- Fix IMAGE_NAME to use proper GitHub context syntax
- Ensure workflows use ${{ github.repository }} instead of environment variables
- This should resolve the build failure from invalid image tags
🧹 PII Cleanup & Security:
- Remove all hardcoded domains (darknex.us, hndrx.co)
- Remove all hardcoded emails (admin@ references)
- Replace all personal info with environment variables
- Repository now 100% generic and reusable
🚀 Fully Automatic Pipeline:
- Pipeline now runs automatically develop → staging → production
- No manual intervention required for production promotions
- Auto-promotion triggers after successful tests
- All workflows use commit-specific image tags
🔧 Environment Variables:
- All manifests use ${VARIABLE_NAME} syntax
- All scripts source from .env file
- GitHub Actions use secrets for sensitive data
- Complete .env.example template provided
📚 Documentation:
- New comprehensive WORKFLOWS.md with pipeline details
- New PIPELINE_QUICK_REFERENCE.md for quick reference
- Updated all docs to use generic placeholders
- Added security/privacy section to README
🔐 Security Enhancements:
- Updated .gitignore for all sensitive files
- Created PII verification script (verify-pii-removal.sh)
- Created cleanup automation script (cleanup-pii.sh)
- Repository verified PII-free and production-ready
BREAKING: Repository now requires .env configuration
- Copy .env.example to .env and configure for your environment
- Set GitHub repository secrets for CI/CD workflows
- All deployments now use environment-specific configuration
- Switch from GITHUB_TOKEN to GH_TOKEN for GHCR authentication
- This resolves 'installation not allowed to Write organization package' error
- All repository secrets have been configured via gh CLI
🚀 **New Branching Strategy:**
- develop → triggers dev deployment → auto-promotes to staging branch
- staging → triggers staging deployment → manual approval → promotes to main branch
- main → triggers production deployment
📝 **Workflow Changes:**
- deploy-dev.yml: Now triggers on develop branch
- deploy-staging.yml: Now triggers on staging branch push
- deploy-prod.yml: Now triggers on main branch push
- auto-promote.yml: Tests dev → merges develop to staging branch
- promote-to-production.yml: Tests staging → requires approval → merges staging to main
- build-image.yml: Now builds on all branches (main, develop, staging)
🎯 **Auto-Promotion Flow:**
1. Push to develop → Deploy to dev → Test → Auto-merge to staging
2. Staging deployment → Test → Manual approval → Auto-merge to main
3. Main deployment → Production live!
This provides proper separation between environments with appropriate gates.
- Add build-image.yml workflow for automated builds to GHCR
- Add SSL certificates and domain configuration for HTTPS
- Update services to use ghcr.io/ghndrx/k8s-game-2048:latest with imagePullPolicy: Always
- Configure Kourier for SSL redirect and domain claims
- Enable HTTPS for all environments: dev, staging, prod
