From 8713c7f971e45746449a5043c3df685a4bb6d356 Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 00:37:31 +0200 Subject: [PATCH 01/11] ci(runner): add docker-compose runner with self-hosted,linux labels and README --- runner/README.md | 39 +++++++++++++++++++++++++++++++++++++++ runner/docker-compose.yml | 18 ++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 runner/README.md create mode 100644 runner/docker-compose.yml diff --git a/runner/README.md b/runner/README.md new file mode 100644 index 0000000..963407c --- /dev/null +++ b/runner/README.md @@ -0,0 +1,39 @@ +# Runner Gitea (act_runner) + +Ce dossier contient une configuration prête à l'emploi pour exécuter un runner Gitea via Docker Compose. + +## Prérequis + +- Hôte Linux avec Docker et Docker Compose +- URL de l'instance Gitea et un token d'enregistrement (repo/org/instance) + +## Configuration + +1. Créez un fichier `.env` depuis l’exemple: + - `INSTANCE_URL`: ex. `https://git.4nkweb.com` + - `REGISTRATION_TOKEN`: token d'enregistrement + - (optionnel) `RUNNER_NAME`, `RUNNER_LABELS` (par défaut `self-hosted,linux`) +2. Le montage du docker.sock est déjà configuré pour exécuter les jobs en conteneurs. + +## Démarrage + +```bash +cd runner +docker compose up -d +``` + +Le runner s'enregistre automatiquement et apparaît dans Settings → Actions → Runners. + +## Arrêt / Mise à jour + +```bash +docker compose down +# Mise à jour d'image +docker compose pull && docker compose up -d +``` + +## Mode éphémère (optionnel) + +Activez `GITEA_RUNNER_EPHEMERAL=1` dans `docker-compose.yml` pour des runners jetables. + +Réf: Gitea Act Runner — https://docs.gitea.com/usage/actions/act-runner diff --git a/runner/docker-compose.yml b/runner/docker-compose.yml new file mode 100644 index 0000000..c443c12 --- /dev/null +++ b/runner/docker-compose.yml @@ -0,0 +1,18 @@ +version: "3.8" +services: + runner: + image: docker.io/gitea/act_runner:nightly + container_name: gitea-act-runner + restart: unless-stopped + env_file: .env + environment: + - GITEA_RUNNER_LABELS=${RUNNER_LABELS:-self-hosted,linux} + - GITEA_RUNNER_NAME=${RUNNER_NAME:-local-runner} + - GITEA_INSTANCE_URL=${INSTANCE_URL} + - GITEA_RUNNER_REGISTRATION_TOKEN=${REGISTRATION_TOKEN} + # Uncomment to enable ephemeral mode + # - GITEA_RUNNER_EPHEMERAL=1 + volumes: + - ./data:/data + - /var/run/docker.sock:/var/run/docker.sock + From 270ad3488c01a031c0f779c4c687a317d6ac7a47 Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 00:41:35 +0200 Subject: [PATCH 02/11] ci(runner): read env from C:\Users\Nicolas Cantu/4nk_template/.env; update README accordingly --- runner/README.md | 20 +++++++++++++++----- runner/docker-compose.yml | 4 ++-- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/runner/README.md b/runner/README.md index 963407c..828eee6 100644 --- a/runner/README.md +++ b/runner/README.md @@ -9,11 +9,21 @@ Ce dossier contient une configuration prête à l'emploi pour exécuter un runne ## Configuration -1. Créez un fichier `.env` depuis l’exemple: - - `INSTANCE_URL`: ex. `https://git.4nkweb.com` - - `REGISTRATION_TOKEN`: token d'enregistrement - - (optionnel) `RUNNER_NAME`, `RUNNER_LABELS` (par défaut `self-hosted,linux`) -2. Le montage du docker.sock est déjà configuré pour exécuter les jobs en conteneurs. +- Le runner lit un fichier .env GLOBAL: `$HOME/4nk_template/.env` (commun à tous les dépôts) + - Variables attendues dans ce fichier: + - `INSTANCE_URL` (ex: `https://git.4nkweb.com`) + - `REGISTRATION_TOKEN` (token d'enregistrement) + - `RUNNER_NAME` (optionnel) + - `RUNNER_LABELS` (optionnel, défaut: `self-hosted,linux`) +- Aucun `.env` local dans `runner/` n’est nécessaire. + +Exemple de contenu minimal: +```dotenv +INSTANCE_URL=https://git.4nkweb.com +REGISTRATION_TOKEN=... +RUNNER_NAME=$(hostname)-runner +RUNNER_LABELS=self-hosted,linux +``` ## Démarrage diff --git a/runner/docker-compose.yml b/runner/docker-compose.yml index c443c12..c7ef8ef 100644 --- a/runner/docker-compose.yml +++ b/runner/docker-compose.yml @@ -4,7 +4,8 @@ services: image: docker.io/gitea/act_runner:nightly container_name: gitea-act-runner restart: unless-stopped - env_file: .env + env_file: + - ${HOME}/4nk_template/.env environment: - GITEA_RUNNER_LABELS=${RUNNER_LABELS:-self-hosted,linux} - GITEA_RUNNER_NAME=${RUNNER_NAME:-local-runner} @@ -15,4 +16,3 @@ services: volumes: - ./data:/data - /var/run/docker.sock:/var/run/docker.sock - From 68ce80c2cfbe3ee8f9e98ce8444ee256c8402d37 Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 01:04:11 +0200 Subject: [PATCH 03/11] dev(docker): add Debian image and run_container.sh to run agents in container --- docker/Dockerfile.debian | 11 +++++++++++ scripts/dev/run_container.sh | 15 +++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 docker/Dockerfile.debian create mode 100644 scripts/dev/run_container.sh diff --git a/docker/Dockerfile.debian b/docker/Dockerfile.debian new file mode 100644 index 0000000..9f38e54 --- /dev/null +++ b/docker/Dockerfile.debian @@ -0,0 +1,11 @@ +FROM debian:12-slim + +ENV DEBIAN_FRONTEND=noninteractive +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + bash curl jq ca-certificates git \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR /work +ENTRYPOINT ["/bin/bash","-lc"] + diff --git a/scripts/dev/run_container.sh b/scripts/dev/run_container.sh new file mode 100644 index 0000000..2d543cb --- /dev/null +++ b/scripts/dev/run_container.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -euo pipefail + +IMAGE_NAME="4nk-template-dev:debian" +DOCKERFILE="docker/Dockerfile.debian" + +echo "[build] ${IMAGE_NAME}" +docker build -t "${IMAGE_NAME}" -f "${DOCKERFILE}" . + +echo "[run] launching container and executing agents" +docker run --rm -it \ + -v "${PWD}:/work" -w /work \ + "${IMAGE_NAME}" \ + "scripts/agents/run.sh; ls -la tests/reports/agents || true" + From 86ad8eb62a718c606c00ab61ba81ead77dbe264e Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 09:47:01 +0200 Subject: [PATCH 04/11] fix(agents): LF + heredocs, charge .env conteneur, nettoyage rapports --- docker-compose.dev.yml | 16 ++++++++++ docker/Dockerfile.debian | 3 +- runner/docker-compose.yml | 2 +- scripts/agents/ai_prompt.sh | 8 +++++ scripts/agents/compilation_agent.sh | 6 ++-- scripts/agents/dependances_agent.sh | 6 ++-- scripts/agents/deployment_agent.sh | 6 ++-- scripts/agents/derogations_locales_agent.sh | 6 ++-- scripts/agents/documentation_agent.sh | 6 ++-- .../agents/documents_bureautiques_agent.sh | 6 ++-- scripts/agents/donnees_csv_agent.sh | 6 ++-- scripts/agents/fondation_agent.sh | 6 ++-- scripts/agents/frontend_agent.sh | 6 ++-- scripts/agents/gitea_agent.sh | 6 ++-- scripts/agents/open_source_agent.sh | 6 ++-- scripts/agents/performance_agent.sh | 6 ++-- scripts/agents/qualite_formelle.sh | 14 +++++++-- scripts/agents/quality_tech.sh | 14 +++++++-- scripts/agents/resolution_agent.sh | 6 ++-- scripts/agents/run.ps1 | 4 +-- scripts/agents/run.sh | 4 +++ scripts/agents/runner_agent.sh | 31 +++++++++++++++++++ scripts/agents/security_agent.sh | 6 ++-- scripts/agents/ssh_scripts_agent.sh | 6 ++-- scripts/agents/structure_agent.sh | 6 ++-- scripts/agents/sync_template_agent.sh | 6 ++-- scripts/agents/tests_agent.sh | 14 +++++++-- scripts/agents/versionnage_agent.sh | 6 ++-- scripts/scripts/auto-ssh-push.sh | 2 +- 29 files changed, 151 insertions(+), 69 deletions(-) create mode 100644 docker-compose.dev.yml create mode 100644 scripts/agents/runner_agent.sh diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml new file mode 100644 index 0000000..8fbe8e0 --- /dev/null +++ b/docker-compose.dev.yml @@ -0,0 +1,16 @@ +version: "3.8" +services: + dev: + build: + context: . + dockerfile: docker/Dockerfile.debian + image: 4nk-template-dev:debian + container_name: 4nk-template-dev + stdin_open: true + tty: true + working_dir: /work + volumes: + - ./:/work + - /var/run/docker.sock:/var/run/docker.sock + entrypoint: ["/bin/bash","-lc"] + command: ["sleep infinity"] diff --git a/docker/Dockerfile.debian b/docker/Dockerfile.debian index 9f38e54..b807743 100644 --- a/docker/Dockerfile.debian +++ b/docker/Dockerfile.debian @@ -3,9 +3,8 @@ FROM debian:12-slim ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update \ && apt-get install -y --no-install-recommends \ - bash curl jq ca-certificates git \ + bash curl jq ca-certificates git docker.io docker-compose-plugin \ && rm -rf /var/lib/apt/lists/* WORKDIR /work ENTRYPOINT ["/bin/bash","-lc"] - diff --git a/runner/docker-compose.yml b/runner/docker-compose.yml index c7ef8ef..b48ab14 100644 --- a/runner/docker-compose.yml +++ b/runner/docker-compose.yml @@ -5,7 +5,7 @@ services: container_name: gitea-act-runner restart: unless-stopped env_file: - - ${HOME}/4nk_template/.env + - ${USERPROFILE}/.4nk_template/.env environment: - GITEA_RUNNER_LABELS=${RUNNER_LABELS:-self-hosted,linux} - GITEA_RUNNER_NAME=${RUNNER_NAME:-local-runner} diff --git a/scripts/agents/ai_prompt.sh b/scripts/agents/ai_prompt.sh index 16449e9..f84d462 100644 --- a/scripts/agents/ai_prompt.sh +++ b/scripts/agents/ai_prompt.sh @@ -4,6 +4,14 @@ set -euo pipefail # Utilitaire générique pour appeler l'API OpenAI Chat Completions. # Prérequis: variable d'environnement OPENAI_API_KEY et curl. +# Chargement env utilisateur (~/.4nk_template/.env) pour exécutions locales/CI docke +"$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)/env/ensure_env.sh" || true +if [[ -f "${HOME}/.4nk_template/.env" ]]; then + set -a + . "${HOME}/.4nk_template/.env" + set +a +fi + for bin in curl jq; do if ! command -v "$bin" >/dev/null 2>&1; then echo "$bin manquant. Installez $bin." >&2 diff --git a/scripts/agents/compilation_agent.sh b/scripts/agents/compilation_agent.sh index 4b6f991..c7e74c2 100644 --- a/scripts/agents/compilation_agent.sh +++ b/scripts/agents/compilation_agent.sh @@ -16,11 +16,11 @@ else echo "- Étapes de compilation non détectées dans la CI (à ajouter si nécessaire)." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Précise une cadence de compilation (avant refactor/push, après update deps) et les conditions de blocage si erreurs. