From 37016ba4ffef5199dcc83e3b439e30c04add21a3 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 12:03:55 +0200
Subject: [PATCH 01/25] feat: premier commit - activation de la CI

---
 notes.md | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 notes.md

diff --git a/notes.md b/notes.md
new file mode 100644
index 0000000..2c821cd
--- /dev/null
+++ b/notes.md
@@ -0,0 +1 @@
+# Mon TP GitHub Actions

From 51e51a532bb89951f8f965e28692ad807cdd2429 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 12:22:07 +0200
Subject: [PATCH 02/25] test: test activation github action

---
 notes.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/notes.md b/notes.md
index 2c821cd..a31fe4a 100644
--- a/notes.md
+++ b/notes.md
@@ -1 +1,2 @@
 # Mon TP GitHub Actions
+# Test TP GitHub Actions

From 949a845d86b77f6bd643b1f3ec401c4cec0575df Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 13:42:49 +0200
Subject: [PATCH 03/25] feat: new yml with setup py/instal dependencies/lauch
 test

---
 .github/workflows/ci.yml                      |  21 +++++++++++-------
 ressources/__pycache__/app.cpython-312.pyc    | Bin 0 -> 1666 bytes
 .../test_app.cpython-312-pytest-8.2.0.pyc     | Bin 0 -> 9621 bytes
 3 files changed, 13 insertions(+), 8 deletions(-)
 create mode 100644 ressources/__pycache__/app.cpython-312.pyc
 create mode 100644 ressources/__pycache__/test_app.cpython-312-pytest-8.2.0.pyc

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0a27357..7a6c3f5 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,18 +1,23 @@
-name: CI
+name: CI — NexaCloud API
 
 on:
   push:
-    branches: [ "main" ]
+    branches: [main]
   pull_request:
-    branches: [ "main" ]
+    branches: [main]
 
 jobs:
-  build:
+  test:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout code
+      - name: Checkout
         uses: actions/checkout@v4
-
-      - name: Example step
-        run: echo "Add your build/test steps here!"
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Install dependencies
+        run: pip install -r ressources/requirements.txt
+      - name: Launch tests
+        run: pytest ressources/ -v
diff --git a/ressources/__pycache__/app.cpython-312.pyc b/ressources/__pycache__/app.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..395a7d8bcb18b9e796c7b032963fa721fa62abc7
GIT binary patch
literal 1666
zcmZ`(%}*Og6rb4-+jzZTzLJuVW|Ov392IEPL)El`BGUj;ank~aSe90cXMlzEt~Iku
zV?<R)sT6XlI7A8u4m}ppLofXcnnR^tOsz`Rs+WFTxEXP%)Kh0>ZPy?%(mcJ{-*4Xh
z-kUf3i>@aD8$Zt7+9=Ba{KXgTp|+ee0|M|8Adm+LBFTXzDKC}eybOT^u!NN(hVzkE
zk&G0iq8N%FDESyxH~J!^+oD99k9xiaM=dCyxP+bTu(d9B&n4_shpl(9lb5i2JM6wL
zwuTjy-n;_<8DjfJy0u3>>PG|L4<1R;3WCZ|WhgToIBcD?%H{EL#rU)O!kB(IZ{+Y}
zE9-axN-o&0Ej~SPEV^j~zU|obr$cNMy;6x;d&R*93XHN{#*Xb`BRfBloiUK*QiCB&
z4~<#dp9@xu>7s9YE*(#v@bfcLsEUYTe1m$fy;?c>hJ8L6<tD`qyH=1<LdAAhy)gcT
zMO@om3sp>rN5Vvr*uGt~oDfbF8L=~B%;P)H3}#*ezjehxv;e>61G!ziMUYW*q2z6D
z>z#CYrrYYh@q6R%WaKbLeajDM7^j$Q*+m@2w=khBi$h2h7XJ{OF$?~k%-%07GY%~*
zi}F}L4oG1J(@ozi7yR<rn(eO#D`VODvFuENU`oA!6frGCRS#9$Mffqf%3=+&Nr#xJ
zg1@zaee~T|KfiZ8xLDVgYRVEBX25oQVjWwKzkV)nE=T0e3wSYa8+PR^=SZ4y!gv&=
zLimw{A1T6<D;$hPAi2gCudzu7m=Tip=JxH{;GMdbsVSLAkUrsfYjlDJrIJM|=VWn7
zLYBdtZdrb-3jyeo26Gun6gJd8`E=G?TwYk1{`}EJZ7F`5**cBfV1fChIx|Ayix2AB
z&6;vE64x7vYxm1Jb^K2u)ZJ$eQ^#yH5aiG2ORxiwv^m2(=yRSJJ75PQ`9SK@t>g%A
zS;BK-josTm%q)6=>xVJR!NkWbH-0%HLEiop2ev~D_KEV1h7pxs7wNS_klPI6lfK0a
z%P)0xKY5&bqxx|}AK3fs`J?KC-?f2n@ef<agOhb_s-{edyu*ZPmMq&f%_aLeyJ3DH
z!YjdAsFXe8=Q4U2H%;UfO*2$i`O_vm!>IafuWOYsgJjmBLUpJTFYvMGQPCBm@IqZE
zlfb=rNr?|j9ts>hN#15*`75Nam}$xo!c$3x%0Ec}Z~YO|cITdYRk@h}db-iq-_ZLS
z>HgCmwNI*Q%`}kIXCqHWcHe#a`l$rrGCY%klx_-_ZE2zJ*WoaS?{f4CNALa*PSxRc
z4jLRB<)G04YufcX9OZI85|M8-h1*O4CAGW#t31+B;?HKE%<jFpzf_(5O}X8afpSgM
F_djRTaq$2E

