diff --git a/deploy/lib/deploy-conf-handling.sh b/deploy/lib/deploy-conf-handling.sh index 7a44323..63807ff 100644 --- a/deploy/lib/deploy-conf-handling.sh +++ b/deploy/lib/deploy-conf-handling.sh @@ -29,37 +29,12 @@ ia_dev_deploy_secrets_export_from_conf() { } # ia_dev_deploy_ensure_nested_secrets_symlinks -# LeCoffre connect-db-paths expects `.secrets///` under secrets_parent. ia_dev conf often has a flat `/` tree only. -# For each site in lecoffreio, enso, genealogie: if `//` is missing and `/` is a directory, -# create `/` as a symlink to `../` (same convention as a manual `ln -sfn ../pprod lecoffreio/pprod`). -# Skips a site when a real (non-symlink) directory already exists at the nested path. +# Intentionally a no-op: nested `.secrets///` must be **real directories** (no symlinks — +# low maintainability, breaks tooling expectations). Maintain `lecoffreio|enso|genealogie//` +# as normal folders; use `deploy/scripts_v2/materialize-nested-secrets-mandatory.mjs` on the LeCoffre +# clone or copy from a canonical tree. ia_dev_deploy_ensure_nested_secrets_symlinks() { - local secrets_parent="${1:?}" - local env_name="${2:?}" - if [[ ! -d "$secrets_parent" ]]; then - return 0 - fi - if [[ ! "$env_name" =~ ^(test|pprod|prod)$ ]]; then - return 0 - fi - local flat="${secrets_parent}/${env_name}" - if [[ ! -d "$flat" ]]; then - return 0 - fi - local site nested - for site in lecoffreio enso genealogie; do - nested="${secrets_parent}/${site}/${env_name}" - if [[ -d "$nested" && ! -L "$nested" ]]; then - continue - fi - if [[ -e "$nested" && ! -L "$nested" ]]; then - echo "[ia_dev][deploy][WARN] ${nested} exists and is not a symlink or directory; skip" >&2 - continue - fi - mkdir -p "${secrets_parent}/${site}" - ln -sfn "../${env_name}" "$nested" - echo "[ia_dev][deploy] Nested secrets path: ${nested} -> ../${env_name}" >&2 - done + return 0 } # ia_dev_deploy_export_runtime_context — required handoff to project orchestrator (blocking checks below)