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/dependances_agent.sh b/scripts/agents/dependances_agent.sh index 6e48f56..5f1293e 100644 --- a/scripts/agents/dependances_agent.sh +++ b/scripts/agents/dependances_agent.sh @@ -15,11 +15,11 @@ if grep -q "security-audit" .gitea/workflows/ci.yml 2>/dev/null; then echo "- Job CI security-audit détecté." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Établis une politique de dépendances: ajout automatique si justifié, vérification des dernières versions stables, documentation des impacts (ARCHITECTURE, CONFIGURATION, CHANGELOG), et rollback. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/deployment_agent.sh b/scripts/agents/deployment_agent.sh index 71c68f3..21ce31a 100644 --- a/scripts/agents/deployment_agent.sh +++ b/scripts/agents/deployment_agent.sh @@ -17,11 +17,11 @@ for f in docs/DEPLOYMENT.md docs/RELEASE_PLAN.md .gitea/workflows/ci.yml; do done if [[ $ok -eq 1 ]]; then echo "- Pré‑requis documentaires présents." >> "$SUMMARY_FILE"; fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Établis une checklist de déploiement minimale (pré‑checks, variables, smoke tests, rollback, post‑deploy) adaptée à un template CI Gitea. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/derogations_locales_agent.sh b/scripts/agents/derogations_locales_agent.sh index 89cbef0..83e232c 100644 --- a/scripts/agents/derogations_locales_agent.sh +++ b/scripts/agents/derogations_locales_agent.sh @@ -16,11 +16,11 @@ else echo "- Aucun fichier de dérogations locales détecté." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Définis un format pour enregistrer les dérogations (path, raison, propriétaire, échéance), tolérance CI, et revue périodique. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/documentation_agent.sh b/scripts/agents/documentation_agent.sh index a4ba05f..7c426c8 100644 --- a/scripts/agents/documentation_agent.sh +++ b/scripts/agents/documentation_agent.sh @@ -22,11 +22,11 @@ else for m in "${missing[@]}"; do echo " - $m" >> "$SUMMARY_FILE"; done fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Élabore une liste courte d’améliorations documentation (INDEX à jour, traçabilité changes ↔ CHANGELOG, sections sécurité/tests/déploiement). -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/documents_bureautiques_agent.sh b/scripts/agents/documents_bureautiques_agent.sh index 4bdc1e7..f6fc469 100644 --- a/scripts/agents/documents_bureautiques_agent.sh +++ b/scripts/agents/documents_bureautiques_agent.sh @@ -19,11 +19,11 @@ else echo "- Utiliser docx2txt pour extraction et documenter dans docs/INDEX.md" >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Décris une procédure standard de traitement des .docx (docx2txt, import, traçabilité dans docs/INDEX.md) et les risques à éviter. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/donnees_csv_agent.sh b/scripts/agents/donnees_csv_agent.sh index 8b2d910..9467409 100644 --- a/scripts/agents/donnees_csv_agent.sh +++ b/scripts/agents/donnees_csv_agent.sh @@ -18,11 +18,11 @@ else echo "$csvs" | sed 's/^/ - /' >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' À partir des CSV présents (en‑têtes multi‑lignes possibles), propose une méthode pour définir toutes les colonnes, types et validations, et pointer vers les docs à mettre à jour (API, ARCHITECTURE, USAGE). -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/fondation_agent.sh b/scripts/agents/fondation_agent.sh index 68817aa..ab8b5f2 100644 --- a/scripts/agents/fondation_agent.sh +++ b/scripts/agents/fondation_agent.sh @@ -18,11 +18,11 @@ done if [[ $issues -eq 0 ]]; then echo "- Conformité éditoriale de base: OK (présence des fichiers clés)." >> "$SUMMARY_FILE"; fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Évalue la conformité éditoriale (français, pas d’exemples applicatifs, intro/conclusion) et liste 5 actions d’amélioration priorisées. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/frontend_agent.sh b/scripts/agents/frontend_agent.sh index 71b80a1..bfbdaed 100644 --- a/scripts/agents/frontend_agent.sh +++ b/scripts/agents/frontend_agent.sh @@ -9,12 +9,12 @@ SUMMARY_FILE="$OUTPUT_DIR/frontend_agent.md" echo "# Agent Frontend" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Définis des principes front: code splitting (React.lazy/Suspense), centralisation d’état (Redux/Context), abstraction des services, et tests associés. -P +EOF ) pushd "$TARGET_DIR" >/dev/null -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/gitea_agent.sh b/scripts/agents/gitea_agent.sh index cdd7081..2ba3f21 100644 --- a/scripts/agents/gitea_agent.sh +++ b/scripts/agents/gitea_agent.sh @@ -20,11 +20,11 @@ else echo "- Manquants:" >> "$SUMMARY_FILE"; for m in "${missing[@]}"; do echo " - $m" >> "$SUMMARY_FILE"; done fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Propose des vérifications CI additionnelles Gitea (lint, tests, sécurité, scripts exécutables) et notifications en cas d’échecs. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/open_source_agent.sh b/scripts/agents/open_source_agent.sh index b653f63..62e7c6a 100644 --- a/scripts/agents/open_source_agent.sh +++ b/scripts/agents/open_source_agent.sh @@ -20,11 +20,11 @@ else echo "- Manquants:" >> "$SUMMARY_FILE"; for m in "${missing[@]}"; do echo " - $m" >> "$SUMMARY_FILE"; done fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Propose une checklist pour préparer l’ouverture open source (gouvernance, CI, sécurité, documentation) compatible avec Gitea. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/performance_agent.sh b/scripts/agents/performance_agent.sh index 4982a6b..820ad8c 100644 --- a/scripts/agents/performance_agent.sh +++ b/scripts/agents/performance_agent.sh @@ -16,11 +16,11 @@ else echo "- Dossier tests/performance manquant." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Propose un plan minimal de tests de performance reproductibles (outillage, métriques, critères de succès) et archivage des rapports. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/qualite_formelle.sh b/scripts/agents/qualite_formelle.sh index 8f0d255..7ed334a 100644 --- a/scripts/agents/qualite_formelle.sh +++ b/scripts/agents/qualite_formelle.sh @@ -1,6 +1,14 @@ #!/usr/bin/env bash set -euo pipefail +# Chargement env utilisateur (~/.4nk_template/.env) +"$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)/env/ensure_env.sh" || true +if [[ -f "${HOME}/.4nk_template/.env" ]]; then + set -a + . "${HOME}/.4nk_template/.env" + set +a +fi + TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" @@ -21,11 +29,11 @@ if [[ $issues -eq 0 ]]; then echo "- Aucun problème formel bloquant détecté." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Évalue la qualité formelle (français uniquement, typographie, absence d’exemples applicatifs, intro/conclusion) et propose 5 recommandations priorisées. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/quality_tech.sh b/scripts/agents/quality_tech.sh index 5daabe0..b9a62e8 100644 --- a/scripts/agents/quality_tech.sh +++ b/scripts/agents/quality_tech.sh @@ -1,6 +1,14 @@ #!/usr/bin/env bash set -euo pipefail +# Chargement env utilisateur (~/.4nk_template/.env) +"$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)/env/ensure_env.sh" || true +if [[ -f "${HOME}/.4nk_template/.env" ]]; then + set -a + . "${HOME}/.4nk_template/.env" + set +a +fi + TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" @@ -74,11 +82,11 @@ if [[ "$HAS_SHELL_PWSH" -eq 1 && "$HAS_PWSH" -eq 1 ]]; then fi # IA (optionnelle) -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Analyse la conformité qualité technique du dépôt selon AGENTS.md et la CI. Priorise: lint/format/type-check, structure de tests, cohérence docs/CI, sécurité basique. Propose 5 actions concrètes. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/resolution_agent.sh b/scripts/agents/resolution_agent.sh index c8a8e35..d803f3b 100644 --- a/scripts/agents/resolution_agent.sh +++ b/scripts/agents/resolution_agent.sh @@ -16,11 +16,11 @@ else echo "- Dossier archive/ manquant (recommandé pour REX)." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Décris la boucle de triage complète (repro minimale, logs, bissection, hypothèses, tests ciblés, correctif, non‑régression) et quand produire un REX. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/run.ps1 b/scripts/agents/run.ps1 index 4accb1a..58d0311 100644 --- a/scripts/agents/run.ps1 +++ b/scripts/agents/run.ps1 @@ -62,7 +62,7 @@ switch ($Agent) { $required = @('LICENSE','CONTRIBUTING.md','CODE_OF_CONDUCT.md','docs/OPEN_SOURCE_CHECKLIST.md') foreach ($f in $required) { if (-not (Test-Path $f)) { $missing += $f } } $content = @('# Agent Open Source', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Pré‑requis open source présents.' } + if ($missing.Count -eq 0) { $content += '- Pre-requis open source présents.' } else { $content += '- Manquants:'; $missing | ForEach-Object { $content += " - $_" } } Write-Report 'open_source_agent.md' $content } @@ -95,7 +95,7 @@ switch ($Agent) { 'ssh-scripts' { $found = @(); $paths = @('scripts/auto-ssh-push.sh','scripts/init-ssh-env.sh','scripts/setup-ssh-ci.sh','scripts/scripts/auto-ssh-push.sh','scripts/scripts/init-ssh-env.sh','scripts/scripts/setup-ssh-ci.sh') foreach ($p in $paths) { if (Test-Path $p) { $found += $p } } - $content = @('# Agent SSH & scripts', '', '## Résultats (fallback PowerShell)') + $content = @('# Agent SSH et scripts', '', '## Résultats (fallback PowerShell)') if ($found.Count -gt 0) { $content += '- Scripts trouvés:'; $found | ForEach-Object { $content += " - $_" } } else { $content += '- Aucun script standard détecté.' } if (Test-Path 'docs/SSH_UPDATE.md') { $content += '- docs/SSH_UPDATE.md présent.' } Write-Report 'ssh_scripts_agent.md' $content diff --git a/scripts/agents/run.sh b/scripts/agents/run.sh index 38092ae..91b4cd3 100644 --- a/scripts/agents/run.sh +++ b/scripts/agents/run.sh @@ -26,6 +26,7 @@ Agents: Frontend: frontend Open source et CI: open-source, gitea, versionnage, securite, deploiement Synchronisation: sync-template, derogations-locales + Runner: runne all Par défaut: all USAGE @@ -34,6 +35,8 @@ USAGE AGENT="${3:-all}" case "$AGENT" in + runner) + "$DIR/runner_agent.sh" "$TARGET_DIR" "$OUTPUT_DIR" ;; quality-tech|qualite-technique) "$DIR/quality_tech.sh" "$TARGET_DIR" "$OUTPUT_DIR" ;; qualite-formelle|fondation) @@ -75,6 +78,7 @@ case "$AGENT" in derogations-locales) "$DIR/derogations_locales_agent.sh" "$TARGET_DIR" "$OUTPUT_DIR" ;; all) + "$DIR/runner_agent.sh" "$TARGET_DIR" "$OUTPUT_DIR" || true "$DIR/quality_tech.sh" "$TARGET_DIR" "$OUTPUT_DIR" "$DIR/qualite_formelle.sh" "$TARGET_DIR" "$OUTPUT_DIR" "$DIR/fondation_agent.sh" "$TARGET_DIR" "$OUTPUT_DIR" || true diff --git a/scripts/agents/runner_agent.sh b/scripts/agents/runner_agent.sh new file mode 100644 index 0000000..ede54ee --- /dev/null +++ b/scripts/agents/runner_agent.