literal 0
HcmV?d00001

diff --git a/ressources/__pycache__/test_app.cpython-312-pytest-8.2.0.pyc b/ressources/__pycache__/test_app.cpython-312-pytest-8.2.0.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..f518916c21f6a60700ba3ce6e80fb447cba4e862
GIT binary patch
literal 9621
zcmeHN-ES1v6`!x&ncelSzkopa=m1Gz2wod(Lq$UXnWUg1t5V5}<!UwT9pf?M+0DJP
zj=h~#X^YfGt(sJ-lvd&&uu!GG<S&R6RgEgqkY=k<TKD6LH^2{-c<MQKW_HK+7OzwD
z0*q$Py?5@p-?Qg;e)sNY`FvJ@>*GrY=YF3SgnwfqzN9F!x(Jbv1R_icL?n_UPDwnJ
z=asS~3iGL{v>4{7Q!3=hjyA7NX`*1Ma|3Z@?T{$9gga4kDoawggsB`!gX|$H$UM<N
z7DxtU?~-I>Ytx{d^(^L<%xbk*UDE$`^Vj-SNHe|W+Ma1si|NGDog){%ds&~f7R?E#
zQX|<brd$4Gndw!N>eVHzKqsclbjQ-GcGYrh*U~307qj=VGn0lG$WVVd>KPAk24r|v
z&x3#&5IqRPt0cxTuN9k9;&<&Z9_jZ4Lz=v5$Q0`fRP2rIUJr77TxG|$TyI%e#d41)
zCeBR1!z{|C-|=k6W~OJ===4R4-S8^aX|FnT-S%c{*M=r84^3R0hQYH+jg~Do&Fc#1
zC`gBOQe0kq*e(z^g?|j}x;1g@J747rADnyt+`ZhsyUISQK~}jn3P`B%@Ns_$@*}|)
z=90OPi5C&?L~k3SFV4kZOPI-JLn2Z`_9b7waa0f*im$NWd8t@o4!*bb7m<BsMkETB
znUU^9^GQ-(Cf1ze-)o!-!+4Gt1hz9#f6rPiO!=)o)1+qMNt&(*?YDc~Nmq(zViP?%
z)+6cLavjFsND-B2e##bkD(&^hJxSEm;Wy-`<C@~|$0ErriVX=K1?F6w+Zor?4&!-h
zsJ=?Fdmy8sksPdx<|}-KGJb|RiIzLBPzF}02g|fqC{d=<{Ah76H_=mKJ(9mI@fpdI
z0_pX$(fs7Po}XM?QyfO~qrv=SV8klvi^kvoJdS@UV+_=fT`_f9sd<(@tW(PaBLW8T
z<j9C_E?8x>lFT!`nx|K86a#Vi{vY6bSr#8lXU{H+_0d<4R+mm1Ec=5fqMy|<He#?M
zFUCsc3bC>c{cM;qZm>WDTUD*N%vzQM8FW#cL^1xjU^1|H9<SpxsKU$BlR-MHDv&BS
zpv?hn;Do{AD#r}AETQHJ6k}`ZI2G1$Do~-?1-oq3^DSV|0VbAnfqdQaf?T4rLH2wI
z6D5-d{iU+$I3;RTX}K~F5Ml*AkX^b~vmLP9EJ!;Q&|tyt5}U2m9Kuyg*PY5W(<!;;
zycJ|h%$%{XhM;hP56`Z+Z&6yI!C+~oLg!7dWGz-5(=|QF2{h<XX^vG~qlcSqipC(w
zVXNWnoJc0dl8MnU5mtICnfPX)5Ysc0$|K3d$)xglGI5%r0o4;1MJpWibC|JRVl9@!
z*`uf7eIGpRGY|kWy*odszhD2&;h+ET=A{+owdOY6f6WaxbNl|B+jlQ_;O4~@<zRCw
z_lh#q+{%4d8F~UTehzr|0vVq*WQ<Tz<*2AesHpi`7pSOlRD?2JqoNvP)0R;&!%;C4
zp<=dcRLsUL#$kktDxjj)PyiMB>WA8>Fl(8PH`~UBFuhc)tHWWG=Hd5F5%DSh{JFuR
z=&n%oHt9<sCh2aFff|*iFJs1D6bDdz1I0lQMy_r1=n%dwq8LUog5m^<Q50h+#!;LC
z!Ezur7^%>&j(T|pG!X6CuRyfTlX0*2m2I_8E6R9ti}#nx_(mgx{y2BP7r^a&VPu{)
zBhvuq`=aon`29bk0}hU~x*#+pUt*so3_&N?JLgN0>#eqp49RaBIcmA-o06lJCXk~%
zDQsI0S|)MR9<(%}2S5=bx{x7#q~G5r!w74l`WmMRl83g8U%up_MdR0<i1Y&ClG)$M
z02%ChCiW!Ox&u-5(13<*L?oLgOLQPv8%w~<3?^FXP{wZ&SF&T<dfuL$ZhO9=1oV8z
zCOvOc>7BQgkV<zAgQ*z);xH!94f#Xy7k^R&0K#20gqbUrPGJkFHvh>o-(jj;XL`Bf
zdbnK!42kJux@#|3W^GY7J<oDUjTIl~haJ!xhEnq;UFrrS4JA-)ccv1k@0rxaeW8@a
zd4g7^wr2y+SQZ1xc8!Px0n5^Dmy;#nU_m<U13d{nHY7R-0o?(jo@7<Pmgs(bIi8?e
zz{)}f2az^|I~sAi<Gh7YgBjUIkhK}m9uM}^tU$J1&rsS8A^#esxZ_~t=^<?XFp5`D
zyo%yA6h~0NMvy=a6vt4!j^a3qizwa#(VZuNW2F-yl9XkXy9J#+g1wx!;L4Pul>zob
zYh|xSEqVzm(&1qT;hSxH2*dY!k8P`mu$IAmHE`x<=@o5%bDQqJX!}>R<ISgbf36*W
zm=XrRwb5f~Z5Y0-bnUUAhqLZ#ZBPLk5{X-0naHp~1KWapgDT~xHg&}nKLse6!ZK}?
zOjr~2uGU?C%bIMW*WRE?M~IW=8+hr+6<0m<M){Sfse^s@Tllrk2Fc)xr(ncVL`7sy
zMV`m;_eATTe@@rG5RJe0c^p5dq9a!TVR82j4?w~r9t2>(Uyi*Cro-Py$ZN48eFJ`a
z^el+`zr+~2Je?TlBz+Tg_F?upjNvbop2rwkB|{BCjN?)p#MYvgp(O|_M<Y&7IbmJL
zP|@PV3^m+C+r1HtU^F$0(MixnWMuyYu^x%m!pDkopt+TMMbVpExu16ZcNP5!NHY6^
z`wHL(KXXS<B-`S=c--{c1WtD5yzy~Ug7YTIbYe9vcDjw+xP{kSVy3{2TL)Raq_1_5
zmHNNAiq^=G{ueXZ*p``u<G_B7wi+1#w1uP1n$YOxFm%wzuXD#!J`CL%eM332i@fCL
zB44wo>u;zh_A%pd?O`Zj?e6;Ul_LPB6b=LNe-dWd16r%UTQgmv+m61Zo4|hojFFDM
z3piD*7ebaB6Vz^KZcvD|;c&3#dh`NdT+C_lU@zjdz&K+r%OU!0P+P-gfvs}38KlEL
zUxhz!NH$wj731U;S#PJ^=6nLY|L1OV8`TlelSFeYvHy&F;4!-MFogI$ZHRA;I_xdI
z3MH^cwmZo-@4kHOUhnHqk#4Rihnrvb{z5stqU>#c-TMn=?^ciNxNBha1!}28D&<ls
z(Bh+4zMBy2DTRl%#c(?V4p58KdJn!&ICyQn3e@Nw--`&+VUg%RI5YMlC;#}55`Kh9
z@t}b31#mZvuM<UT%li^8tM<lxh14ADO^Sa@g7p*Fw?RCRMNxbx$)fU~tRRZFgrDU9
zCJa7E3zGKJ13x<OP?E&`tFj>VJ;2zbY+5Wn8c@Vjj|!?d^k|1F9$W=+h&S|K=2KyJ

