refactor: replace Ansible deployment with direct SSH commands

- Remove Ansible dependency from deployment workflow
- Use direct SSH commands for Docker operations
- Simplify deployment process:
  * SSH to production server
  * Docker registry login
  * Pull new image
  * Update docker-compose.yml with sed
  * Restart services with docker compose
- Remove Ansible verification step
- Simplify rollback step (only shows manual instructions)
- Works with ubuntu-latest runner (no special image needed)
- Fixes 'ansible: command not found' errors
- Works with act for local testing

.gitea/workflows/production-deploy.yml

@@ -637,19 +637,72 @@ jobs:
           chmod 600 ~/.ssh/production
           ssh-keyscan -H ${{ env.DEPLOYMENT_HOST }} >> ~/.ssh/known_hosts
 
-      - name: Verify Ansible installation
-        run: ansible --version
-
-      - name: Deploy via Ansible
+      - name: Deploy via SSH
         run: |
-          cd /workspace/repo/deployment/ansible
-          ansible-playbook -i inventory/production.yml \
-            playbooks/deploy-update.yml \
-            -e "image_tag=${{ needs.build.outputs.image_tag }}" \
-            -e "git_commit_sha=${{ needs.build.outputs.commit_sha }}" \
-            -e "deployment_timestamp=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \
-            -e "docker_registry_username=${{ secrets.REGISTRY_USER }}" \
-            -e "docker_registry_password=${{ secrets.REGISTRY_PASSWORD }}"
+          set -e
+          
+          DEPLOYMENT_HOST="${{ env.DEPLOYMENT_HOST }}"
+          REGISTRY="${{ env.REGISTRY }}"
+          IMAGE_NAME="${{ env.IMAGE_NAME }}"
+          IMAGE_TAG="${{ needs.build.outputs.image_tag }}"
+          FULL_IMAGE="${REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG}"
+          STACK_PATH="~/deployment/stacks/application"
+          
+          echo "🚀 Starting deployment..."
+          echo "   Image: ${FULL_IMAGE}"
+          echo "   Host: ${DEPLOYMENT_HOST}"
+          echo "   Stack: ${STACK_PATH}"
+          
+          # SSH with proper key and execute deployment commands
+          ssh -i ~/.ssh/production \
+              -o StrictHostKeyChecking=no \
+              -o UserKnownHostsFile=/dev/null \
+              deploy@${DEPLOYMENT_HOST} <<EOF
+            set -e
+            
+            # Change to stack directory
+            cd ${STACK_PATH}
+            
+            # Login to Docker registry
+            echo "🔐 Logging in to Docker registry..."
+            echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${REGISTRY} \
+              -u "${{ secrets.REGISTRY_USER }}" \
+              --password-stdin || echo "⚠️  Registry login failed, continuing..."
+            
+            # Pull new image
+            echo "📥 Pulling image ${FULL_IMAGE}..."
+            docker pull ${FULL_IMAGE} || {
+              echo "❌ Failed to pull image ${FULL_IMAGE}"
+              exit 1
+            }
+            
+            # Update docker-compose.yml with new image tag
+            echo "📝 Updating docker-compose.yml..."
+            # Update all services that use the framework image
+            sed -i "s|image:.*/${IMAGE_NAME}:.*|image: ${FULL_IMAGE}|g" docker-compose.yml
+            sed -i "s|image:.*/${IMAGE_NAME}@.*|image: ${FULL_IMAGE}|g" docker-compose.yml
+            
+            # Verify the update
+            echo "✅ Updated docker-compose.yml:"
+            grep "image:" docker-compose.yml | head -5
+            
+            # Restart services with new image
+            echo "🔄 Restarting services..."
+            docker compose up -d --pull always --force-recreate || {
+              echo "❌ Failed to restart services"
+              exit 1
+            }
+            
+            # Wait a bit for services to start
+            echo "⏳ Waiting for services to start..."
+            sleep 10
+            
+            # Check container status
+            echo "📊 Container status:"
+            docker compose ps
+            
+            echo "✅ Deployment completed!"
+          EOF
 
       - name: Wait for deployment to stabilize
         run: sleep 30
@@ -671,9 +724,12 @@ jobs:
       - name: Rollback on failure
         if: failure() && steps.health.outcome == 'failure'
         run: |
-          cd /workspace/repo/deployment/ansible
-          ansible-playbook -i inventory/production.yml \
-            playbooks/rollback.yml
+          echo "⚠️  Deployment failed - manual rollback may be required"
+          echo "💡 To rollback manually, SSH to the server and run:"
+          echo "   cd ~/deployment/stacks/application"
+          echo "   docker compose down"
+          echo "   git checkout docker-compose.yml  # or restore from backup"
+          echo "   docker compose up -d"
 
       - name: Notify deployment success
         if: success()