4nk/ia_dev
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(deploy): use lecoffreio for nested secrets symlinks (not notary)

Browse Source 
- deploy-conf-handling: symlink sites lecoffreio|enso|genealogie
- pousse: build message lists lecoffreio
- kogus docs: align mandatory secrets wording
This commit is contained in:
Nicolas Cantu 2026-04-16 10:07:17 +02:00
parent d334f0e469
commit bd604d28b8
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
deploy/lib/deploy-conf-handling.sh
View File

@ -30,8 +30,8 @@ ia_dev_deploy_secrets_export_from_conf() {
# ia_dev_deploy_ensure_nested_secrets_symlinks <secrets_parent> <env> # ia_dev_deploy_ensure_nested_secrets_symlinks <secrets_parent> <env>
# LeCoffre connect-db-paths expects `.secrets/<site>/<env>/` under secrets_parent. ia_dev conf often has a flat `<env>/` tree only. # LeCoffre connect-db-paths expects `.secrets/<site>/<env>/` under secrets_parent. ia_dev conf often has a flat `<env>/` tree only.
# For each site in notary, enso, genealogie: if `<secrets_parent>/<site>/<env>` is missing and `<secrets_parent>/<env>` is a directory, # For each site in lecoffreio, enso, genealogie: if `<secrets_parent>/<site>/<env>` is missing and `<secrets_parent>/<env>` is a directory,
# create `<site>/<env>` as a symlink to `../<env>` (same convention as a manual `ln -sfn ../pprod notary/pprod`). # create `<site>/<env>` as a symlink to `../<env>` (same convention as a manual `ln -sfn ../pprod lecoffreio/pprod`).
# Skips a site when a real (non-symlink) directory already exists at the nested path. # Skips a site when a real (non-symlink) directory already exists at the nested path.
ia_dev_deploy_ensure_nested_secrets_symlinks() { ia_dev_deploy_ensure_nested_secrets_symlinks() {
local secrets_parent="${1:?}" local secrets_parent="${1:?}"
@ -47,7 +47,7 @@ ia_dev_deploy_ensure_nested_secrets_symlinks() {
return 0 return 0
fi fi
local site nested local site nested
for site in notary enso genealogie; do for site in lecoffreio enso genealogie; do
nested="${secrets_parent}/${site}/${env_name}" nested="${secrets_parent}/${site}/${env_name}"
if [[ -d "$nested" && ! -L "$nested" ]]; then if [[ -d "$nested" && ! -L "$nested" ]]; then
continue continue

2
deploy/pousse.sh
View File

@ -148,7 +148,7 @@ if [[ ${#build_dirs[@]} -gt 0 ]]; then
fi fi
build_basename="$(basename "$abs_dir")" build_basename="$(basename "$abs_dir")"
if [[ -z "${NEXT_PUBLIC_SITE_CODE:-}" && ( "$build_basename" == "front-common" || "$build_basename" == "lecoffre-front-main" ) ]]; then if [[ -z "${NEXT_PUBLIC_SITE_CODE:-}" && ( "$build_basename" == "front-common" || "$build_basename" == "lecoffre-front-main" ) ]]; then
echo "[pousse] Building ${dir} (npm run build:all-sites: notary, enso, genealogie)..." echo "[pousse] Building ${dir} (npm run build:all-sites: lecoffreio, enso, genealogie)..."
(cd "$abs_dir" && npm run build:all-sites) || { (cd "$abs_dir" && npm run build:all-sites) || {
echo "[pousse][ERROR] build:all-sites failed in ${dir}" >&2 echo "[pousse][ERROR] build:all-sites failed in ${dir}" >&2
exit 1 exit 1

2
projects/kogus/docs/README.md
View File

@ -22,7 +22,7 @@ Ces fichiers **ne sont pas** dans **`projects/kogus/docs/`** (ni dans le wiki) :
| Fichier (nom relatif, voir `<env>`) | Rôle | | Fichier (nom relatif, voir `<env>`) | Rôle |
|-------------------------------------|--------| |-------------------------------------|--------|
| **`role-permissions-matrix-<env>.json`** | Injection / export-import de la **matrice des droits** (`role_permissions_matrix`) — API **back-admin**, voir `docs/features/secrets-devai-kogus-sites-and-imports.md`. | | **`role-permissions-matrix-<env>.json`** | Injection / export-import de la **matrice des droits** (`role_permissions_matrix`) — API **back-admin**, voir `docs/features/secrets-devai-kogus-sites-and-imports.md`. |
| **`office-deed-catalog-<env>.json`** | **Catalogue actes** / types de documents par bureau — **absent tant que non exporté** via **back-admin** `POST /api/office-deed-catalog/export-to-secrets`. Chemin sur le clone LeCoffre : **`.secrets/<site>/<env>/office-deed-catalog-<env>.json`** (ex. `.secrets/lecoffreio/test/office-deed-catalog-test.json`). **Pas** sous un dossier disque nommé **`notary`** : le code mappe **`notary``lecoffreio`**. Vérification : **GET** `/api/site-config/file-status?env=&site=`. | | **`office-deed-catalog-<env>.json`** | **Catalogue actes** — obligatoire pour **`deploy-site.sh`** (manifeste `site_env_required`). Export depuis la base : **back-admin** `POST /api/office-deed-catalog/export-to-secrets` ou lot **`POST /api/site-mandatory-artifacts/export-to-secrets`**. Chemin : **`.secrets/<site>/<env>/office-deed-catalog-<env>.json`** (ex. `.secrets/lecoffreio/test/office-deed-catalog-test.json`). Dossier disque **`lecoffreio`** (plus de segment **`notary`** côté **ia_dev** pour les symlinks secrets : voir **`ia_dev/deploy/lib/deploy-conf-handling.sh`**). Vérification : **GET** `/api/site-config/file-status?env=&site=`. |
| **`site-config-<env>.json`** | **Configuration de la ligne** `sites` (intégrations, hôtes, drapeaux) — export/import **back-admin**. | | **`site-config-<env>.json`** | **Configuration de la ligne** `sites` (intégrations, hôtes, drapeaux) — export/import **back-admin**. |
| **`seed-site-texts-<env>.ts`** | **Textes i18n** publiés via `site_texts` ; **y compris les libellés et listes liés aux tiers** (clés `thirdParty.*`, `forms.thirdParty.*`, etc., selon `docs/Deployment.md` / seeds LeCoffre). | | **`seed-site-texts-<env>.ts`** | **Textes i18n** publiés via `site_texts` ; **y compris les libellés et listes liés aux tiers** (clés `thirdParty.*`, `forms.thirdParty.*`, etc., selon `docs/Deployment.md` / seeds LeCoffre). |