literal 0
HcmV?d00001


From 1849f23c3374be2f8c2dc5dd2d0eee794123824e Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 13:49:08 +0200
Subject: [PATCH 04/25] test: add new error too much space l1

---
 ressources/app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ressources/app.py b/ressources/app.py
index d7e75f2..3de429c 100644
--- a/ressources/app.py
+++ b/ressources/app.py
@@ -8,7 +8,7 @@
 app = Flask(__name__)
 
 # Simule un résumé de logs issu du TP Bash / PowerShell
-LOG_SUMMARY = {
+                                                                                                LOG_SUMMARY = {
     "info": 142,
     "warning": 28,
     "error": 12,

From 4e2297f93fe2829fbe95dad92447ba35bbfe1f61 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 13:55:39 +0200
Subject: [PATCH 05/25] Clean: remove erro too much space in  app.py

---
 ressources/app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ressources/app.py b/ressources/app.py
index 3de429c..d7e75f2 100644
--- a/ressources/app.py
+++ b/ressources/app.py
@@ -8,7 +8,7 @@
 app = Flask(__name__)
 
 # Simule un résumé de logs issu du TP Bash / PowerShell
-                                                                                                LOG_SUMMARY = {
+LOG_SUMMARY = {
     "info": 142,
     "warning": 28,
     "error": 12,

From c3cfeb0d8717309bfad9d4f4d8eefb89b00ec4f3 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 13:59:10 +0200
Subject: [PATCH 06/25] test: add new error l46 in test_app.py