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash +set -euo pipefail + +TARGET_DIR="${1:-.}" +OUTPUT_DIR="${2:-tests/reports/agents}" + +mkdir -p "${OUTPUT_DIR}" +report="${OUTPUT_DIR}/runner_agent.md" + +echo "# Agent Runner" >"${report}" +echo >>"${report}" + +if ! command -v docker >/dev/null 2>&1; then + echo "- Docker non détecté sur l'hôte. Impossible de gérer le runner." >>"${report}" + exit 0 +fi + +if [[ -f "runner/docker-compose.yml" ]]; then + ( + cd runne + # Démarre (ou met à jour) le runne + docker compose up -d || true + ) + echo "- Runner démarré/présent via docker compose (runner/docker-compose.yml)." >>"${report}" +else + echo "- Fichier runner/docker-compose.yml introuvable; aucun démarrage effectué." >>"${report}" +fi + +echo "- Rapports: ${report}" >>"${report}" +exit 0 + diff --git a/scripts/agents/security_agent.sh b/scripts/agents/security_agent.sh index a83d883..dbe43e4 100644 --- a/scripts/agents/security_agent.sh +++ b/scripts/agents/security_agent.sh @@ -21,11 +21,11 @@ else echo "- scripts/security/audit.sh introuvable ou non exécutable." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' À partir d’un dépôt template, propose 5 contrôles sécurité CI/CD additionnels (secrets, permissions, dépendances, scans) et un ordre de priorité. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/ssh_scripts_agent.sh b/scripts/agents/ssh_scripts_agent.sh index 0335526..e6066af 100644 --- a/scripts/agents/ssh_scripts_agent.sh +++ b/scripts/agents/ssh_scripts_agent.sh @@ -27,11 +27,11 @@ if [[ $found -eq 0 ]]; then echo "- Scripts SSH standard introuvables (vérifier if [[ -f docs/SSH_UPDATE.md ]]; then echo "- docs/SSH_UPDATE.md présent." >> "$SUMMARY_FILE"; fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Propose une checklist de conformité SSH (permissions, secrets CI, idempotence, journalisation non sensible) et intégration de contrôles CI. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/structure_agent.sh b/scripts/agents/structure_agent.sh index 79bfe32..68eaf6d 100644 --- a/scripts/agents/structure_agent.sh +++ b/scripts/agents/structure_agent.sh @@ -21,11 +21,11 @@ else for m in "${missing[@]}"; do echo " - $m" >> "$SUMMARY_FILE"; done fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Vérifie l’alignement avec l’arborescence 4NK_node et propose 5 corrections prioritaires (créations/archives/métadonnées) si des écarts sont détectés. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/sync_template_agent.sh b/scripts/agents/sync_template_agent.sh index 5ab5b64..5cf7f12 100644 --- a/scripts/agents/sync_template_agent.sh +++ b/scripts/agents/sync_template_agent.sh @@ -22,11 +22,11 @@ else echo "- Manifeste .4nk-sync.yml manquant." >> "$SUMMARY_FILE" fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Propose une procédure de synchronisation contrôlée (PR dédiée, vérif checksums/manifest_checksum, mise à jour TEMPLATE_VERSION, mise à jour CHANGELOG/INDEX). -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/tests_agent.sh b/scripts/agents/tests_agent.sh index af5e690..5b380ea 100644 --- a/scripts/agents/tests_agent.sh +++ b/scripts/agents/tests_agent.sh @@ -1,6 +1,14 @@ #!/usr/bin/env bash set -euo pipefail +# Chargement env utilisateur (~/.4nk_template/.env) +"$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)/env/ensure_env.sh" || true +if [[ -f "${HOME}/.4nk_template/.env" ]]; then + set -a + . "${HOME}/.4nk_template/.env" + set +a +fi + TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" @@ -23,11 +31,11 @@ else for m in "${missing[@]}"; do echo " - $m" >> "$SUMMARY_FILE"; done fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Propose un plan court pour renforcer la pyramide de tests (unit, integration, connectivity, external, performance) pour ce template, avec 5 actions. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/agents/versionnage_agent.sh b/scripts/agents/versionnage_agent.sh index 26177b7..20ccbaa 100644 --- a/scripts/agents/versionnage_agent.sh +++ b/scripts/agents/versionnage_agent.sh @@ -16,11 +16,11 @@ for f in CHANGELOG.md TEMPLATE_VERSION; do done if [[ $ok -eq 1 ]]; then echo "- CHANGELOG et TEMPLATE_VERSION présents." >> "$SUMMARY_FILE"; fi -PROMPT=$(cat <<'P' +PROMPT=$(cat <<'EOF' Décris la procédure d’alignement version ↔ changelog ↔ tag git (latest vs wip) et conditions de blocage release. -P +EOF ) -"scripts/agents/ai_prompt.sh" "$PROMPT" >> "$SUMMARY_FILE" || true +scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" popd >/dev/null diff --git a/scripts/scripts/auto-ssh-push.sh b/scripts/scripts/auto-ssh-push.sh index 653b59c..f635231 100644 --- a/scripts/scripts/auto-ssh-push.sh +++ b/scripts/scripts/auto-ssh-push.sh @@ -35,7 +35,7 @@ auto_push() { # Ajouter tous les changements git add . - # Ne pas commiter si rien à commiter + # Ne pas commiter si rien à commite if [[ -z "$(git diff --cached --name-only)" ]]; then echo "ℹ️ Aucun changement indexé. Skip commit/push." return 0 From a624d091a04b17a084b9948eff4d89afea0095ef Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 09:55:40 +0200 Subject: [PATCH 05/11] =?UTF-8?q?feat(ci):=20image=20unifi=C3=A9e=20runner?= =?UTF-8?q?+agents=20(Dockerfile.ci,=20entrypoint,=20compose,=20helper)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .cursorignore | 1 + .gitignore | 1 + TEMPLATE_VERSION | 1 + docker-compose.ci.yml | 19 +++++++++++ docker/Dockerfile.ci | 26 +++++++++++++++ docker/entrypoint.ci.sh | 51 +++++++++++++++++++++++++++++ scripts/checks/version_alignment.sh | 1 + scripts/dev/run_project_ci.sh | 14 ++++++++ scripts/release/guard.sh | 1 + scripts/security/audit.sh | 1 + 10 files changed, 116 insertions(+) create mode 100644 docker-compose.ci.yml create mode 100644 docker/Dockerfile.ci create mode 100644 docker/entrypoint.ci.sh create mode 100644 scripts/dev/run_project_ci.sh diff --git a/.cursorignore b/.cursorignore index 700ef8e..82b854b 100644 --- a/.cursorignore +++ b/.cursorignore @@ -21,3 +21,4 @@ tests/reports/ !/.cursor !/AGENTS.md + diff --git a/.gitignore b/.gitignore index 5f17270..b891241 100644 --- a/.gitignore +++ b/.gitignore @@ -34,3 +34,4 @@ git-installer.exe # Ne pas ignorer .cursor ni AGENTS.md + diff --git a/TEMPLATE_VERSION b/TEMPLATE_VERSION index 408e425..1c772ff 100644 --- a/TEMPLATE_VERSION +++ b/TEMPLATE_VERSION @@ -1,2 +1,3 @@ v2025.08.3 + diff --git a/docker-compose.ci.yml b/docker-compose.ci.yml new file mode 100644 index 0000000..abf897e --- /dev/null +++ b/docker-compose.ci.yml @@ -0,0 +1,19 @@ +services: + project-ci: + build: + context: . + dockerfile: docker/Dockerfile.ci + image: 4nk-template-ci:latest + environment: + - RUNNER_MODE=${RUNNER_MODE:-agents} + - TARGET_DIR=/work + - OUTPUT_DIR=/work/tests/reports/agents + - BASE_URL + - REGISTRATION_TOKEN + volumes: + - ./:/work + - ${HOME}/.4nk_template/.env:/root/.4nk_template/.env:ro + tty: true + labels: + - "com.4nk.template=ci" + diff --git a/docker/Dockerfile.ci b/docker/Dockerfile.ci new file mode 100644 index 0000000..3842571 --- /dev/null +++ b/docker/Dockerfile.ci @@ -0,0 +1,26 @@ +FROM gitea/act_runner:nightly + +USER root + +RUN apk update || true && \ + (apk add --no-cache bash curl jq git coreutils dos2unix || \ + (apt-get update && apt-get install -y bash curl jq git coreutils dos2unix)) && \ + mkdir -p /app /work /root/.4nk_template && chmod 700 /root/.4nk_template + +WORKDIR /app + +# Copier les scripts agents +COPY scripts /work/scripts + +# Normaliser les fins de ligne et permissions +RUN find /work/scripts -type f -name "*.sh" -print0 | xargs -0 -r dos2unix -f && \ + find /work/scripts -type f -name "*.sh" -exec chmod +x {} + + +# Entrypoint unifié: lance le runner si variables présentes, sinon agents +COPY docker/entrypoint.ci.sh /entrypoint.sh +RUN dos2unix -f /entrypoint.sh && chmod +x /entrypoint.sh + +WORKDIR /work + +ENTRYPOINT ["/entrypoint.sh"] + diff --git a/docker/entrypoint.ci.sh b/docker/entrypoint.ci.sh new file mode 100644 index 0000000..43d6687 --- /dev/null +++ b/docker/entrypoint.ci.sh @@ -0,0 +1,51 @@ +#!/usr/bin/env bash +set -euo pipefail + +# Charge l'env utilisateur si monté +if [[ -f "/root/.4nk_template/.env" ]]; then + set -a + . "/root/.4nk_template/.env" + set +a +fi + +MODE="${RUNNER_MODE:-agents}" +TARGET_DIR="${TARGET_DIR:-/work}" +OUTPUT_DIR="${OUTPUT_DIR:-/work/tests/reports/agents}" + +normalize_scripts() { + if command -v dos2unix >/dev/null 2>&1; then + find /work/scripts -type f -name "*.sh" -print0 | xargs -0 -r dos2unix -f || true + fi + find /work/scripts -type f -name "*.sh" -exec chmod +x {} + || true +} + +start_runner() { + # Démarre le runner gitea/act_runner (processus au premier plan) + # Requiert : GITEA_INSTANCE_URL (BASE_URL), REGISTRATION_TOKEN ou config existante + if [[ -n "${BASE_URL:-}" && -n "${REGISTRATION_TOKEN:-}" ]]; then + act_runner register --no-interactive \ + --instance "$BASE_URL" \ + --token "$REGISTRATION_TOKEN" \ + --labels "self-hosted,linux" || true + fi + exec act_runner daemon +} + +run_agents() { + normalize_scripts + mkdir -p "$OUTPUT_DIR" + cd "$TARGET_DIR" + /work/scripts/agents/run.sh "$TARGET_DIR" "$OUTPUT_DIR" all || true + echo "Rapports disponibles dans $OUTPUT_DIR" >&2 +} + +case "$MODE" in + runner) start_runner ;; + agents) run_agents ;; + both) + start_runner & + run_agents + wait -n || true + ;; + *) run_agents ;; +esac diff --git a/scripts/checks/version_alignment.sh b/scripts/checks/version_alignment.sh index e399e72..a7907cc 100644 --- a/scripts/checks/version_alignment.sh +++ b/scripts/checks/version_alignment.sh @@ -19,3 +19,4 @@ fi echo "Version alignment OK" + diff --git a/scripts/dev/run_project_ci.sh b/scripts/dev/run_project_ci.sh new file mode 100644 index 0000000..d92d96b --- /dev/null +++ b/scripts/dev/run_project_ci.