From 2513d3534ddf51ac9aa71d8cb31c48a908df69c5 Mon Sep 17 00:00:00 2001
From: syoul <syoul@librezo.fr>
Date: Tue, 17 Mar 2026 20:07:10 +0100
Subject: [PATCH] fix: registration Consul via docker exec sonic-consul
 (supprime register-consul step)

- write-env ecrit le token dans .consul_token (workspace partage)
- deploy lit .consul_token et utilise docker exec sonic-consul pour
  enregistrer le service directement sur l'agent consul local
- network_mode host non supporte par ce Woodpecker, 172.17.0.1:8500
  ne rejoignait pas le meme consul que Fabio

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .woodpecker.yml | 36 +++++++++++++-----------------------
 1 file changed, 13 insertions(+), 23 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index ab398ea..fa26d76 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -32,7 +32,7 @@ steps:
       - 'grep -q "^\.env$" .gitignore || (echo "ERREUR: .env manquant dans .gitignore" && exit 1)'
       - echo "Verifications de securite OK"
 
-  # Etape 3a : Ecriture du .env depuis les secrets
+  # Etape 3a : Ecriture du .env et du token Consul depuis les secrets
   # NOTE: ne pas utiliser ${VAR} dans commands (bug Woodpecker next), utiliser env | grep
   - name: write-env
     image: alpine:3.20
@@ -50,11 +50,16 @@ steps:
         from_secret: db_root_password
       DB_PASSWORD:
         from_secret: db_password
+      CONSUL_TOKEN:
+        from_secret: consul_token
     commands:
       - env | grep -E "^(PS_DOMAIN|PS_ADMIN_FOLDER|PRESTASHOP_ADMIN_EMAIL|PRESTASHOP_ADMIN_PASSWORD|DB_ROOT_PASSWORD|DB_PASSWORD)=" > .env.deploy
       - echo "Fichier .env.deploy cree ($(wc -c < .env.deploy) octets)"
+      - env | grep '^CONSUL_TOKEN=' | cut -d= -f2- > .consul_token
 
-  # Etape 3b : Deploiement sur sonic via Docker socket
+  # Etape 3b : Deploiement sur sonic via Docker socket + enregistrement Consul
+  # Le token est lu depuis .consul_token (ecrit par write-env) car
+  # volumes + from_secret = secrets vides (bug Woodpecker next)
   - name: deploy
     image: docker:27-cli
     volumes:
@@ -67,28 +72,13 @@ steps:
       - cd /opt/prestashop && docker compose pull
       - cd /opt/prestashop && docker compose up -d --remove-orphans
       - cd /opt/prestashop && docker compose ps
-      - docker inspect prestashop --format '{{.NetworkSettings.Networks.sonic.IPAddress}}' > $CI_WORKSPACE/.container_ip
-
-  # Etape 3c : Enregistrement dans Consul (Registrator ne peut pas ecrire prestashop : ACL)
-  # network_mode host : localhost:8500 = consul reel (172.17.0.1 passe par iptables DOCKER)
-  - name: register-consul
-    image: alpine:3.20
-    network_mode: host
-    environment:
-      TEST_STATIC: hello
-      CONSUL_TOKEN:
-        from_secret: consul_token
-    commands:
-      - apk add --no-cache --quiet curl
       - |
-        CONTAINER_IP=$(cat $CI_WORKSPACE/.container_ip)
-        DOMAIN=$(grep '^PS_DOMAIN=' $CI_WORKSPACE/.env.deploy | cut -d= -f2)
-        CTOK=$(env | grep '^CONSUL_TOKEN=' | cut -d= -f2-)
-        curl -sf -X PUT "http://localhost:8500/v1/agent/service/register" \
-          -H "Content-Type: application/json" \
-          -H "X-Consul-Token: $CTOK" \
-          -d "{\"Name\":\"prestashop\",\"Address\":\"$CONTAINER_IP\",\"Port\":80,\"Tags\":[\"urlprefix-$DOMAIN/\"]}"
-        echo "Service enregistre dans Consul: prestashop -> $CONTAINER_IP:80 urlprefix-$DOMAIN/"
+        CONTAINER_IP=$(docker inspect prestashop --format '{{.NetworkSettings.Networks.sonic.IPAddress}}')
+        DOMAIN=$(grep '^PS_DOMAIN=' /opt/prestashop/.env | cut -d= -f2)
+        CTOK=$(cat $CI_WORKSPACE/.consul_token)
+        docker exec sonic-consul env CONSUL_HTTP_TOKEN="$CTOK" consul services register \
+          -address "$CONTAINER_IP" -port 80 -name prestashop -tag "urlprefix-$DOMAIN/"
+        echo "Consul: prestashop -> $CONTAINER_IP:80 urlprefix-$DOMAIN/"
 
   # Etape 4 : Healthcheck post-deploiement
   - name: healthcheck