fix: auditoria de coerência entre aulas

Bugs corrigidos:
- aula-15: tracing.js fallback OTel endpoint usava service name errado
  (otel-collector vs otel-collector-opentelemetry-collector)
- aula-11/13: manifests k8s com gitea.kube.quest hardcoded → placeholder

Arquivos legado removidos (9):
- aula-10: gitlab-values.yaml, gitlab-registry-storage-secret.yaml,
  object-storage-secret.yaml, registry-storage-secret.yaml
- aula-11: gitlab-runner-values.yaml, node-bugado/.gitlab-ci.yml
- aula-13: 3x .gitlab-ci.yml (substituídos por .gitea/workflows/ci.yml)

CLAUDE.md: comandos rápidos agora incluem aula-14 e aula-15

aula-11/gitlab-runner-values.yaml

@@ -1,148 +0,0 @@
-# =============================================================================
-# GitLab Runner Helm Chart - Executor Kubernetes
-# =============================================================================
-#
-# Configura GitLab Runner para executar jobs como pods no Kubernetes.
-# Suporta Docker-in-Docker para build de imagens.
-#
-# Valores dinâmicos (configurados via --set no setup.sh):
-#   - gitlabUrl
-#   - runnerToken (novo método) ou runnerRegistrationToken (legacy)
-#
-# =============================================================================
-
-# Número máximo de jobs simultâneos
-concurrent: 2
-
-# Intervalo de check por novos jobs (segundos)
-checkInterval: 30
-
-# Intervalo de heartbeat (segundos)
-heartbeatInterval: 30
-
-# =============================================================================
-# CONFIGURAÇÃO DO RUNNER
-# =============================================================================
-runners:
-  # Executor: kubernetes (jobs rodam como pods)
-  executor: kubernetes
-
-  # Privileged mode necessário para Docker-in-Docker
-  privileged: true
-
-  # Namespace onde os jobs serão executados
-  namespace: gitlab
-
-  # Tags para identificar o runner
-  tags: "kubernetes,docker,hetzner"
-
-  # Rodar jobs sem tag também
-  runUntagged: true
-
-  # Proteger branches protegidas
-  protected: false
-
-  # Imagem padrão para jobs
-  image: alpine:latest
-
-  # Helper image (para git clone, artifacts, etc)
-  helper:
-    image: gitlab/gitlab-runner-helper:alpine-latest
-
-  # Configuração TOML adicional
-  config: |
-    [[runners]]
-      [runners.kubernetes]
-        image = "alpine:latest"
-        privileged = true
-
-        # IMPORTANTE: Helper image para ARM64 (Hetzner CAX nodes)
-        # Sem isso, o runner tenta usar x86_64 e falha
-        helper_image = "gitlab/gitlab-runner-helper:arm64-latest"
-
-        # Recursos para pods de job (aumentados para builds Docker)
-        # CAX31 tem 8 vCPU e 16GB - aproveitar para builds rápidos
-        cpu_request = "500m"
-        cpu_limit = "4000m"
-        memory_request = "1Gi"
-        memory_limit = "8Gi"
-
-        # Timeout para pods
-        poll_timeout = 600
-
-        # Pull policy
-        pull_policy = ["if-not-present"]
-
-        # Node selector para usar o build-pool (CAX31)
-        [runners.kubernetes.node_selector]
-          "node-pool" = "build"
-
-        # Toleration para o taint do build-pool
-        [[runners.kubernetes.node_tolerations]]
-          key = "dedicated"
-          operator = "Equal"
-          value = "builds"
-          effect = "NoSchedule"
-
-        # Volume para Docker certs (DinD)
-        [[runners.kubernetes.volumes.empty_dir]]
-          name = "docker-certs"
-          mount_path = "/certs/client"
-          medium = "Memory"
-
-        # Volume para cache de build
-        [[runners.kubernetes.volumes.empty_dir]]
-          name = "build-cache"
-          mount_path = "/cache"
-          medium = ""
-
-# =============================================================================
-# RECURSOS DO RUNNER (manager pod)
-# =============================================================================
-resources:
-  requests:
-    memory: 128Mi
-    cpu: 50m
-  limits:
-    memory: 256Mi
-    cpu: 200m
-
-# =============================================================================
-# RBAC
-# =============================================================================
-rbac:
-  create: true
-  # Permissões para criar pods, secrets, configmaps
-  rules:
-    - apiGroups: [""]
-      resources: ["pods", "pods/exec", "secrets", "configmaps"]
-      verbs: ["get", "list", "watch", "create", "patch", "update", "delete"]
-    - apiGroups: [""]
-      resources: ["pods/attach", "pods/log"]
-      verbs: ["get", "create"]
-
-# =============================================================================
-# SERVICE ACCOUNT
-# =============================================================================
-serviceAccount:
-  create: true
-  name: gitlab-runner
-
-# =============================================================================
-# MÉTRICAS (opcional)
-# =============================================================================
-metrics:
-  enabled: false
-
-# =============================================================================
-# POD SECURITY
-# =============================================================================
-podSecurityContext:
-  runAsNonRoot: true
-  runAsUser: 100
-
-securityContext:
-  allowPrivilegeEscalation: false
-  readOnlyRootFilesystem: false
-  capabilities:
-    drop: ["ALL"]

