From 1b074475504cf46963c5f182721218813bc94abf Mon Sep 17 00:00:00 2001
From: bohessefm <bohessefm@gmail.com>
Date: Sat, 21 Feb 2026 13:16:38 +0000
Subject: [PATCH] Update .forgejo/workflows/deploy.yaml

---
 .forgejo/workflows/deploy.yaml | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/.forgejo/workflows/deploy.yaml b/.forgejo/workflows/deploy.yaml
index ac0cbc5..9421276 100644
--- a/.forgejo/workflows/deploy.yaml
+++ b/.forgejo/workflows/deploy.yaml
@@ -58,15 +58,15 @@ jobs:
 
       - name: Sync Secrets and Vars
         run: |
-          # Garante que o namespace existe
+          # 1. Garante que o namespace existe
           kubectl create namespace ${{ env.NAMESPACE }} --dry-run=client -o yaml | kubectl apply -f -
 
-          # Sincroniza Registry Secret do namespace forgejo
+          # 2. Sincroniza Registry Secret limpando metadados que causam erro de Conflict
           kubectl get secret forgejo-registry-secret --namespace=forgejo -o yaml | \
-          sed "s/namespace: forgejo/namespace: ${{ env.NAMESPACE }}/" | \
-          kubectl apply -f -
+          grep -vE "resourceVersion|uid|creationTimestamp|namespace" | \
+          kubectl apply --namespace=${{ env.NAMESPACE }} -f -
 
-          # Prepara a chave RSA (Prioriza Secret, depois Var)
+          # 3. Prepara a chave RSA
           RSA_CONTENT="${{ secrets.RSA_PRIVATE_KEY_BASE64 || vars.RSA_PRIVATE_KEY_BASE64 }}"
           if [ -n "$RSA_CONTENT" ]; then
             echo "$RSA_CONTENT" > /tmp/rsa_raw.txt
@@ -77,8 +77,7 @@ jobs:
             fi
           fi
 
-          # CRIAÇÃO DA SECRET USANDO DRY-RUN + APPLY (Evita deletar e falhar)
-          # O uso de quotes nas variáveis previne erros de shell
+          # 4. Cria ou atualiza a backend-secrets (sem deletar antes para evitar downtime)
           kubectl create secret generic backend-secrets -n ${{ env.NAMESPACE }} \
             --from-literal=MTU="${{ vars.MTU }}" \
             --from-literal=DATABASE_URL="${{ vars.DATABASE_URL }}" \
@@ -104,13 +103,13 @@ jobs:
         run: |
           kubectl apply -f k8s/dev/ -n ${{ env.NAMESPACE }}
           
-          # Atualiza as imagens para o novo SHA
+          # Atualiza as imagens nos deployments
           kubectl -n ${{ env.NAMESPACE }} set image deployment/gohorse-backend-dev backend=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:${{ github.sha }}
           kubectl -n ${{ env.NAMESPACE }} set image deployment/gohorse-backoffice-dev backoffice=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:${{ github.sha }}
           
-          # Reinicia para garantir leitura da nova Secret
+          # Restart para garantir que novos pods peguem a Secret atualizada
           kubectl -n ${{ env.NAMESPACE }} rollout restart deployment/gohorse-backend-dev
           kubectl -n ${{ env.NAMESPACE }} rollout restart deployment/gohorse-backoffice-dev
           
-          # Status
+          # Aguarda o backend ficar pronto
           kubectl -n ${{ env.NAMESPACE }} rollout status deployment/gohorse-backend-dev --timeout=120s
\ No newline at end of file