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash +set -euo pipefail + +# Build et lance le conteneur unifié (runner+agents) sur ce projet +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +ROOT_DIR="$(cd "$SCRIPT_DIR/../.." && pwd)" +cd "$ROOT_DIR" + +# Build image +docker compose -f docker-compose.ci.yml build + +# Exécuter agents par défaut +RUNNER_MODE="${RUNNER_MODE:-agents}" BASE_URL="${BASE_URL:-}" REGISTRATION_TOKEN="${REGISTRATION_TOKEN:-}" \ + docker compose -f docker-compose.ci.yml up --remove-orphans --abort-on-container-exit diff --git a/scripts/release/guard.sh b/scripts/release/guard.sh index cb5410b..fc59b08 100644 --- a/scripts/release/guard.sh +++ b/scripts/release/guard.sh @@ -64,3 +64,4 @@ esac echo "[release-guard] OK" + diff --git a/scripts/security/audit.sh b/scripts/security/audit.sh index 4dc1d4c..c705469 100644 --- a/scripts/security/audit.sh +++ b/scripts/security/audit.sh @@ -34,3 +34,4 @@ fi echo "[security-audit] terminé rc=$rc" exit $rc + From dc92b4082ad92597a1d1a9f7410e6b24f3c62cea Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 10:59:34 +0200 Subject: [PATCH 06/11] =?UTF-8?q?feat(ci,agents,docs):=20conteneur=20unifi?= =?UTF-8?q?=C3=A9=20runner+agents,=20AUTO=5FFIX,=20SCOPE,=20docs=20MAJ?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 15 +++ docker-compose.dev.yml | 16 --- docs/ARCHITECTURE.md | 2 + docs/DEPLOYMENT.md | 2 + docs/INDEX.md | 2 + docs/SECURITY_AUDIT.md | 2 + docs/TESTING.md | 2 + docs/project/AGENTS_RUNTIME.md | 16 ++- docs/project/CONFIGURATION.md | 29 +++++- docs/project/DEPLOYMENT.md | 22 ++++ docs/project/GITEA_SETUP.md | 8 +- docs/project/USAGE.md | 8 +- scripts/agents/common.sh | 19 ++++ scripts/agents/compilation_agent.sh | 6 ++ scripts/agents/dependances_agent.sh | 6 ++ scripts/agents/deployment_agent.sh | 6 ++ scripts/agents/documentation_agent.sh | 20 ++++ scripts/agents/frontend_agent.sh | 6 ++ scripts/agents/gitea_agent.sh | 6 ++ scripts/agents/open_source_agent.sh | 6 ++ scripts/agents/quality_tech.sh | 3 + scripts/agents/run.ps1 | 140 -------------------------- scripts/agents/security_agent.sh | 6 ++ scripts/agents/ssh_scripts_agent.sh | 6 ++ scripts/agents/structure_agent.sh | 6 ++ scripts/agents/tests_agent.sh | 9 ++ scripts/agents/versionnage_agent.sh | 6 ++ 27 files changed, 210 insertions(+), 165 deletions(-) delete mode 100644 docker-compose.dev.yml create mode 100644 docs/ARCHITECTURE.md create mode 100644 docs/DEPLOYMENT.md create mode 100644 docs/INDEX.md create mode 100644 docs/SECURITY_AUDIT.md create mode 100644 docs/TESTING.md create mode 100644 scripts/agents/common.sh delete mode 100644 scripts/agents/run.ps1 diff --git a/README.md b/README.md index 523f3bf..179792b 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,21 @@ Fallback Windows: `scripts/agents/run.ps1`. Guide complet: `docs/project/AGENTS_RUNTIME.md`. +## 🐳 Conteneur unifié (runner + agents) + +```bash +# Build +docker compose -f docker-compose.ci.yml build + +# Exécuter les agents sur le dépôt courant +docker compose -f docker-compose.ci.yml up --abort-on-container-exit +# Rapports: tests/reports/agents/*.md + +# Lancer le runner dans ce conteneur +RUNNER_MODE=runner BASE_URL="https://git.4nkweb.com" REGISTRATION_TOKEN="" \ + docker compose -f docker-compose.ci.yml up -d +``` + ## 🔁 CI/CD (Gitea Actions) - Runners: labels requis `self-hosted,linux` (voir `docs/project/GITEA_SETUP.md`) diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml deleted file mode 100644 index 8fbe8e0..0000000 --- a/docker-compose.dev.yml +++ /dev/null @@ -1,16 +0,0 @@ -version: "3.8" -services: - dev: - build: - context: . - dockerfile: docker/Dockerfile.debian - image: 4nk-template-dev:debian - container_name: 4nk-template-dev - stdin_open: true - tty: true - working_dir: /work - volumes: - - ./:/work - - /var/run/docker.sock:/var/run/docker.sock - entrypoint: ["/bin/bash","-lc"] - command: ["sleep infinity"] diff --git a/docs/ARCHITECTURE.md b/docs/ARCHITECTURE.md new file mode 100644 index 0000000..a2dc5cd --- /dev/null +++ b/docs/ARCHITECTURE.md @@ -0,0 +1,2 @@ +# Architecture + diff --git a/docs/DEPLOYMENT.md b/docs/DEPLOYMENT.md new file mode 100644 index 0000000..bd32249 --- /dev/null +++ b/docs/DEPLOYMENT.md @@ -0,0 +1,2 @@ +# Déploiement + diff --git a/docs/INDEX.md b/docs/INDEX.md new file mode 100644 index 0000000..2061bac --- /dev/null +++ b/docs/INDEX.md @@ -0,0 +1,2 @@ +# Index + diff --git a/docs/SECURITY_AUDIT.md b/docs/SECURITY_AUDIT.md new file mode 100644 index 0000000..26ad0e3 --- /dev/null +++ b/docs/SECURITY_AUDIT.md @@ -0,0 +1,2 @@ +# Security Audit + diff --git a/docs/TESTING.md b/docs/TESTING.md new file mode 100644 index 0000000..5932b40 --- /dev/null +++ b/docs/TESTING.md @@ -0,0 +1,2 @@ +# Tests + diff --git a/docs/project/AGENTS_RUNTIME.md b/docs/project/AGENTS_RUNTIME.md index 1528ce5..f63c5d7 100644 --- a/docs/project/AGENTS_RUNTIME.md +++ b/docs/project/AGENTS_RUNTIME.md @@ -12,6 +12,7 @@ Ce guide décrit comment utiliser et intégrer les agents de conformité (qualit - bash disponible (Git Bash/WSL/Linux/macOS) pour les contrôles complets - (Optionnel) `OPENAI_API_KEY` pour activer l’analyse IA +- (Option) conteneur unifié runner+agents: `docker-compose.ci.yml` ## 3. Commandes @@ -23,6 +24,11 @@ Ce guide décrit comment utiliser et intégrer les agents de conformité (qualit - `scripts/agents/run.ps1` - Options (facultatives): `-TargetDir . -OutputDir tests/reports/agents -Agent ` +- Conteneur unifié: + - Build: `docker compose -f docker-compose.ci.yml build` + - Exécuter agents: `docker compose -f docker-compose.ci.yml up --abort-on-container-exit` + - Lancer runner: `RUNNER_MODE=runner BASE_URL=... REGISTRATION_TOKEN=... docker compose -f docker-compose.ci.yml up -d` + ## 4. Agents disponibles - Documentation (`documentation`): fichiers essentiels et index @@ -53,12 +59,20 @@ Ce guide décrit comment utiliser et intégrer les agents de conformité (qualit - `openia-agents`: agents avec IA si `OPENAI_API_KEY` fourni - `bash-required`: bloque si bash/runner absent - `release-guard`: dépend des checks en amont + - (Option) étape pour builder/lancer `docker-compose.ci.yml` si utilisation du conteneur unifié ## 7. Paramètres IA (optionnels) - `OPENAI_API_KEY`, `OPENAI_MODEL`, `OPENAI_API_BASE`, `OPENAI_TEMPERATURE` -## 8. Bonnes pratiques +## 8. Auto‑corrections (optionnelles) + +- `AUTO_FIX=1` permet aux agents d’appliquer des corrections minimales: + - création des dossiers `tests/**` manquants + - génération de squelettes Markdown basiques pour quelques fichiers de `docs/` +- Traçabilité: les actions sont listées dans les rapports `tests/reports/agents/*.md` + +## 9. Bonnes pratiques - Exécuter les agents avant chaque PR - Archiver les rapports significatifs diff --git a/docs/project/CONFIGURATION.md b/docs/project/CONFIGURATION.md index f876a2e..543ba0c 100644 --- a/docs/project/CONFIGURATION.md +++ b/docs/project/CONFIGURATION.md @@ -3,9 +3,21 @@ ## Variables d’environnement (CI) - Secrets CI uniquement (pas de secrets en clair) -- Variables agents : OPENAI_API_KEY, OPENAI_MODEL, OPENAI_API_BASE, OPENAI_TEMPERATURE -- Secret release: RELEASE_TOKEN (publication des releases via l’API Gitea) -- Variable optionnelle: BASE_URL (ex: `https://git.4nkweb.com`) +- **Agents IA**: `OPENAI_API_KEY`, `OPENAI_MODEL`, `OPENAI_API_BASE`, `OPENAI_TEMPERATURE` +- **Release**: `RELEASE_TOKEN` (publication des releases via l’API Gitea) +- **Forge**: `BASE_URL` (ex: `https://git.4nkweb.com`) +- **Runner unifié**: + - `RUNNER_MODE` = `agents` | `runner` | `both` (par défaut: `agents`) + - `REGISTRATION_TOKEN` (requis si `RUNNER_MODE=runner` ou `both` sans config existante) + +## Variables d’environnement (agents) + +- `AUTO_FIX` (0/1, défaut 0): active les corrections automatiques côté agents + - Création de la structure `tests/**` manquante + - Génération de squelettes minimalistes pour certains fichiers de `docs/` +- `SCOPE` (`all`|`changed`, défaut `all`): + - `all`: passe sur l’ensemble du dépôt + - `changed`: focalise les contrôles/corrections sur les fichiers modifiés du dernier commit ## Conventions @@ -17,6 +29,17 @@ - bash requis (job CI `bash-required`) - Fallback PowerShell utilisable localement +## Conteneur unifié (runner+agents) + +- Image: construite via `docker/Dockerfile.ci`, orchestrée par `docker-compose.ci.yml` +- Montage: le projet courant est monté sur `/work`, les rapports dans `/work/tests/reports/agents` +- Secrets locaux: `~/.4nk_template/.env` monté en lecture seule dans le conteneur + +Variables utilisées par l’entrypoint `docker/entrypoint.ci.sh`: + +- `RUNNER_MODE` détermine le mode d’exécution +- `BASE_URL` et `REGISTRATION_TOKEN` servent à l’enregistrement du runner (act_runner) + ## Gestion locale des secrets (~/.4nk_template/.env) - Modèle fourni: `scripts/env/.env.template` (clés sans valeurs) diff --git a/docs/project/DEPLOYMENT.md b/docs/project/DEPLOYMENT.md index 81438df..7965ba5 100644 --- a/docs/project/DEPLOYMENT.md +++ b/docs/project/DEPLOYMENT.md @@ -47,3 +47,25 @@ bash scripts/deploy/setup.sh git@host:org/mon-projet.git --dest ~/work --force - Vérification santé/logs/dashboards - Suivi des erreurs et retours + +## Conteneur unifié (runner + agents) + +- Build: + +```bash +docker compose -f docker-compose.ci.yml build +``` + +- Exécuter les agents sur le dépôt courant: + +```bash +docker compose -f docker-compose.ci.yml up --abort-on-container-exit +# Rapports: tests/reports/agents/*.md +``` + +- Lancer le runner dans le conteneur unifié: + +```bash +export RUNNER_MODE=runner BASE_URL="https://git.4nkweb.com" REGISTRATION_TOKEN="" +docker compose -f docker-compose.ci.yml up -d +``` diff --git a/docs/project/GITEA_SETUP.md b/docs/project/GITEA_SETUP.md index 42dcef1..d44df66 100644 --- a/docs/project/GITEA_SETUP.md +++ b/docs/project/GITEA_SETUP.md @@ -25,15 +25,17 @@ ### Runner Gitea (labels) - Configurez