Add Forgejo Actions workflows for CI/CD

- Create CI workflow for automated testing on push/PR
- Create deployment workflow with secrets handling
- Use self-hosted runners with existing Node.js installation
- Support YouTube API key and AWS credentials from repository secrets

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

.claude/settings.local.json

@@ -1,9 +1,15 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(find:*)",
-      "Bash(ls:*)"
-    ],
-    "deny": []
-  }
+{
+  "permissions": {
+    "allow": [
+      "Bash(find:*)",
+      "Bash(ls:*)",
+      "Bash(git pull:*)",
+      "Bash(git remote set-url:*)",
+      "Bash(git add:*)",
+      "Bash(git commit:*)",
+      "Bash(mv:*)",
+      "Bash(git checkout:*)"
+    ],
+    "deny": []
+  }
 }

.forgejo/workflows/build-check.yml

@@ -1,66 +1,60 @@
-# Workflow for building and testing Next.js site on non-master branches
-name: Build Check
-
-on:
-  # Runs on pushes to any branch except master
-  push:
-    branches-ignore: ["master"]
-  
-  # Runs on pull requests targeting any branch
-  pull_request:
-    branches: ["*"]
-
-# Allow multiple concurrent build checks
-concurrency:
-  group: "build-check-${{ github.ref }}"
-  cancel-in-progress: true
-
-jobs:
-  build-check:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: "20"
-          cache: 'npm'
-          
-      - name: Install dependencies
-        run: npm ci
-        
-      - name: Restore Next.js cache
-        uses: actions/cache@v4
-        with:
-          path: |
-            .next/cache
-          key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }}
-          restore-keys: |
-            ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-
-            
-      - name: Run linting
-        run: npm run lint
-        
-      - name: Build Next.js site
-        run: npm run build
-        
-      - name: Run tests (if available)
-        run: |
-          if npm run test --if-present; then
-            echo "✅ Tests passed"
-          else
-            echo "ℹ️ No tests found or tests skipped"
-          fi
-        continue-on-error: true
-        
-      - name: Build verification complete
-        run: |
-          echo "🎉 Build verification successful!"
-          echo "✅ Dependencies installed"
-          echo "✅ Linting passed"
-          echo "✅ Build completed successfully"
-          echo "Ready for review and merge!"
+# Workflow for building and testing Next.js site on non-master branches
+name: Build Check
+
+on:
+  # Runs on pushes to any branch except master
+  push:
+    branches-ignore: ["master"]
+  
+  # Runs on pull requests targeting any branch
+  pull_request:
+    branches: ["*"]
+
+# Allow multiple concurrent build checks
+concurrency:
+  group: "build-check-${{ github.ref }}"
+  cancel-in-progress: true
+
+jobs:
+  build-check:
+    runs-on: self-hosted
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: https://code.forgejo.org/actions/checkout@v4
+          
+      - name: Install dependencies
+        run: npm ci
+        
+      - name: Restore Next.js cache
+        uses: https://code.forgejo.org/actions/cache@v4
+        with:
+          path: |
+            .next/cache
+          key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }}
+          restore-keys: |
+            ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-
+            
+      - name: Run linting
+        run: npm run lint
+        
+      - name: Build Next.js site
+        run: npm run build
+        
+      - name: Run tests (if available)
+        run: |
+          if npm run test --if-present; then
+            echo "✅ Tests passed"
+          else
+            echo "ℹ️ No tests found or tests skipped"
+          fi
+        continue-on-error: true
+        
+      - name: Build verification complete
+        run: |
+          echo "🎉 Build verification successful!"
+          echo "✅ Dependencies installed"
+          echo "✅ Linting passed"
+          echo "✅ Build completed successfully"
+          echo "Ready for review and merge!"

.forgejo/workflows/ci.yml

@@ -0,0 +1,37 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, master, feature/* ]
+  pull_request:
+    branches: [ main, master ]
+
+jobs:
+  test:
+    runs-on: self-hosted
+    steps:
+      - name: Checkout code
+        uses: https://codeberg.org/actions/checkout@v4
+        
+      - name: Cache node modules
+        uses: https://codeberg.org/actions/cache@v3
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-node-
+            
+      - name: Install dependencies
+        run: npm ci
+        
+      - name: Run linting
+        run: npm run lint
+        
+      - name: Run type checking
+        run: npm run typecheck
+        
+      - name: Build application
+        run: npm run build
+        env:
+          # Use empty string for YOUTUBE_API_KEY during CI build
+          YOUTUBE_API_KEY: ""

