}" ]; then
+          docker build -t "$IMAGE_LOWER:latest" .
-            BRANCH="${GITHUB_REF#refs/heads/}"
+          docker push "$IMAGE_LOWER:latest"
-          fi
 
-          DEV_IMAGE="$REGISTRY/$DEV_PROJECT/$IMAGE_REPO"
+          # Optional: Use SHA tag as well
-          PROD_IMAGE="$REGISTRY/$PROD_PROJECT/$IMAGE_REPO"
-          LEGACY_IMAGE="$REGISTRY/library/$IMAGE_REPO"
-
-          DEV_USER="${HARBOR_DEV_USERNAME:-$HARBOR_USERNAME}"
-          DEV_PASS="${HARBOR_DEV_PASSWORD:-$HARBOR_PASSWORD}"
-          PROD_USER="${HARBOR_PROD_USERNAME:-$HARBOR_USERNAME}"
-          PROD_PASS="${HARBOR_PROD_PASSWORD:-$HARBOR_PASSWORD}"
-          LEGACY_USER="${HARBOR_LEGACY_USERNAME:-$PROD_USER}"
-          LEGACY_PASS="${HARBOR_LEGACY_PASSWORD:-$PROD_PASS}"
-
-          # --- Lógica para DEVELOP / HOMOLOG (Build) ---
-          if [ "$BRANCH" = "develop" ] || [ "$BRANCH" = "homolog" ]; then
           TAG=$(echo ${{ gitea.sha }} | cut -c1-7)
-
+          docker tag "$IMAGE_LOWER:latest" "$IMAGE_LOWER:$TAG"
-            echo "$DEV_PASS" | docker login "$REGISTRY" -u "$DEV_USER" --password-stdin
+          docker push "$IMAGE_LOWER:$TAG"
-            docker build -t "$DEV_IMAGE:$TAG" -f ./Dockerfile .
-            docker push "$DEV_IMAGE:$TAG"
-            docker tag "$DEV_IMAGE:$TAG" "$DEV_IMAGE:develop"
-            docker push "$DEV_IMAGE:develop"
-            exit 0
-          fi
-
-          # --- Lógica para MAIN (Promoção via Skopeo) ---
-          if [ "$BRANCH" = "main" ]; then
-            sudo apt-get update -y
-            sudo apt-get install -y skopeo
-
-            if [ -z "${DEV_USER:-}" ] || [ -z "${DEV_PASS:-}" ]; then
-              echo "Missing Harbor DEV credentials." >&2
-              exit 1
-            fi
-
-            PARENTS="$(git rev-list --parents -n 1 HEAD)"
-            set -- $PARENTS
-            SOURCE_SHA="${3:-${1:-}}"
-            TAG="$(echo "$SOURCE_SHA" | cut -c1-7)"
-
-            # Inspecionar imagem na origem (DEV) ignorando TLS
-            skopeo inspect --src-tls-verify=false --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null
-
-            # Listar tags no destino (PROD) ignorando TLS
-            skopeo list-tags --tls-verify=false --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null
-
-            # Copiar imagem de DEV para PROD (Promoção) ignorando TLS em ambos
-            skopeo copy --all \
-              --src-tls-verify=false \
-              --dest-tls-verify=false \
-              --src-creds "$DEV_USER:$DEV_PASS" \
-              --dest-creds "$PROD_USER:$PROD_PASS" \
-              "docker://$DEV_IMAGE:$TAG" \
-              "docker://$PROD_IMAGE:$TAG"
-
-            # Promoção para Legacy (se ativado)
-            if [ "${PROMOTE_LEGACY:-false}" = "true" ]; then
-              skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \
-                --src-creds "$DEV_USER:$DEV_PASS" \
-                --dest-creds "$LEGACY_USER:$LEGACY_PASS" \
-                "docker://$DEV_IMAGE:$TAG" \
-                "docker://$LEGACY_IMAGE:$TAG"
-              
-              skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \
-                --src-creds "$DEV_USER:$DEV_PASS" \
-                --dest-creds "$LEGACY_USER:$LEGACY_PASS" \
-                "docker://$DEV_IMAGE:$TAG" \
-                "docker://$LEGACY_IMAGE:latest"
-            fi
-
-            exit 0
-          fi
-
-          echo "Unsupported branch: $BRANCH" >&2
-          exit 1

k8s/base/deployment.yaml

@@ -18,7 +18,7 @@ spec:
         - name: harbor-secret
       containers:
         - name: api
-          image: 172.35.0.216/library/vendaweb-api:latest
+          image: git.simplifiquehc.com.br/simplifique/vendaweb-api:latest
           imagePullPolicy: IfNotPresent
           ports:
             - name: http

k8s/overlays/prod/kustomization.yaml

@@ -7,5 +7,4 @@ resources:
   - ../../base
 
 patches:
-  - path: deployment-image-digest-patch.yaml
   - path: service-patch.yaml