votre runner avec labels: `self-hosted,linux` -- Exemple (act_runner): - - Enregistrement: `./act_runner register --labels "self-hosted,linux"` - - Service: définissez `RUNNER_LABELS="self-hosted,linux"` +- Option A (runner dédié): `gitea/act_runner` via docker-compose dans `runner/` +- Option B (conteneur unifié): `RUNNER_MODE=runner` dans `docker-compose.ci.yml` + `BASE_URL` et `REGISTRATION_TOKEN` + - Enregistrement (automatisé par entrypoint si variables présentes) + - Démarrage: `docker compose -f docker-compose.ci.yml up -d` ## 4. Workflows requis - `code-quality`, `unit-tests`, `documentation-tests`, `security-audit` - `deployment-checks`, `bash-required`, `markdownlint`, `release-guard`, `release-create` - (Optionnels) `agents-smoke`, `openia-agents` +- (Conteneur unifié) job custom pour builder et lancer `docker-compose.ci.yml` si nécessaire ## 5. Processus PR diff --git a/docs/project/USAGE.md b/docs/project/USAGE.md index 6ddee72..83c6033 100644 --- a/docs/project/USAGE.md +++ b/docs/project/USAGE.md @@ -25,8 +25,12 @@ Ce document explique comment utiliser le template pour initier, documenter, cont - Recommandé (bash): `scripts/agents/run.sh [target_dir] [output_dir] [agent]` - Windows fallback: `scripts/agents/run.ps1 -TargetDir . -OutputDir tests/reports/agents -Agent ` -- Rapports: `tests/reports/agents/*.md` -- Agents utiles en premier passage: `documentation`, `quality-technique`, `open-source`, `securite`, `deploiement` +- Conteneur (option): `docker compose -f docker-compose.ci.yml up --abort-on-container-exit` + - Rapports: `tests/reports/agents/*.md` + - Variables utiles: `RUNNER_MODE`, `BASE_URL`, `REGISTRATION_TOKEN` + - Script helper: `scripts/dev/run_project_ci.sh` + - Auto‑corrections: `AUTO_FIX=1` pour créer la structure de tests et des squelettes docs + - Agents utiles en premier passage: `documentation`, `quality-technique`, `open-source`, `securite`, `deploiement` ## 5. Qualité et CI diff --git a/scripts/agents/common.sh b/scripts/agents/common.sh new file mode 100644 index 0000000..e918815 --- /dev/null +++ b/scripts/agents/common.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash +set -euo pipefail + +# Portée des contrôles: all (défaut) ou changed +export SCOPE="${SCOPE:-all}" + +list_changed_paths() { + # Renvoie la liste des chemins modifiés (HEAD~1..HEAD), ou vide si non dispo + git diff --name-only HEAD~1..HEAD 2>/dev/null || true +} + +is_path_changed() { + local path="$1" + if [[ "$SCOPE" != "changed" ]]; then return 0; fi + local changed + changed=$(list_changed_paths) + if [[ -z "$changed" ]]; then return 0; fi + grep -q "^${path%/}\(/\|$\)" <<<"$changed" && return 0 || return 1 +} diff --git a/scripts/agents/compilation_agent.sh b/scripts/agents/compilation_agent.sh index c7e74c2..65f005c 100644 --- a/scripts/agents/compilation_agent.sh +++ b/scripts/agents/compilation_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/compilation_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Compilation" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(.gitea/workflows/ci.yml) + any=0; for p in "${relevant[@]}"; do if is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement compilation CI (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi if grep -q "cargo" .gitea/workflows/ci.yml 2>/dev/null; then echo "- Étapes de build/format/clippy Rust détectées dans la CI." >> "$SUMMARY_FILE" else diff --git a/scripts/agents/dependances_agent.sh b/scripts/agents/dependances_agent.sh index 5f1293e..65786c4 100644 --- a/scripts/agents/dependances_agent.sh +++ b/scripts/agents/dependances_agent.sh @@ -5,12 +5,18 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/dependances_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Dépendances" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" echo "- Vérifier régulièrement les dépendances (audit sécurité, mises à jour stables)." >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(package.json package-lock.json pnpm-lock.yaml yarn.lock requirements.txt pyproject.toml Cargo.toml go.mod .gitea/workflows/ci.yml) + any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement dépendances/CI (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi if grep -q "security-audit" .gitea/workflows/ci.yml 2>/dev/null; then echo "- Job CI security-audit détecté." >> "$SUMMARY_FILE" fi diff --git a/scripts/agents/deployment_agent.sh b/scripts/agents/deployment_agent.sh index 21ce31a..623d19b 100644 --- a/scripts/agents/deployment_agent.sh +++ b/scripts/agents/deployment_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/deployment_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Déploiement" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(docs/DEPLOYMENT.md docs/RELEASE_PLAN.md .gitea/workflows/ci.yml) + any=0; for p in "${relevant[@]}"; do if is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi echo "## Résultats locaux" >> "$SUMMARY_FILE" ok=1 for f in docs/DEPLOYMENT.md docs/RELEASE_PLAN.md .gitea/workflows/ci.yml; do diff --git a/scripts/agents/documentation_agent.sh b/scripts/agents/documentation_agent.sh index 7c426c8..efbe5c5 100644 --- a/scripts/agents/documentation_agent.sh +++ b/scripts/agents/documentation_agent.sh @@ -5,6 +5,7 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/documentation_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Documentation" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" @@ -20,6 +21,25 @@ if ((${#missing[@]}==0)); then else echo "- Fichiers manquants:" >> "$SUMMARY_FILE" for m in "${missing[@]}"; do echo " - $m" >> "$SUMMARY_FILE"; done + if [[ "${AUTO_FIX:-0}" == "1" ]]; then + echo >> "$SUMMARY_FILE" + echo "## Auto‑corrections" >> "$SUMMARY_FILE" + for m in "${missing[@]}"; do + case "$m" in + docs/INDEX.md) + mkdir -p docs && printf "# Index\n\n" > "$m" && echo "- Créé squelette: $m" >> "$SUMMARY_FILE" ;; + docs/ARCHITECTURE.md) + mkdir -p docs && printf "# Architecture\n\n" > "$m" && echo "- Créé squelette: $m" >> "$SUMMARY_FILE" ;; + docs/TESTING.md) + mkdir -p docs && printf "# Tests\n\n" > "$m" && echo "- Créé squelette: $m" >> "$SUMMARY_FILE" ;; + docs/SECURITY_AUDIT.md) + mkdir -p docs && printf "# Security Audit\n\n" > "$m" && echo "- Créé squelette: $m" >> "$SUMMARY_FILE" ;; + docs/DEPLOYMENT.md) + mkdir -p docs && printf "# Déploiement\n\n" > "$m" && echo "- Créé squelette: $m" >> "$SUMMARY_FILE" ;; + *) : ;; + esac + done + fi fi PROMPT=$(cat <<'EOF' diff --git a/scripts/agents/frontend_agent.sh b/scripts/agents/frontend_agent.sh index bfbdaed..d101a89 100644 --- a/scripts/agents/frontend_agent.sh +++ b/scripts/agents/frontend_agent.sh @@ -5,6 +5,7 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/frontend_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Frontend" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" @@ -14,6 +15,11 @@ Définis des principes front: code splitting (React.lazy/Suspense), centralisati EOF ) pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(package.json tsconfig.json src/) + any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement frontend pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true echo "Rapport: $SUMMARY_FILE" diff --git a/scripts/agents/gitea_agent.sh b/scripts/agents/gitea_agent.sh index 2ba3f21..3dbbcdb 100644 --- a/scripts/agents/gitea_agent.sh +++ b/scripts/agents/gitea_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/gitea_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Gitea" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(.gitea/ISSUE_TEMPLATE/bug_report.md .gitea/ISSUE_TEMPLATE/feature_request.md .gitea/PULL_REQUEST_TEMPLATE.md .gitea/workflows/ci.yml) + any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement Gitea pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi need=(.gitea/ISSUE_TEMPLATE/bug_report.md .gitea/ISSUE_TEMPLATE/feature_request.md .gitea/PULL_REQUEST_TEMPLATE.md .gitea/workflows/ci.yml) missing=() for f in "${need[@]}"; do [[ -f "$f" ]] || missing+=("$f"); done diff --git a/scripts/agents/open_source_agent.sh b/scripts/agents/open_source_agent.sh index 62e7c6a..15b65e2 100644 --- a/scripts/agents/open_source_agent.sh +++ b/scripts/agents/open_source_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/open_source_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Open Source" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(LICENSE CONTRIBUTING.md CODE_OF_CONDUCT.md docs/OPEN_SOURCE_CHECKLIST.md) + any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement open source pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi need=(LICENSE CONTRIBUTING.md CODE_OF_CONDUCT.md docs/OPEN_SOURCE_CHECKLIST.md) missing=() for f in "${need[@]}"; do [[ -f "$f" ]] || missing+=("$f"); done diff --git a/scripts/agents/quality_tech.sh b/scripts/agents/quality_tech.sh index b9a62e8..a365f4d 100644 --- a/scripts/agents/quality_tech.sh +++ b/scripts/agents/quality_tech.sh @@ -9,6 +9,9 @@ if [[ -f "${HOME}/.4nk_template/.env" ]]; then set +a fi +# Portée (all|changed) +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true + TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" diff --git a/scripts/agents/run.ps1 b/scripts/agents/run.ps1 deleted file mode 100644 index 58d0311..0000000 --- a/scripts/agents/run.ps1 +++ /dev/null @@ -1,140 +0,0 @@ -Param( - [string]$TargetDir='.', - [string]$OutputDir='tests/reports/agents', - [string]$Agent='all' -) - -$bashOk = $false -try { - & bash -lc 'echo ok' | Out-Null - if ($LASTEXITCODE -eq 0) { $bashOk = $true } -} catch {} - -if ($bashOk) { - & bash "scripts/agents/run.sh" $TargetDir $OutputDir $Agent - exit $LASTEXITCODE -} - -# Fallback PowerShell (best-effort) lorsque bash n'est pas disponible -New-Item -ItemType Directory -Force -Path $OutputDir | Out-Null - -function Write-Report($name, $lines) { - $file = Join-Path $OutputDir $name - $lines | Out-File -FilePath $file -Encoding UTF8 -Force - Write-Host "Rapport: $file" -} - -Set-Location $TargetDir - -switch ($Agent) { - 'documentation' { - $missing = @() - $required = @('docs/INDEX.md','docs/project/INDEX.md','docs/templates/INDEX.md') - foreach ($f in $required) { if (-not (Test-Path $f)) { $missing += $f } } - $content = @('# Agent Documentation', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Documentation essentielle présente.' } - else { $content += '- Fichiers manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'documentation_agent.md' $content - } - 'tests' { - $need = @('tests/unit','tests/integration','tests/connectivity','tests/external','tests/performance','tests/logs','tests/reports') - $missing = @(); foreach ($d in $need) { if (-not (Test-Path $d)) { $missing += $d } } - $content = @('# Agent Tests', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Structure de tests conforme.' } else { $content += '- Dossiers manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'tests_agent.md' $content - } - 'performance' { - $content = @('# Agent Performance', '', '## Résultats (fallback PowerShell)') - if (Test-Path 'tests/performance') { $content += '- tests/performance présent.' } else { $content += '- tests/performance manquant.' } - Write-Report 'performance_agent.md' $content - } - 'quality-technique' { - $missing = @() - $required = @('README.md','LICENSE','CONTRIBUTING.md','CODE_OF_CONDUCT.md','CHANGELOG.md','.gitea/workflows/ci.yml') - foreach ($f in $required) { if (-not (Test-Path $f)) { $missing += $f } } - $content = @('# Agent Qualité technique', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Fichiers de base présents.' } - else { $content += '- Fichiers manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'quality_tech.md' $content - } - 'open-source' { - $missing = @() - $required = @('LICENSE','CONTRIBUTING.md','CODE_OF_CONDUCT.md','docs/OPEN_SOURCE_CHECKLIST.md') - foreach ($f in $required) { if (-not (Test-Path $f)) { $missing += $f } } - $content = @('# Agent Open Source', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Pre-requis open source présents.' } - else { $content += '- Manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'open_source_agent.md' $content - } - 'securite' { - $missing = @(); foreach ($f in @('docs/SECURITY_AUDIT.md','.gitea/workflows/ci.yml')) { if (-not (Test-Path $f)) { $missing += $f } } - $content = @('# Agent Sécurité', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Socle sécurité et CI présents.' } else { $content += '- Manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'security_agent.md' $content - } - 'deploiement' { - $missing = @(); foreach ($f in @('docs/DEPLOYMENT.md','.gitea/workflows/ci.yml')) { if (-not (Test-Path $f)) { $missing += $f } } - $content = @('# Agent Déploiement', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Documentation et CI de déploiement présentes (à valider).' } else { $content += '- Manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'deployment_agent.md' $content - } - 'dependances' { - $content = @('# Agent Dépendances', '', '## Résultats (fallback PowerShell)','- Politique à documenter dans ARCHITECTURE/CONFIGURATION/CHANGELOG') - Write-Report 'dependances_agent.md' $content - } - 'compilation' { - $content = @('# Agent Compilation', '', '## Résultats (fallback PowerShell)') - if (Test-Path '.gitea/workflows/ci.yml') { $content += '- Étapes de build à vérifier dans la CI.' } else { $content += '- CI absente.' } - Write-Report 'compilation_agent.md' $content - } - 'resolution' { - $content = @('# Agent Résolution', '', '## Résultats (fallback PowerShell)') - if (Test-Path 'archive') { $content += '- Dossier archive/ présent pour REX.' } else { $content += '- Dossier archive/ manquant.' } - Write-Report 'resolution_agent.md' $content - } - 'ssh-scripts' { - $found = @(); $paths = @('scripts/auto-ssh-push.sh','scripts/init-ssh-env.sh','scripts/setup-ssh-ci.sh','scripts/scripts/auto-ssh-push.sh','scripts/scripts/init-ssh-env.sh','scripts/scripts/setup-ssh-ci.sh') - foreach ($p in $paths) { if (Test-Path $p) { $found += $p } } - $content = @('# Agent SSH et scripts', '', '## Résultats (fallback PowerShell)') - if ($found.Count -gt 0) { $content += '- Scripts trouvés:'; $found | ForEach-Object { $content += " - $_" } } else { $content += '- Aucun script standard détecté.' } - if (Test-Path 'docs/SSH_UPDATE.md') { $content += '- docs/SSH_UPDATE.md présent.' } - Write-Report 'ssh_scripts_agent.md' $content - } - 'frontend' { - $content = @('# Agent Frontend', '', '## Résultats (fallback PowerShell)','- Vérifier code splitting, état centralisé, abstraction services (si frontend présent).') - Write-Report 'frontend_agent.md' $content - } - 'gitea' { - $need = @('.gitea/ISSUE_TEMPLATE/bug_report.md','.gitea/ISSUE_TEMPLATE/feature_request.md','.gitea/PULL_REQUEST_TEMPLATE.md','.gitea/workflows/ci.yml') - $missing = @(); foreach ($f in $need) { if (-not (Test-Path $f)) { $missing += $f } } - $content = @('# Agent Gitea', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- Configuration Gitea présente.' } else { $content += '- Manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'gitea_agent.md' $content - } - 'versionnage' { - $missing = @(); foreach ($f in @('CHANGELOG.md','TEMPLATE_VERSION')) { if (-not (Test-Path $f)) { $missing += $f } } - $content = @('# Agent Versionnage', '', '## Résultats (fallback PowerShell)') - if ($missing.Count -eq 0) { $content += '- CHANGELOG et TEMPLATE_VERSION présents.' } else { $content += '- Manquants:'; $missing | ForEach-Object { $content += " - $_" } } - Write-Report 'versionnage_agent.md' $content - } - 'sync-template' { - $content = @('# Agent Synchronisation de template', '', '## Résultats (fallback PowerShell)') - if (Test-Path '.gitea/workflows/template-sync.yml') { $content += '- Workflow template-sync présent.' } else { $content += '- Workflow template-sync manquant.' } - if (Test-Path '.4nk-sync.yml') { $content += '- Manifeste .4nk-sync.yml présent.' } else { $content += '- Manifeste .4nk-sync.yml manquant.' } - Write-Report 'sync_template_agent.md' $content - } - 'derogations-locales' { - $content = @('# Agent Dérogations locales', '', '## Résultats (fallback PowerShell)') - if ((Test-Path 'LOCAL_OVERRIDES.yml') -or (Test-Path '.gitea/workflows/LOCAL_OVERRIDES.yml')) { $content += '- Fichier de dérogations détecté.' } else { $content += '- Aucun fichier de dérogations détecté.' } - Write-Report 'derogations_locales_agent.md' $content - } - 'all' { - foreach ($a in @('documentation','tests','performance','quality-technique','open-source','securite','deploiement','dependances','compilation','resolution','ssh-scripts','frontend','gitea','versionnage','sync-template','derogations-locales')) { - & $PSCommandPath -TargetDir $TargetDir -OutputDir $OutputDir -Agent $a - } - } - default { - Write-Error "Agent inconnu (fallback): $Agent"; exit 2 - } -} -exit 0 diff --git a/scripts/agents/security_agent.sh b/scripts/agents/security_agent.sh index dbe43e4..00de948 100644 --- a/scripts/agents/security_agent.sh +++ b/scripts/agents/security_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/security_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Sécurité" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(scripts/security/audit.sh .gitea/workflows/ci.yml docs/SECURITY_AUDIT.md) + any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement sécurité pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi echo "## Résultats locaux" >> "$SUMMARY_FILE" if [[ -x scripts/security/audit.sh ]]; then if scripts/security/audit.sh >> "$SUMMARY_FILE" 2>&1; then diff --git a/scripts/agents/ssh_scripts_agent.sh b/scripts/agents/ssh_scripts_agent.sh index e6066af..28c347e 100644 --- a/scripts/agents/ssh_scripts_agent.sh +++ b/scripts/agents/ssh_scripts_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/ssh_scripts_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent SSH & scripts" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(scripts/auto-ssh-push.sh scripts/init-ssh-env.sh scripts/setup-ssh-ci.sh docs/SSH_UPDATE.md) + any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement SSH/scripts pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi paths=( scripts/auto-ssh-push.sh scripts/init-ssh-env.sh diff --git a/scripts/agents/structure_agent.sh b/scripts/agents/structure_agent.sh index 68eaf6d..724dac8 100644 --- a/scripts/agents/structure_agent.sh +++ b/scripts/agents/structure_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/structure_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Structure" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(docs .gitea scripts CHANGELOG.md AGENTS.md) + any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement structurel pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi need=(docs .gitea scripts CHANGELOG.md AGENTS.md) missing=() for p in "${need[@]}"; do [[ -e "$p" ]] || missing+=("$p"); done diff --git a/scripts/agents/tests_agent.sh b/scripts/agents/tests_agent.sh index 5b380ea..afe6438 100644 --- a/scripts/agents/tests_agent.sh +++ b/scripts/agents/tests_agent.sh @@ -13,6 +13,7 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/tests_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Tests" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" @@ -29,6 +30,14 @@ if ((${#missing[@]}==0)); then else echo "- Dossiers manquants:" >> "$SUMMARY_FILE" for m in "${missing[@]}"; do echo " - $m" >> "$SUMMARY_FILE"; done + if [[ "${AUTO_FIX:-0}" == "1" ]]; then + echo >> "$SUMMARY_FILE" + echo "## Auto‑corrections" >> "$SUMMARY_FILE" + for m in "${missing[@]}"; do + mkdir -p "$m" && echo "- Créé: $m" >> "$SUMMARY_FILE" + done + mkdir -p tests/reports/agents tests/logs || true + fi fi PROMPT=$(cat <<'EOF' diff --git a/scripts/agents/versionnage_agent.sh b/scripts/agents/versionnage_agent.sh index 20ccbaa..02136c0 100644 --- a/scripts/agents/versionnage_agent.sh +++ b/scripts/agents/versionnage_agent.sh @@ -5,11 +5,17 @@ TARGET_DIR="${1:-.