.forgejo/workflows/deploy.yml

@@ -0,0 +1,49 @@
+name: Deploy
+
+on:
+  push:
+    branches: [ main, master ]
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    runs-on: self-hosted
+    steps:
+      - name: Checkout code
+        uses: https://codeberg.org/actions/checkout@v4
+        
+      - name: Cache node modules
+        uses: https://codeberg.org/actions/cache@v3
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-node-
+            
+      - name: Install dependencies
+        run: npm ci
+        
+      - name: Build application
+        run: npm run build
+        env:
+          # Access YouTube API key from repository secrets
+          YOUTUBE_API_KEY: ${{ secrets.YOUTUBE_API_KEY }}
+          
+      - name: Deploy to S3 (if configured)
+        run: |
+          if [ -n "${{ secrets.AWS_ACCESS_KEY_ID }}" ]; then
+            echo "Deploying to S3..."
+            npm run deploy:s3
+          else
+            echo "AWS credentials not configured, skipping S3 deployment"
+          fi
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_REGION: ${{ secrets.AWS_REGION }}
+          
+      - name: Upload build artifacts
+        uses: https://codeberg.org/actions/upload-artifact@v3
+        with:
+          name: build-output
+          path: out/

.forgejo/workflows/nextjs.yml

@@ -16,20 +16,14 @@ concurrency:
 
 jobs:
   build-and-deploy:
-    runs-on: ubuntu-latest
+    runs-on: self-hosted
     permissions:
       id-token: write
       contents: read
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
-        
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: "20"
-          cache: 'npm'
-          
+        uses: https://code.forgejo.org/actions/checkout@v4
+                  
       - name: Create .env.local file
         run: |
           echo "YOUTUBE_API_KEY=${{ secrets.YOUTUBE_API_KEY }}" > .env.local
@@ -39,7 +33,7 @@ jobs:
         run: npm ci
         
       - name: Restore Next.js cache
-        uses: actions/cache@v4
+        uses: https://code.forgejo.org/actions/cache@v4
         with:
           path: |
             .next/cache
@@ -54,12 +48,20 @@ jobs:
         run: npm run build:static
         
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          role-to-assume: ${{ secrets.CC_OIDC_ROLE }}
-          aws-region: us-east-1
+        # Note: aws-actions/configure-aws-credentials is GitHub-specific
+        # For Forgejo, we'll use environment variables directly
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: us-east-1
+        run: |
+          echo "AWS credentials configured via environment variables"
           
       - name: Deploy to S3
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: us-east-1
         run: |
           aws s3 sync out/ s3://${{ secrets.S3_BUCKET_NAME }} --delete --no-cli-pager
           

CLAUDE.md

@@ -21,6 +21,10 @@ npm run start        # Start production server
 # Quality Checks
 npm run lint         # Run Next.js linting
 npm run typecheck    # Run TypeScript type checking
+
+# Deployment
+npm run deploy:s3    # Deploy to AWS S3 bucket
+npm run create-s3-bucket # Create S3 bucket for deployment
 ```
 
 ## Architecture Overview
@@ -29,7 +33,7 @@ npm run typecheck    # Run TypeScript type checking
 - **App Router**: Uses Next.js App Router in `src/app/`
 - **Pages**: Homepage, Gallery (YouTube videos), Dadvocate (curated videos), Long Story
 - **Static Generation**: Pages use static generation with ISR for external data
-- **Deployment**: Supports GitHub Pages, Firebase App Hosting, and Vercel
+- **Deployment**: Supports Static hosting (S3), Firebase App Hosting, and Vercel
 
 ### Key Patterns
 1. **UI Components**: Full shadcn/ui component library in `src/components/ui/`
@@ -43,6 +47,7 @@ npm run typecheck    # Run TypeScript type checking
 - **YouTube API**: Gallery and Dadvocate pages fetch video data with 1-hour cache
 - **AI Integration**: Genkit setup exists but is minimally implemented
 - **Theme**: Dark/light mode support via next-themes
+- **Pre-commit**: Husky runs linting before commits
 
 ### Adding Features
 - New pages: Create directory in `src/app/` with `page.tsx` and metadata export

README.md

@@ -17,7 +17,7 @@ A Next.js application built to expose harmful activities and support Kristen Jac
 - **Language**: TypeScript
 - **UI Components**: shadcn/ui component library
 - **Styling**: Tailwind CSS with custom theming
-- **Hosting**: Supports GitHub Pages, Firebase App Hosting, and Vercel
+- **Hosting**: Supports Static hosting (S3), Firebase App Hosting, and Vercel
 - **AI Integration**: Google Genkit (minimal implementation)
 
 ## 📋 Prerequisites
@@ -30,7 +30,7 @@ A Next.js application built to expose harmful activities and support Kristen Jac
 
 1. Clone the repository:
 ```bash
-git clone https://github.com/yourusername/cheatingchelsea.git
+git clone ssh://gitea@git.deco.sh/signal-works/cheatingchelsea.git
 cd cheatingchelsea
 ```
 
@@ -86,8 +86,8 @@ npm run start
 
 This application supports multiple deployment platforms:
 
-### GitHub Pages
-The project includes GitHub Actions workflow for automatic deployment to GitHub Pages.
+### Static Hosting (AWS S3)
+The project includes CI/CD workflow for automatic deployment to AWS S3.
 
 ### Firebase App Hosting
 Deploy using Firebase CLI:
@@ -96,7 +96,7 @@ firebase deploy
 ```
 
 ### Vercel
-Deploy directly from GitHub repository through Vercel dashboard or CLI.
+Deploy directly from Git repository through Vercel dashboard or CLI.
 
 ## 📁 Project Structure