---
 ressources/test_app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ressources/test_app.py b/ressources/test_app.py
index ce56a43..a1a17ba 100644
--- a/ressources/test_app.py
+++ b/ressources/test_app.py
@@ -43,7 +43,7 @@ def test_logs_summary_values(client):
     """Les compteurs de logs ont les valeurs attendues."""
     response = client.get("/logs/summary")
     data = response.get_json()
-    assert data["info"] == 142
+    assert data["info"] == 999
     assert data["warning"] == 28
     assert data["error"] == 12
     assert data["critical"] == 3

From 926bdcbfc10f8676681437d5d9901d33ab3d432a Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 14:03:06 +0200
Subject: [PATCH 07/25] clean: error l46 in test_app.py

---
 ressources/test_app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ressources/test_app.py b/ressources/test_app.py
index a1a17ba..ce56a43 100644
--- a/ressources/test_app.py
+++ b/ressources/test_app.py
@@ -43,7 +43,7 @@ def test_logs_summary_values(client):
     """Les compteurs de logs ont les valeurs attendues."""
     response = client.get("/logs/summary")
     data = response.get_json()
-    assert data["info"] == 999
+    assert data["info"] == 142
     assert data["warning"] == 28
     assert data["error"] == 12
     assert data["critical"] == 3

From fef6956f9b632f47f4d75a9a481fc123dd0d8e59 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 14:27:54 +0200
Subject: [PATCH 08/25] =?UTF-8?q?feat:=20add=20couverture=20de=20test&rapp?=
 =?UTF-8?q?ort=20de=20couverture&=20cache=20d=C3=A9pendances=20pip?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/ci.yml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7a6c3f5..889db55 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -21,3 +21,38 @@ jobs:
         run: pip install -r ressources/requirements.txt
       - name: Launch tests
         run: pytest ressources/ -v
+      # Ajouter la couverture de tests
+      - name: Tests avec couverture
+        run: pytest ressources/ -v --cov=ressources --cov-report=term-missing
+      # Uploader le rapport de couverture comme artefact téléchargeable
+      - name: Générer le rapport HTML
+        run: pytest ressources/ --cov=ressources --cov-report=html
+      - name: Upload du rapport
+        uses: actions/upload-artifact@v4
+        with:
+          name: rapport-couverture
+          path: htmlcov/
+      # Mettre en cache les dépendances pip (accélère les builds suivants)
+      - name: Cache pip
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pip
+          key: ${{ runner.os }}-pip-${{ hashFiles('ressources/requirements.txt') }}
+  
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Installer flake8
+        run: pip install flake8
+
+      - name: Lint with flake8
+        run: flake8 ressources/ --config ressources/.flake8
\ No newline at end of file

From 2e79377ac2cb1bfb3461fe75b78e3bfaf28cd579 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 14:32:20 +0200
Subject: [PATCH 09/25] feat: add secret in workflow

---
 .github/workflows/secrets.yml | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 .github/workflows/secrets.yml

diff --git a/.github/workflows/secrets.yml b/.github/workflows/secrets.yml
new file mode 100644
index 0000000..e69de29

From f025d88e1ffb06f14d027e224f1714f2253bf715 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 14:54:22 +0200
Subject: [PATCH 10/25] feat: add secret in workflow correction

---
 .github/workflows/secrets.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/.github/workflows/secrets.yml b/.github/workflows/secrets.yml
index e69de29..4a94882 100644
--- a/.github/workflows/secrets.yml
+++ b/.github/workflows/secrets.yml
@@ -0,0 +1,25 @@
+name: Demo Secrets
+
+on:
+  workflow_dispatch:
+
+jobs:
+  demo:
+    runs-on: ubuntu-latest
+
+    env:
+      API_KEY: ${{ secrets.API_KEY }}   # injection du secret comme variable d'environnement
+
+    steps:
+      - name: Vérifier que le secret est défini
+        run: |
+          if [ -z "$API_KEY" ]; then
+            echo "❌ Le secret API_KEY n'est pas défini"
+            exit 1
+          fi
+          echo "✅ Le secret API_KEY est défini (${#API_KEY} caractères)"
+
+      - name: Simuler un appel API authentifié
+        run: |
+          echo "Appel à l'API avec Authorization: Bearer ***"
+          # En vrai : curl -H "Authorization: Bearer $API_KEY" https://api.example.com
\ No newline at end of file

From ab270d264e162a1fa0e479de11348643c3e6339e Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 4 Jun 2026 15:18:15 +0200
Subject: [PATCH 11/25] feat: add ability to create new env for staging and
 production

---
 .github/workflows/deploy.yml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 .github/workflows/deploy.yml

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 0000000..60c0c87
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,30 @@
+name: Deploy
+
+on:
+  workflow_dispatch:
+
+jobs:
+  deploy-staging:
+    runs-on: ubuntu-latest
+    environment: staging          # utilise l'environnement staging
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4     
+      - name: Déploiement en staging
+        run: |
+          echo "✅ Déploiement en staging réussi"
+          echo "URL : https://staging.nexacloud.example.com"
+
+  deploy-production:
+    runs-on: ubuntu-latest
+    environment: production       
+    needs: deploy-staging
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Déploiement en production
+        run: |
+          echo "🚀 Déploiement en production réussi"
+          echo "URL : https://production.nexacloud.example.com"
\ No newline at end of file