}" OUTPUT_DIR="${2:-tests/reports/agents}" mkdir -p "$OUTPUT_DIR" SUMMARY_FILE="$OUTPUT_DIR/versionnage_agent.md" +source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true echo "# Agent Versionnage" > "$SUMMARY_FILE" echo >> "$SUMMARY_FILE" pushd "$TARGET_DIR" >/dev/null +if [[ "$SCOPE" == "changed" ]]; then + relevant=(CHANGELOG.md TEMPLATE_VERSION) + any=0; for p in "${relevant[@]}"; do if is_path_changed "$p"; then any=1; break; fi; done + if [[ $any -eq 0 ]]; then echo "- Aucun changement versionnage pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi +fi ok=1 for f in CHANGELOG.md TEMPLATE_VERSION; do if [[ ! -f "$f" ]]; then echo "- Manquant: $f" >> "$SUMMARY_FILE"; ok=0; fi From 0783d30c106d727948f20b7378c7284086633e9e Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 11:01:09 +0200 Subject: [PATCH 07/11] chore(release): align TEMPLATE_VERSION to v2025.08.4 --- TEMPLATE_VERSION | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/TEMPLATE_VERSION b/TEMPLATE_VERSION index 1c772ff..0281e53 100644 --- a/TEMPLATE_VERSION +++ b/TEMPLATE_VERSION @@ -1,3 +1 @@ -v2025.08.3 - - +v2025.08.4 \ No newline at end of file From 86b01563fc02b518625012138b4dc2193e340d94 Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 11:23:38 +0200 Subject: [PATCH 08/11] =?UTF-8?q?[skip=20ci]=20chore(ci):=20CI=5FSKIP=20pa?= =?UTF-8?q?r=20d=C3=A9faut=20et=20documentation=20mise=20=C3=A0=20jour?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitea/workflows/ci.yml | 20 +++++++++++++++++--- docs/project/AGENTS_RUNTIME.md | 1 + docs/project/CONFIGURATION.md | 4 ++++ 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index bd5f628..1787dce 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -11,12 +11,14 @@ on: env: RUST_VERSION: '1.70' DOCKER_COMPOSE_VERSION: '2.20.0' + CI_SKIP: 'true' jobs: # Job de vérification du code code-quality: name: Code Quality runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code @@ -65,6 +67,7 @@ jobs: unit-tests: name: Unit Tests runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code @@ -101,6 +104,7 @@ jobs: integration-tests: name: Integration Tests runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} services: docker: @@ -148,6 +152,7 @@ jobs: security-tests: name: Security Tests runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code @@ -185,6 +190,7 @@ jobs: docker-build: name: Docker Build & Test runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} services: docker: @@ -228,6 +234,7 @@ jobs: documentation-tests: name: Documentation Tests runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code @@ -243,6 +250,7 @@ jobs: markdownlint: name: Markdown Lint runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -273,6 +281,7 @@ jobs: bash-required: name: Bash Requirement runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -290,6 +299,7 @@ jobs: agents-smoke: name: Agents Smoke (no AI) runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -310,7 +320,7 @@ jobs: openia-agents: name: Agents with OpenIA runs-on: [self-hosted, linux] - if: ${{ secrets.OPENAI_API_KEY != '' }} + if: ${{ env.CI_SKIP != 'true' && secrets.OPENAI_API_KEY != '' }} env: OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} OPENAI_MODEL: ${{ vars.OPENAI_MODEL }} @@ -334,6 +344,7 @@ jobs: deployment-checks: name: Deployment Checks runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -351,6 +362,7 @@ jobs: security-audit: name: Security Audit runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -370,6 +382,7 @@ jobs: name: Release Guard runs-on: [self-hosted, linux] needs: [code-quality, unit-tests, documentation-tests, markdownlint, security-audit, deployment-checks, bash-required] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -401,7 +414,7 @@ jobs: name: Create Release (Gitea API) runs-on: ubuntu-latest needs: [release-guard] - if: startsWith(github.ref, 'refs/tags/') + if: ${{ env.CI_SKIP != 'true' && startsWith(github.ref, 'refs/tags/') }} env: RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }} BASE_URL: ${{ vars.BASE_URL }} @@ -431,6 +444,7 @@ jobs: performance-tests: name: Performance Tests runs-on: [self-hosted, linux] + if: ${{ env.CI_SKIP != 'true' }} steps: - name: Checkout code @@ -457,7 +471,7 @@ jobs: name: Notify runs-on: [self-hosted, linux] needs: [code-quality, unit-tests, integration-tests, security-tests, docker-build, documentation-tests] - if: always() + if: ${{ env.CI_SKIP != 'true' && always() }} steps: - name: Notify success diff --git a/docs/project/AGENTS_RUNTIME.md b/docs/project/AGENTS_RUNTIME.md index f63c5d7..94ec9b4 100644 --- a/docs/project/AGENTS_RUNTIME.md +++ b/docs/project/AGENTS_RUNTIME.md @@ -77,3 +77,4 @@ Ce guide décrit comment utiliser et intégrer les agents de conformité (qualit - Exécuter les agents avant chaque PR - Archiver les rapports significatifs - Documenter les décisions dans le changelog et la doc +- Si contrôle local complet: activer `CI_SKIP=true` côté dépôt pour ne pas consommer la CI; ajouter au besoin `[skip ci]` dans les commits automatisés diff --git a/docs/project/CONFIGURATION.md b/docs/project/CONFIGURATION.md index 543ba0c..366ffcc 100644 --- a/docs/project/CONFIGURATION.md +++ b/docs/project/CONFIGURATION.md @@ -9,6 +9,10 @@ - **Runner unifié**: - `RUNNER_MODE` = `agents` | `runner` | `both` (par défaut: `agents`) - `REGISTRATION_TOKEN` (requis si `RUNNER_MODE=runner` ou `both` sans config existante) +- **Flag de gel CI**: + - `CI_SKIP` (défaut `true` dans le template): quand `true`, les jobs CI sont court‑circuités + - Définir à `false` pour réactiver la CI côté dépôt + - Alternative ponctuelle: commit message `[skip ci]` ## Variables d’environnement (agents) From ee48b95f549ef37bace0aa3dafc9fc103b482f59 Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 11:28:08 +0200 Subject: [PATCH 09/11] =?UTF-8?q?[skip=20ci]=20docs:=20int=C3=A9gration=20?= =?UTF-8?q?template,=20ex=C3=A9cution=20locale=20(hooks),=20CI=5FSKIP?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/project/AGENTS_RUNTIME.md | 7 +++++ docs/project/CONFIGURATION.md | 4 +++ docs/project/USAGE.md | 52 ++++++++++++++++++++++++++++++++++ 3 files changed, 63 insertions(+) diff --git a/docs/project/AGENTS_RUNTIME.md b/docs/project/AGENTS_RUNTIME.md index 94ec9b4..067dd15 100644 --- a/docs/project/AGENTS_RUNTIME.md +++ b/docs/project/AGENTS_RUNTIME.md @@ -29,6 +29,13 @@ Ce guide décrit comment utiliser et intégrer les agents de conformité (qualit - Exécuter agents: `docker compose -f docker-compose.ci.yml up --abort-on-container-exit` - Lancer runner: `RUNNER_MODE=runner BASE_URL=... REGISTRATION_TOKEN=... docker compose -f docker-compose.ci.yml up -d` +## 10. Intégration dans un projet existant + +```bash +bash scripts/deploy/setup.sh [--dest DIR] [--force] +# Compléter ~/.4nk_template/.env si besoin +``` + ## 4. Agents disponibles - Documentation (`documentation`): fichiers essentiels et index diff --git a/docs/project/CONFIGURATION.md b/docs/project/CONFIGURATION.md index 366ffcc..466648c 100644 --- a/docs/project/CONFIGURATION.md +++ b/docs/project/CONFIGURATION.md @@ -44,6 +44,10 @@ Variables utilisées par l’entrypoint `docker/entrypoint.ci.sh`: - `RUNNER_MODE` détermine le mode d’exécution - `BASE_URL` et `REGISTRATION_TOKEN` servent à l’enregistrement du runner (act_runner) +## Commit message — désactiver la CI ponctuellement + +- Ajouter `[skip ci]` au message de commit pour ignorer un run côté Gitea Actions + ## Gestion locale des secrets (~/.4nk_template/.env) - Modèle fourni: `scripts/env/.env.template` (clés sans valeurs) diff --git a/docs/project/USAGE.md b/docs/project/USAGE.md index 83c6033..421e2de 100644 --- a/docs/project/USAGE.md +++ b/docs/project/USAGE.md @@ -15,6 +15,14 @@ Ce document explique comment utiliser le template pour initier, documenter, cont 3) Tenir `docs/INDEX.md` et `CHANGELOG.md` à jour 4) Activer les workflows CI et vérifier `release-guard`/`security-audit` +## 2.1 Intégrer 4NK_template dans un projet existant + +```bash +# Depuis le dépôt 4NK_template +bash scripts/deploy/setup.sh [--dest DIR] [--force] +# Compléter ensuite ~/.4nk_template/.env si nécessaire (OPENAI_*, BASE_URL, RELEASE_TOKEN) +``` + ## 3. Documentation - Utiliser les squelettes de `docs/templates/**` comme base @@ -30,6 +38,50 @@ Ce document explique comment utiliser le template pour initier, documenter, cont - Variables utiles: `RUNNER_MODE`, `BASE_URL`, `REGISTRATION_TOKEN` - Script helper: `scripts/dev/run_project_ci.sh` - Auto‑corrections: `AUTO_FIX=1` pour créer la structure de tests et des squelettes docs + +## 5. Remplacer la CI par une exécution locale (recommandé) + +- CI neutre par défaut: `CI_SKIP=true` dans le workflow; réactivez en le passant à `false` côté dépôt. +- Commits: contrôles rapides avant commit +```bash +npx -y markdownlint-cli "**/*.md" --ignore "archive/**" +AUTO_FIX=1 SCOPE=changed scripts/agents/run.sh +# Ajoutez [skip ci] dans le message de commit pour éviter les runs distants +``` +- Push: contrôles complets pré‑push +```bash +AUTO_FIX=1 SCOPE=all scripts/agents/run.sh +bash scripts/security/audit.sh || true +# Si outillage présent (exemples): cargo check / go vet / npx eslint / tsc --noEmit / ruff… +bash scripts/release/guard.sh || true +``` +- Release locale (puis push tag) +```bash +echo "vYYYY.MM.P" > TEMPLATE_VERSION +git add TEMPLATE_VERSION CHANGELOG.md +git commit -m "[skip ci] chore(release): vYYYY.MM.P" +git tag -a vYYYY.MM.P -m "release: vYYYY.MM.P (latest)" +git push && git push origin vYYYY.MM.P +``` + +### Hooks conseillés + +`.git/hooks/pre-commit`: +```bash +#!/usr/bin/env bash +set -e +npx -y markdownlint-cli "**/*.md" --ignore "archive/**" +AUTO_FIX=1 SCOPE=changed scripts/agents/run.sh +``` + +`.git/hooks/pre-push`: +```bash +#!/usr/bin/env bash +set -e +AUTO_FIX=1 SCOPE=all scripts/agents/run.sh +bash scripts/security/audit.sh || true +bash scripts/release/guard.sh || true +``` - Agents utiles en premier passage: `documentation`, `quality-technique`, `open-source`, `securite`, `deploiement` ## 5. Qualité et CI From a9f4ce04853d2da4d8089458b2e40747620ee39b Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 11:29:46 +0200 Subject: [PATCH 10/11] =?UTF-8?q?[skip=20ci]=20docs:=20int=C3=A9gration=20?= =?UTF-8?q?via=20Docker,=20strat=C3=A9gies=20merge=20tags=E2=86=92branches?