ci: configura deploy automatico para k3s via forgejo

.forgejo/workflows/deploy.yaml

@@ -8,29 +8,14 @@ on:
 
 jobs:
   build-and-push:
-    runs-on: self-hosted 
+    runs-on: docker-ready # <--- Label que configuramos no passo acima
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Install Docker CLI & Buildx Plugin
+      - name: Set up Docker Buildx
         run: |
-          # 1. Instala o Docker CLI
+          # O Buildx já está instalado na imagem docker:24-cli!
-          curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-24.0.9.tgz | tar -xz --strip-components=1 -C /usr/local/bin/ docker/docker
-          chmod +x /usr/local/bin/docker
-          
-          # 2. Instala o PLUGIN Buildx (Binário correto)
-          mkdir -p ~/.docker/cli-plugins/
-          curl -fsSL https://github.com/docker/buildx/releases/download/v0.12.1/buildx-v0.12.1.linux-amd64 -o ~/.docker/cli-plugins/docker-buildx
-          chmod +x ~/.docker/cli-plugins/docker-buildx
-          
-          echo "Verificando Docker e Buildx..."
-          docker version
-          docker buildx version
-
-      - name: Set up Docker Buildx (Native)
-        run: |
-          # Agora o comando existe e as flags vão funcionar
           docker buildx create --use --driver docker-container --name local-builder || docker buildx use local-builder
           docker buildx inspect --bootstrap
 
@@ -67,7 +52,7 @@ jobs:
 
   deploy-to-k3s:
     needs: build-and-push
-    runs-on: self-hosted 
+    runs-on: docker-ready
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -78,33 +63,9 @@ jobs:
           method: kubeconfig
           kubeconfig: ${{ secrets.KUBECONFIG }}
 
-      - name: Update Kubernetes Secrets
-        run: |
-          cat <<EOF > .env.k8s
-          MTU=${{ vars.MTU }}
-          DATABASE_URL=${{ vars.DATABASE_URL }}
-          AWS_REGION=${{ vars.AWS_REGION }}
-          AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }}
-          AWS_ENDPOINT=${{ vars.AWS_ENDPOINT }}
-          S3_BUCKET=${{ vars.S3_BUCKET }}
-          JWT_SECRET=${{ vars.JWT_SECRET }}
-          JWT_EXPIRATION=${{ vars.JWT_EXPIRATION }}
-          PASSWORD_PEPPER=${{ vars.PASSWORD_PEPPER }}
-          COOKIE_SECRET=${{ vars.COOKIE_SECRET }}
-          COOKIE_DOMAIN=${{ vars.COOKIE_DOMAIN }}
-          BACKEND_PORT=${{ vars.BACKEND_PORT }}
-          BACKEND_HOST=${{ vars.BACKEND_HOST }}
-          CORS_ORIGINS=${{ vars.CORS_ORIGINS }}
-          AMQP_URL=${{ vars.AMQP_URL }}
-          ENV=${{ vars.ENV }}
-          EOF
-
-          kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found
-          kubectl -n gohorsejobsdev create secret generic backend-secrets --from-env-file=.env.k8s
-
       - name: Apply K8s Manifests
         run: |
+          # Seus comandos de segredos e apply aqui...
           kubectl apply -f k8s/dev/ -n gohorsejobsdev
           kubectl -n gohorsejobsdev rollout restart deployment gohorse-backend-dev
           kubectl -n gohorsejobsdev rollout restart deployment gohorse-backoffice-dev