From ce7b8feec488e3aa7919a79343f213ab1a395929 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Fri, 5 Jun 2026 10:59:30 +0200
Subject: [PATCH 12/25] feat: add Pipeline CI/CD complet

---
 .github/workflows/cicd.yml | 73 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 .github/workflows/cicd.yml

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
new file mode 100644
index 0000000..798da1c
--- /dev/null
+++ b/.github/workflows/cicd.yml
@@ -0,0 +1,73 @@
+name: CI/CD — NexaCloud API
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  # ── Job 1 : Qualité ────────────────────────────────────────────────
+  qualite:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - run: pip install -r ressources/requirements.txt
+
+      - name: Lint
+        run: flake8 ressources/ --config ressources/.flake8
+
+      - name: Tests
+        run: pytest ressources/ -v --cov=ressources
+
+  # ── Job 2 : Staging ───────────────────────────────────────────────
+  staging:
+    runs-on: ubuntu-latest
+    needs: qualite                 # attend que le job qualite réussisse
+    environment: staging
+    if: github.ref_name == 'main'  # uniquement sur la branche main
+  
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Installer les dépendances
+        run: pip install -r ressources/requirements.txt
+
+      - name: Déployer sur Azure App Service (staging)
+        uses: azure/webapps-deploy@v3
+        with:
+          app-name: nexacloud-api-10909"
+          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_STAGING }}
+          package: ressources/
+      # TODO: ajouter le step de déploiement sur Azure App Service
+      # (remplacez app-name par votre nom d'application)
+
+  # ── Job 3 : Production ────────────────────────────────────────────
+  production:
+    runs-on: ubuntu-latest
+    needs: staging
+    environment: production
+    if: github.ref_name == 'main'
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Installer les dépendances
+        run: pip install -r ressources/requirements.txt
+      
+      - name: Déployer sur Azure App Service (production)
+        uses: azure/webapps-deploy@v3
+        with:
+          app-name: "nexacloud-api-10909"
+          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PRODUCTION }}
+          package: ressources/

From cdba3ff3241356ae33d171a8d5c89cfe61e777e5 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Fri, 5 Jun 2026 11:06:56 +0200
Subject: [PATCH 13/25] clear: correction pb secret key

---
 .github/workflows/cicd.yml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index 798da1c..4983d06 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -45,10 +45,8 @@ jobs:
         uses: azure/webapps-deploy@v3
         with:
           app-name: nexacloud-api-10909"
-          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_STAGING }}
+          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE}}
           package: ressources/
-      # TODO: ajouter le step de déploiement sur Azure App Service
-      # (remplacez app-name par votre nom d'application)
 
   # ── Job 3 : Production ────────────────────────────────────────────
   production:
@@ -69,5 +67,5 @@ jobs:
         uses: azure/webapps-deploy@v3
         with:
           app-name: "nexacloud-api-10909"
-          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PRODUCTION }}
+          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE}}
           package: ressources/

From 0ced62d409abca48fac607ade1330e70a9c5bac0 Mon Sep 17 00:00:00 2001
From: Msaidi <100493512+ororck@users.noreply.github.com>
Date: Fri, 5 Jun 2026 11:27:38 +0200
Subject: [PATCH 14/25] Add or update the Azure App Service build and
 deployment workflow config

---
 .../workflows/main_nexacloud-api-10909.yml    | 66 +++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100644 .github/workflows/main_nexacloud-api-10909.yml

diff --git a/.github/workflows/main_nexacloud-api-10909.yml b/.github/workflows/main_nexacloud-api-10909.yml
new file mode 100644
index 0000000..10d0e37
--- /dev/null
+++ b/.github/workflows/main_nexacloud-api-10909.yml
@@ -0,0 +1,66 @@
+# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
+# More GitHub Actions for Azure: https://github.com/Azure/actions
+# More info on Python, GitHub Actions, and Azure App Service: https://aka.ms/python-webapps-actions
+
+name: Build and deploy Python app to Azure Web App - nexacloud-api-10909
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read #This is required for actions/checkout
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python version
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      # 🛠️ Local Build Section (Optional)
+      # The following section in your workflow is designed to catch build issues early on the client side, before deployment. This can be helpful for debugging and validation. However, if this step significantly increases deployment time and early detection is not critical for your workflow, you may remove this section to streamline the deployment process.
+      - name: Create and Start virtual environment and Install dependencies
+        run: |
+          python -m venv antenv
+          source antenv/bin/activate
+          pip install -r requirements.txt
+                
+      # By default, when you enable GitHub CI/CD integration through the Azure portal, the platform automatically sets the SCM_DO_BUILD_DURING_DEPLOYMENT application setting to true. This triggers the use of Oryx, a build engine that handles application compilation and dependency installation (e.g., pip install) directly on the platform during deployment. Hence, we exclude the antenv virtual environment directory from the deployment artifact to reduce the payload size. 
+      - name: Upload artifact for deployment jobs
+        uses: actions/upload-artifact@v4
+        with:
+          name: python-app
+          path: |
+            .
+            !antenv/
+
+      # 🚫 Opting Out of Oryx Build
+      # If you prefer to disable the Oryx build process during deployment, follow these steps:
+      # 1. Remove the SCM_DO_BUILD_DURING_DEPLOYMENT app setting from your Azure App Service Environment variables.
+      # 2. Refer to sample workflows for alternative deployment strategies: https://github.com/Azure/actions-workflow-samples/tree/master/AppService
+      
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    
+    steps:
+      - name: Download artifact from build job
+        uses: actions/download-artifact@v4
+        with:
+          name: python-app
+      
+      - name: 'Deploy to Azure Web App'
+        uses: azure/webapps-deploy@v3
+        id: deploy-to-webapp
+        with:
+          app-name: 'nexacloud-api-10909'
+          slot-name: 'Production'
+          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15 }}
\ No newline at end of file