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/project/RELEASE_PLAN.md | 17 +++++++++++++++++ docs/project/USAGE.md | 11 +++++++++++ 2 files changed, 28 insertions(+) diff --git a/docs/project/RELEASE_PLAN.md b/docs/project/RELEASE_PLAN.md index d886b8b..10bbce2 100644 --- a/docs/project/RELEASE_PLAN.md +++ b/docs/project/RELEASE_PLAN.md @@ -16,6 +16,23 @@ - Tagging: `vX.Y.Z` ou `vX.Y.Z-wip.N` - Notes de release (résumé, changements majeurs, impacts) +### Stratégies de merge (tags → branches cibles) + +- Tag sur `main` (latest): + - Aligner `TEMPLATE_VERSION` et `CHANGELOG.md` sur la branche de travail + - Taguer `vX.Y.Z` puis merger la branche (PR) vers `main` + - Si flux local (CI désactivée): appliquer les agents en local avant tag/push + +- Tag sur `develop` (pré‑release/wip): + - Utiliser `vX.Y.Z-wip.N` pour itérer + - Merger régulièrement vers `develop`; rebase/merge planifié vers `main` pour la release finale + +### Cas particuliers + +- Merge de tag existant vers `main` ou `develop`: + - Créer une PR contenant l’alignement version/changelog correspondant au tag + - Appliquer les agents (localement si CI neutre) puis merger + ## Post‑lancement - Suivi issues/retours diff --git a/docs/project/USAGE.md b/docs/project/USAGE.md index 421e2de..4dc2098 100644 --- a/docs/project/USAGE.md +++ b/docs/project/USAGE.md @@ -23,6 +23,17 @@ bash scripts/deploy/setup.sh [--dest DIR] [--force] # Compléter ensuite ~/.4nk_template/.env si nécessaire (OPENAI_*, BASE_URL, RELEASE_TOKEN) ``` +### Intégration via Docker (recommandé) + +```bash +# Build l’image unifiée +docker compose -f docker-compose.ci.yml build + +# Appliquer le template depuis le conteneur (monter le repo projet sur /host) +docker run --rm -v "$PWD":/work -v "/chemin/vers/projet":/host 4nk-template-ci:latest \ + bash -lc "/work/scripts/deploy/setup.sh file:///host/.git --dest /host" +``` + ## 3. Documentation - Utiliser les squelettes de `docs/templates/**` comme base From 5bf8bd280c3a24b4118c676f252277fa6d847fa9 Mon Sep 17 00:00:00 2001 From: Nicolas Cantu Date: Thu, 28 Aug 2025 11:41:55 +0200 Subject: [PATCH 11/11] [skip ci] chore: finalize local changes --- .cursor/rules/41-ssh-automation.mdc | 5 +++++ .cursor/rules/42-template-sync.mdc | 6 ++++++ AGENTS.md | 11 +++++++++++ docs/project/USAGE.md | 19 ++++++++++++++++++- scripts/local/install_hooks.sh | 18 ++++++++++++++++++ scripts/local/merge_branch.sh | 25 +++++++++++++++++++++++++ scripts/local/precommit.sh | 15 +++++++++++++++ scripts/local/prepush.sh | 20 ++++++++++++++++++++ scripts/local/release_local.sh | 20 ++++++++++++++++++++ 9 files changed, 138 insertions(+), 1 deletion(-) create mode 100644 scripts/local/install_hooks.sh create mode 100644 scripts/local/merge_branch.sh create mode 100644 scripts/local/precommit.sh create mode 100644 scripts/local/prepush.sh create mode 100644 scripts/local/release_local.sh diff --git a/.cursor/rules/41-ssh-automation.mdc b/.cursor/rules/41-ssh-automation.mdc index 1a988d6..84da596 100644 --- a/.cursor/rules/41-ssh-automation.mdc +++ b/.cursor/rules/41-ssh-automation.mdc @@ -1,3 +1,8 @@ +# Règles SSH & Automatisation — Flux local + +- Interdiction de secrets en clair; secrets via `~/.4nk_template/.env` ou variables CI +- Scripts SSH conservés exécutables, journaux non sensibles +- Le flux local prime: agents exécutés avant merge/push/release; CI neutralisable via `CI_SKIP=true` et `[skip ci]` --- alwaysApply: true --- diff --git a/.cursor/rules/42-template-sync.mdc b/.cursor/rules/42-template-sync.mdc index c7cf051..386d4ec 100644 --- a/.cursor/rules/42-template-sync.mdc +++ b/.cursor/rules/42-template-sync.mdc @@ -25,6 +25,9 @@ Tous les projets issus de 4NK_project_template. Contrôle de l’alignement sur - Erreur bloquante si un path requis n’existe pas après sync. - Erreur bloquante si tests/CI signalent des scripts non exécutables ou des fichiers sensibles. +[note] +Les validations CI peuvent être remplacées par l’exécution locale des agents (AUTO_FIX/SCOPE) lorsque `CI_SKIP=true` est activé. Conserver une PR de synthèse et la traçabilité dans le changelog. + [artefacts concernés] - .4nk-sync.yml, TEMPLATE_VERSION, .cursor/**, .gitea/**, AGENTS.md, scripts/**, docs/SSH_UPDATE.md, CHANGELOG.md. # Synchronisation de template (4NK) @@ -49,5 +52,8 @@ Tous les projets issus de 4NK_project_template. Contrôle de l’alignement sur - Erreur bloquante si un path requis n’existe pas après sync. - Erreur bloquante si tests/CI signalent des scripts non exécutables ou des fichiers sensibles. +[note] +Les validations CI peuvent être remplacées par l’exécution locale des agents (AUTO_FIX/SCOPE) lorsque `CI_SKIP=true` est activé. Conserver une PR de synthèse et la traçabilité dans le changelog. + [artefacts concernés] - .4nk-sync.yml, TEMPLATE_VERSION, .cursor/**, .gitea/**, AGENTS.md, scripts/**, docs/SSH_UPDATE.md, CHANGELOG.md. diff --git a/AGENTS.md b/AGENTS.md index b3a855c..e770a8c 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -399,3 +399,14 @@ Ce `AGENTS.md` mis à jour introduit l’**Agent Synchronisation de template** e La matrice de coordination formalise les validations obligatoires pour chaque type de changement, garantissant cohérence structurelle, qualité documentaire, sécurité, traçabilité. Ainsi que la stabilité à long terme sur tous les projets issus de `4NK_project_template`. + +--- + +## Exécution locale et neutralisation de la CI + +- Les contrôles CI peuvent être remplacés par l’exécution locale des agents: `scripts/agents/run.sh` avec `AUTO_FIX=1`, `SCOPE=changed|all`. +- La CI peut être neutralisée par défaut via `CI_SKIP=true` dans le workflow; ponctuellement via des commits `[skip ci]`. +- Des hooks sont fournis pour automatiser le flux local: + - `scripts/local/precommit.sh` et `scripts/local/prepush.sh` + - installation: `bash scripts/local/install_hooks.sh` +- Un conteneur unifié (runner+agents) permet une exécution reproductible: `docker-compose.ci.yml`. diff --git a/docs/project/USAGE.md b/docs/project/USAGE.md index 4dc2098..cfbc1b1 100644 --- a/docs/project/USAGE.md +++ b/docs/project/USAGE.md @@ -93,7 +93,24 @@ AUTO_FIX=1 SCOPE=all scripts/agents/run.sh bash scripts/security/audit.sh || true bash scripts/release/guard.sh || true ``` - - Agents utiles en premier passage: `documentation`, `quality-technique`, `open-source`, `securite`, `deploiement` + +Ou installez-les automatiquement: + +```bash +bash scripts/local/install_hooks.sh +``` + +- Agents utiles en premier passage: `documentation`, `quality-technique`, `open-source`, `securite`, `deploiement` + +### Script de merge local (main/develop) + +```bash +# Merge de la branche courante vers main (valide localement avant) +bash scripts/local/merge_branch.sh main + +# Merge vers develop +bash scripts/local/merge_branch.sh develop +``` ## 5. Qualité et CI diff --git a/scripts/local/install_hooks.sh b/scripts/local/install_hooks.sh new file mode 100644 index 0000000..caed4ea --- /dev/null +++ b/scripts/local/install_hooks.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +set -euo pipefail + +REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"/.. +HOOKS_DIR="$REPO_ROOT/.git/hooks" + +mkdir -p "$HOOKS_DIR" +install_hook() { + local name="$1" src="$2" + cp -f "$src" "$HOOKS_DIR/$name" + chmod +x "$HOOKS_DIR/$name" + echo "Installed hook: $name" +} + +install_hook pre-commit "$REPO_ROOT/scripts/local/precommit.sh" +install_hook pre-push "$REPO_ROOT/scripts/local/prepush.sh" + +echo "Hooks installés." diff --git a/scripts/local/merge_branch.sh b/scripts/local/merge_branch.sh new file mode 100644 index 0000000..9275299 --- /dev/null +++ b/scripts/local/merge_branch.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +set -euo pipefail + +TARGET_BRANCH="${1:-main}" +SOURCE_BRANCH="${2:-}" + +if [[ -z "$SOURCE_BRANCH" ]]; then + SOURCE_BRANCH="$(git rev-parse --abbrev-ref HEAD)" +fi + +if [[ "$SOURCE_BRANCH" == "$TARGET_BRANCH" ]]; then + echo "Déjà sur $TARGET_BRANCH"; exit 0 +fi + +# Valider localement avant merge +AUTO_FIX="${AUTO_FIX:-1}" SCOPE="${SCOPE:-all}" scripts/agents/run.sh || true +if [ -f scripts/security/audit.sh ]; then bash scripts/security/audit.sh || true; fi + +git fetch origin --prune +git checkout "$TARGET_BRANCH" +git pull --ff-only origin "$TARGET_BRANCH" || true +git merge --no-ff "$SOURCE_BRANCH" -m "[skip ci] merge: $SOURCE_BRANCH -> $TARGET_BRANCH" +git push origin "$TARGET_BRANCH" + +echo "Merge effectué: $SOURCE_BRANCH → $TARGET_BRANCH" diff --git a/scripts/local/precommit.sh b/scripts/local/precommit.sh new file mode 100644 index 0000000..8c66efd --- /dev/null +++ b/scripts/local/precommit.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -euo pipefail + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$ROOT_DIR/.." + +# Lint Markdown (best effort) +if command -v npx >/dev/null 2>&1; then + npx -y markdownlint-cli "**/*.md" --ignore "archive/**" || true +fi + +# Agents rapides sur fichiers modifiés +AUTO_FIX="${AUTO_FIX:-1}" SCOPE="${SCOPE:-changed}" scripts/agents/run.sh + +echo "[pre-commit] OK" diff --git a/scripts/local/prepush.sh b/scripts/local/prepush.sh new file mode 100644 index 0000000..2d3d93a --- /dev/null +++ b/scripts/local/prepush.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +set -euo pipefail + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$ROOT_DIR/.." + +# Agents complets +AUTO_FIX="${AUTO_FIX:-1}" SCOPE="${SCOPE:-all}" scripts/agents/run.sh + +# Audit sécurité (best effort) +if [ -f scripts/security/audit.sh ]; then + bash scripts/security/audit.sh || true +fi + +# Release guard (dry-run logique) +if [ -f scripts/release/guard.sh ]; then + bash scripts/release/guard.sh || true +fi + +echo "[pre-push] OK" diff --git a/scripts/local/release_local.sh b/scripts/local/release_local.sh new file mode 100644 index 0000000..e3f48ed --- /dev/null +++ b/scripts/local/release_local.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +set -euo pipefail + +VERSION="${1:-}" +if [[ -z "$VERSION" ]]; then + echo "Usage: $0 vYYYY.MM.P" >&2 + exit 2 +fi + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$ROOT_DIR/.." + +echo "$VERSION" > TEMPLATE_VERSION +git add TEMPLATE_VERSION CHANGELOG.md 2>/dev/null || true +git commit -m "[skip ci] chore(release): $VERSION" || true +git tag -a "$VERSION" -m "release: $VERSION (latest)" +git push || true +git push origin "$VERSION" + +echo "Release locale préparée: $VERSION"