aula-11/node-bugado/.gitlab-ci.yml

@@ -1,116 +0,0 @@
-# =============================================================================
-# GitLab CI/CD Pipeline - node-bugado
-# =============================================================================
-#
-# Pipeline GitOps:
-#   1. Build: Constrói imagem Docker e faz push para GitLab Registry
-#   2. Deploy: Atualiza manifests no repo GitOps (ArgoCD faz sync)
-#
-# Variáveis necessárias (Settings → CI/CD → Variables):
-#   - GITOPS_REPO: URL do repositório GitOps (ex: git@git.kube.quest:user/gitops-demo.git)
-#   - DEPLOY_KEY: Chave SSH privada para push no repo GitOps
-#
-# =============================================================================
-
-stages:
-  - build
-  - deploy
-
-variables:
-  # Registry do GitLab
-  REGISTRY: ${CI_REGISTRY}
-  IMAGE_NAME: ${CI_REGISTRY_IMAGE}
-  # Para usar registry externo, descomente:
-  # REGISTRY: registry.kube.quest
-  # IMAGE_NAME: ${REGISTRY}/${CI_PROJECT_PATH}
-
-# =============================================================================
-# BUILD - Construir e publicar imagem Docker
-# =============================================================================
-build:
-  stage: build
-  image: docker:24
-  services:
-    - docker:24-dind
-  variables:
-    DOCKER_TLS_CERTDIR: "/certs"
-  before_script:
-    - docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
-  script:
-    - echo "Building ${IMAGE_NAME}:${CI_COMMIT_SHA}"
-    - docker build -t ${IMAGE_NAME}:${CI_COMMIT_SHA} .
-    - docker tag ${IMAGE_NAME}:${CI_COMMIT_SHA} ${IMAGE_NAME}:latest
-    - docker push ${IMAGE_NAME}:${CI_COMMIT_SHA}
-    - docker push ${IMAGE_NAME}:latest
-  only:
-    - main
-    - master
-  tags:
-    - kubernetes
-    - docker
-
-# =============================================================================
-# DEPLOY - Atualizar manifests no repositório GitOps
-# =============================================================================
-deploy:
-  stage: deploy
-  image: alpine:latest
-  before_script:
-    - apk add --no-cache git openssh-client
-    # Configurar SSH para o repo GitOps
-    - mkdir -p ~/.ssh
-    - echo "${DEPLOY_KEY}" | tr -d '\r' > ~/.ssh/id_ed25519
-    - chmod 600 ~/.ssh/id_ed25519
-    - ssh-keyscan -t ed25519 $(echo ${GITOPS_REPO} | sed 's/.*@\([^:]*\).*/\1/') >> ~/.ssh/known_hosts 2>/dev/null || true
-    # Configurar git
-    - git config --global user.email "ci@gitlab.local"
-    - git config --global user.name "GitLab CI"
-  script:
-    - echo "Updating GitOps repo with image ${IMAGE_NAME}:${CI_COMMIT_SHA}"
-    # Clonar repo GitOps
-    - git clone ${GITOPS_REPO} gitops
-    - cd gitops
-    # Atualizar tag da imagem no deployment
-    - |
-      if [ -f apps/node-bugado/deployment.yaml ]; then
-        sed -i "s|image:.*node-bugado.*|image: ${IMAGE_NAME}:${CI_COMMIT_SHA}|g" apps/node-bugado/deployment.yaml
-        git add apps/node-bugado/deployment.yaml
-        git commit -m "Deploy node-bugado ${CI_COMMIT_SHA:0:8}
-
-        Pipeline: ${CI_PIPELINE_URL}
-        Commit: ${CI_COMMIT_SHA}
-        Author: ${CI_COMMIT_AUTHOR}"
-        git push
-        echo "GitOps repo updated successfully"
-      else
-        echo "WARNING: apps/node-bugado/deployment.yaml not found"
-        echo "Please create the GitOps structure first"
-        exit 1
-      fi
-  only:
-    - main
-    - master
-  tags:
-    - kubernetes
-  when: on_success
-  needs:
-    - build
-
-# =============================================================================
-# NOTAS
-# =============================================================================
-#
-# Para configurar as variáveis:
-#
-# 1. GITOPS_REPO:
-#    - Vá em Settings → CI/CD → Variables
-#    - Adicione: GITOPS_REPO = git@git.kube.quest:usuario/gitops-demo.git
-#
-# 2. DEPLOY_KEY:
-#    - Gere uma chave: ssh-keygen -t ed25519 -f deploy-key -N ''
-#    - Adicione a chave PÚBLICA no repo GitOps: Settings → Repository → Deploy Keys
-#    - Marque "Grant write permissions to this key"
-#    - Adicione a chave PRIVADA como variável: DEPLOY_KEY = <conteúdo de deploy-key>
-#    - Marque como "Protected" e "Masked"
-#
-# =============================================================================

aula-11/node-bugado/k8s/deployment.yaml

@@ -27,7 +27,8 @@ spec:
       containers:
         - name: node-bugado
           # IMPORTANTE: Esta linha é atualizada automaticamente pelo Gitea Actions
-          image: gitea.kube.quest/depaula/node-bugado:latest
+          # Substitua GITEA_HOST pelo hostname do seu Gitea (ex: gitea.kube.quest)
+          image: GITEA_HOST_PLACEHOLDER/depaula/node-bugado:latest
           ports:
             - containerPort: 3000
               name: http