From 77b41af484ee4d2716bb215fbe00bd86c054b4c6 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Fri, 5 Jun 2026 11:41:10 +0200
Subject: [PATCH 15/25] mlue

---
 .github/workflows/cicd.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index 4983d06..8cad5e0 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -45,7 +45,7 @@ jobs:
         uses: azure/webapps-deploy@v3
         with:
           app-name: nexacloud-api-10909"
-          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE}}
+          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15}}
           package: ressources/
 
   # ── Job 3 : Production ────────────────────────────────────────────
@@ -67,5 +67,5 @@ jobs:
         uses: azure/webapps-deploy@v3
         with:
           app-name: "nexacloud-api-10909"
-          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE}}
+          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15}}
           package: ressources/

From 9bceccbc57973816ed3a533ad183c3c8dc1f7790 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Fri, 5 Jun 2026 11:48:05 +0200
Subject: [PATCH 16/25] mlue

---
 .github/workflows/main_nexacloud-api-10909.yml | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/.github/workflows/main_nexacloud-api-10909.yml b/.github/workflows/main_nexacloud-api-10909.yml
index 10d0e37..a07a48d 100644
--- a/.github/workflows/main_nexacloud-api-10909.yml
+++ b/.github/workflows/main_nexacloud-api-10909.yml
@@ -23,14 +23,6 @@ jobs:
         uses: actions/setup-python@v5
         with:
           python-version: '3.11'
-
-      # 🛠️ Local Build Section (Optional)
-      # The following section in your workflow is designed to catch build issues early on the client side, before deployment. This can be helpful for debugging and validation. However, if this step significantly increases deployment time and early detection is not critical for your workflow, you may remove this section to streamline the deployment process.
-      - name: Create and Start virtual environment and Install dependencies
-        run: |
-          python -m venv antenv
-          source antenv/bin/activate
-          pip install -r requirements.txt
                 
       # By default, when you enable GitHub CI/CD integration through the Azure portal, the platform automatically sets the SCM_DO_BUILD_DURING_DEPLOYMENT application setting to true. This triggers the use of Oryx, a build engine that handles application compilation and dependency installation (e.g., pip install) directly on the platform during deployment. Hence, we exclude the antenv virtual environment directory from the deployment artifact to reduce the payload size. 
       - name: Upload artifact for deployment jobs

From 20540b239d26ae50438fee63e06c282631da4186 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Fri, 5 Jun 2026 11:55:53 +0200
Subject: [PATCH 17/25] chore: remove cicd.yml to let only the azure setup

---
 .github/workflows/cicd.yml | 71 --------------------------------------
 1 file changed, 71 deletions(-)
 delete mode 100644 .github/workflows/cicd.yml

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
deleted file mode 100644
index 8cad5e0..0000000
--- a/.github/workflows/cicd.yml
+++ /dev/null
@@ -1,71 +0,0 @@
-name: CI/CD — NexaCloud API
-
-on:
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
-
-jobs:
-  # ── Job 1 : Qualité ────────────────────────────────────────────────
-  qualite:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - run: pip install -r ressources/requirements.txt
-
-      - name: Lint
-        run: flake8 ressources/ --config ressources/.flake8
-
-      - name: Tests
-        run: pytest ressources/ -v --cov=ressources
-
-  # ── Job 2 : Staging ───────────────────────────────────────────────
-  staging:
-    runs-on: ubuntu-latest
-    needs: qualite                 # attend que le job qualite réussisse
-    environment: staging
-    if: github.ref_name == 'main'  # uniquement sur la branche main
-  
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-      - name: Installer les dépendances
-        run: pip install -r ressources/requirements.txt
-
-      - name: Déployer sur Azure App Service (staging)
-        uses: azure/webapps-deploy@v3
-        with:
-          app-name: nexacloud-api-10909"
-          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15}}
-          package: ressources/
-
-  # ── Job 3 : Production ────────────────────────────────────────────
-  production:
-    runs-on: ubuntu-latest
-    needs: staging
-    environment: production
-    if: github.ref_name == 'main'
-
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-      - name: Installer les dépendances
-        run: pip install -r ressources/requirements.txt
-      
-      - name: Déployer sur Azure App Service (production)
-        uses: azure/webapps-deploy@v3
-        with:
-          app-name: "nexacloud-api-10909"
-          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15}}
-          package: ressources/

