feat(storage): unified single-bucket architecture with Hetzner S3

- Refactor @manacore/shared-storage to use single `manacore-storage` bucket - Add generateStorageKey() for path structure: {userId}/{appName}/... - Update docker-compose.dev.yml for unified MinIO bucket - Migrate CD workflow to use GitHub Environment Secrets - Update picture and contacts backends to use unified storage - Remove per-app bucket configuration (cleaner architecture) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-05-14 22:41:09 +02:00 · 2025-12-16 01:29:11 +01:00 · 2025-12-16 01:29:11 +01:00 · 78cd59a77a
commit 78cd59a77a
parent d268e8e463
10 changed files with 225 additions and 251 deletions
--- a/.github/workflows/cd-staging.yml
+++ b/.github/workflows/cd-staging.yml
@ -98,29 +98,36 @@ jobs:
          POSTGRES_PORT=5432
          POSTGRES_DB=manacore
          POSTGRES_USER=postgres
-          POSTGRES_PASSWORD=${{ secrets.STAGING_POSTGRES_PASSWORD }}
+          POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}

          # Redis - Configuration
          REDIS_HOST=redis
          REDIS_PORT=6379
-          REDIS_PASSWORD=${{ secrets.STAGING_REDIS_PASSWORD }}
+          REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}

          # Mana Core Auth - Configuration
          MANA_SERVICE_URL=http://mana-core-auth:3001
-          JWT_SECRET=${{ secrets.STAGING_JWT_SECRET }}
-          JWT_PUBLIC_KEY=${{ secrets.STAGING_JWT_PUBLIC_KEY }}
-          JWT_PRIVATE_KEY=${{ secrets.STAGING_JWT_PRIVATE_KEY }}
+          JWT_SECRET=${{ secrets.JWT_SECRET }}
+          JWT_PUBLIC_KEY=${{ secrets.JWT_PUBLIC_KEY }}
+          JWT_PRIVATE_KEY=${{ secrets.JWT_PRIVATE_KEY }}

          # Supabase
-          SUPABASE_URL=${{ secrets.STAGING_SUPABASE_URL }}
-          SUPABASE_ANON_KEY=${{ secrets.STAGING_SUPABASE_ANON_KEY }}
-          SUPABASE_SERVICE_ROLE_KEY=${{ secrets.STAGING_SUPABASE_SERVICE_ROLE_KEY }}
+          SUPABASE_URL=${{ secrets.SUPABASE_URL }}
+          SUPABASE_ANON_KEY=${{ secrets.SUPABASE_ANON_KEY }}
+          SUPABASE_SERVICE_ROLE_KEY=${{ secrets.SUPABASE_SERVICE_ROLE_KEY }}

          # Azure OpenAI
-          AZURE_OPENAI_ENDPOINT=${{ secrets.STAGING_AZURE_OPENAI_ENDPOINT }}
-          AZURE_OPENAI_API_KEY=${{ secrets.STAGING_AZURE_OPENAI_API_KEY }}
+          AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }}
+          AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }}
          AZURE_OPENAI_API_VERSION=2024-12-01-preview

+          # Hetzner Object Storage (S3-compatible)
+          S3_ENDPOINT=${{ secrets.S3_ENDPOINT }}
+          S3_REGION=${{ secrets.S3_REGION }}
+          S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }}
+          S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }}
+          MANACORE_STORAGE_PUBLIC_URL=${{ secrets.MANACORE_STORAGE_PUBLIC_URL }}
+
          # Environment
          NODE_ENV=staging
          EOF