From 5ec67a176b8fc3393d579df146c1e00af124ae36 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 09:37:24 +0200
Subject: [PATCH 18/25] feat: remake the complete pipeline with 3jobs

---
 .github/workflows/cicd.yml | 77 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 .github/workflows/cicd.yml

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
new file mode 100644
index 0000000..14a9d28
--- /dev/null
+++ b/.github/workflows/cicd.yml
@@ -0,0 +1,77 @@
+# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
+# More GitHub Actions for Azure: https://github.com/Azure/actions
+# More info on Python, GitHub Actions, and Azure App Service: https://aka.ms/python-webapps-actions
+
+name: CI/CD — NexaCloud API
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  qualite:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Installer les dépendances
+        run: pip install -r ressources/requirements.txt
+
+      - name: Lint
+        run: flake8 ressources/ --config ressources/.flake8
+
+      - name: Tests avec couverture
+        run: pytest ressources/ -v --cov=ressources --cov-report=term-missing
+
+  staging:
+    runs-on: ubuntu-latest
+    needs: qualite
+    environment: staging
+    if: github.ref_name == 'main'
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Installer les dépendances
+        run: pip install -r ressources/requirements.txt
+
+      - name: Déployer sur Azure App Service (staging)
+        uses: azure/webapps-deploy@v3
+        with:
+          app-name: "nexacloud-api-staging"
+          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15 }}
+          package: ressources/
+
+  production:
+    runs-on: ubuntu-latest
+    needs: staging
+    environment: production
+    if: github.ref_name == 'main'
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Installer les dépendances
+        run: pip install -r ressources/requirements.txt
+
+      - name: Déployer sur Azure App Service (production)
+        uses: azure/webapps-deploy@v3
+        with:
+          app-name: "nexacloud-api"
+          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15 }}
+          package: ressources/
\ No newline at end of file

From 5709a5aa2e1ed158cb055162215d0a56a5513c2c Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 10:16:17 +0200
Subject: [PATCH 19/25] clear: correct the  pipeline with 3jobs

---
 .github/workflows/cicd.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index 14a9d28..07de4a3 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -50,7 +50,7 @@ jobs:
         uses: azure/webapps-deploy@v3
         with:
           app-name: "nexacloud-api-staging"
-          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15 }}
+          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
           package: ressources/
 
   production:
@@ -73,5 +73,5 @@ jobs:
         uses: azure/webapps-deploy@v3
         with:
           app-name: "nexacloud-api"
-          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15 }}
+          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
           package: ressources/
\ No newline at end of file

From 539dc9b88ff388f3bf395435ec1903ea34d0201e Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 10:22:35 +0200
Subject: [PATCH 20/25] clear: correct app name

---
 .github/workflows/cicd.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index 07de4a3..a8f1e43 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -3,7 +3,6 @@
 # More info on Python, GitHub Actions, and Azure App Service: https://aka.ms/python-webapps-actions
 
 name: CI/CD — NexaCloud API
-
 on:
   push:
     branches: [main]
@@ -49,7 +48,7 @@ jobs:
       - name: Déployer sur Azure App Service (staging)
         uses: azure/webapps-deploy@v3
         with:
-          app-name: "nexacloud-api-staging"
+          app-name: "mohamed-saidi-api-16190"
           publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
           package: ressources/
 
@@ -72,6 +71,6 @@ jobs:
       - name: Déployer sur Azure App Service (production)
         uses: azure/webapps-deploy@v3
         with:
-          app-name: "nexacloud-api"
+          app-name: "mohamed-saidi-api-16190"
           publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
           package: ressources/
\ No newline at end of file

From 45a56a5654a57160336dfa7b7e281fa9dd8e2f24 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 11:04:05 +0200
Subject: [PATCH 21/25] chore(ci): remove unused workflow file

---
 .../workflows/main_nexacloud-api-10909.yml    | 58 -------------------
 1 file changed, 58 deletions(-)
 delete mode 100644 .github/workflows/main_nexacloud-api-10909.yml

diff --git a/.github/workflows/main_nexacloud-api-10909.yml b/.github/workflows/main_nexacloud-api-10909.yml
deleted file mode 100644
index a07a48d..0000000
--- a/.github/workflows/main_nexacloud-api-10909.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
-# More GitHub Actions for Azure: https://github.com/Azure/actions
-# More info on Python, GitHub Actions, and Azure App Service: https://aka.ms/python-webapps-actions
-
-name: Build and deploy Python app to Azure Web App - nexacloud-api-10909
-
-on:
-  push:
-    branches:
-      - main
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read #This is required for actions/checkout
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up Python version
-        uses: actions/setup-python@v5
-        with:
-          python-version: '3.11'
-                
-      # By default, when you enable GitHub CI/CD integration through the Azure portal, the platform automatically sets the SCM_DO_BUILD_DURING_DEPLOYMENT application setting to true. This triggers the use of Oryx, a build engine that handles application compilation and dependency installation (e.g., pip install) directly on the platform during deployment. Hence, we exclude the antenv virtual environment directory from the deployment artifact to reduce the payload size. 
-      - name: Upload artifact for deployment jobs
-        uses: actions/upload-artifact@v4
-        with:
-          name: python-app
-          path: |
-            .
-            !antenv/
-
-      # 🚫 Opting Out of Oryx Build
-      # If you prefer to disable the Oryx build process during deployment, follow these steps:
-      # 1. Remove the SCM_DO_BUILD_DURING_DEPLOYMENT app setting from your Azure App Service Environment variables.
-      # 2. Refer to sample workflows for alternative deployment strategies: https://github.com/Azure/actions-workflow-samples/tree/master/AppService
-      
-
-  deploy:
-    runs-on: ubuntu-latest
-    needs: build
-    
-    steps:
-      - name: Download artifact from build job
-        uses: actions/download-artifact@v4
-        with:
-          name: python-app
-      
-      - name: 'Deploy to Azure Web App'
-        uses: azure/webapps-deploy@v3
-        id: deploy-to-webapp
-        with:
-          app-name: 'nexacloud-api-10909'
-          slot-name: 'Production'
-          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_805CD166C797428D8178BDB7B9F37E15 }}
\ No newline at end of file

From 162742ba9cc0a0f15521d42b5db4f03083ddf445 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 11:18:04 +0200
Subject: [PATCH 22/25] test after rm

---
 .github/workflows/deploy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 60c0c87..8c85b98 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -15,7 +15,7 @@ jobs:
         run: |
           echo "✅ Déploiement en staging réussi"
           echo "URL : https://staging.nexacloud.example.com"
-
+    
   deploy-production:
     runs-on: ubuntu-latest
     environment: production       

From c0568577039ab5e932015ce11ef17e44f79e8cab Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 11:53:43 +0200
Subject: [PATCH 23/25] feat: instal local hook

---
 .setup-hooks.sh | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 .setup-hooks.sh

diff --git a/.setup-hooks.sh b/.setup-hooks.sh
new file mode 100644
index 0000000..5d5f296
--- /dev/null
+++ b/.setup-hooks.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+# setup-hooks.sh — Installe les hooks locaux (à lancer une fois par développeur)
+
+set -e
+
+echo "=== Installation des hooks locaux NexaCloud ==="
+
+# 1. Installer pre-commit
+if ! command -v pre-commit &>/dev/null; then
+    echo "Installation de pre-commit..."
+    pip install pre-commit --quiet
+fi
+
+# 2. Activer les hooks pre-commit
+pre-commit install
+echo "✅ Hooks pre-commit activés"
+
+# 3. Installer le hook pre-push
+cat > .git/hooks/pre-push << 'EOF'
+#!/bin/bash
+echo "[pre-push] Lancement des tests..."
+cd ressources && pytest -q
+EXIT_CODE=$?
+cd ..
+[ $EXIT_CODE -ne 0 ] && echo "❌ Tests échoués — push bloqué" && exit 1
+echo "✅ Tests passés — push autorisé"
+EOF
+chmod +x .git/hooks/pre-push
+echo "✅ Hook pre-push installé"
+
+echo ""
+echo "=== Hooks installés avec succès ==="
+echo "  pre-commit : flake8 + trailing-whitespace + check-yaml"
+echo "  pre-push   : pytest"

From 984a418e5a5dc1e4739f997fb883a329830e8dc4 Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 12:08:49 +0200
Subject: [PATCH 24/25] feat: add dependabot

---
 .github/dependabot.yml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..f5c6552
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,26 @@
+# .github/dependabot.yml — configuration complète commentée
+version: 2
+
+updates:
+  # GitHub Actions : surveille les "uses: action/nom@version" dans les workflows
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"      # "daily" ou "monthly" aussi possible
+    labels:
+      - "dependencies"
+      - "github-actions"
+    commit-message:
+      prefix: "ci"            # les commits Dependabot auront le préfixe "ci:"
+
+  # pip : surveille requirements.txt dans /ressources
+  - package-ecosystem: "pip"
+    directory: "/ressources"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "dependencies"
+      - "python"
+    open-pull-requests-limit: 5
+    commit-message:
+      prefix: "chore"         # les commits auront le préfixe "chore:"

From a081073a445f485b2c6b73d0d766e8b4ccf42ddc Mon Sep 17 00:00:00 2001
From: moha <mohadisai.rebeu@gmail.com>
Date: Thu, 11 Jun 2026 12:20:08 +0200
Subject: [PATCH 25/25] feat: add codeowners

---
 .github/CODEOWNERS | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 .github/CODEOWNERS

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..9edc8c6
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,14 @@
+# Syntaxe : <pattern de fichier>  <@utilisateur ou @org/équipe>
+
+# Par défaut : tout changement requiert une review de ces personnes
+*                          @<ororck>
+
+# Les workflows CI/CD ne peuvent être modifiés que par le lead DevOps
+.github/workflows/         @<ororck>
+
+# Le fichier de dépendances requiert une validation technique
+ressources/requirements.txt  @<ororck>
+
+# Les fichiers de sécurité requièrent une double validation
+.github/dependabot.yml     @<ororck>
+.github/CODEOWNERS         @<ororck>