MyElectricalData
diff --git a/‎.claude/rules/encryption.md‎
Lines changed: 9 additions & 9 deletions b/‎.claude/rules/encryption.md‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎.claude/rules/enedis.md‎
Lines changed: 1 addition & 1 deletion b/‎.claude/rules/enedis.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.env.local.example‎
Lines changed: 3 additions & 3 deletions b/‎.env.local.example‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/helm-ci.yml‎
Lines changed: 85 additions & 0 deletions b/‎.github/workflows/helm-ci.yml‎
Lines changed: 85 additions & 0 deletions
diff --git a/‎.github/workflows/helm-release.yml‎
Lines changed: 131 additions & 39 deletions b/‎.github/workflows/helm-release.yml‎
Lines changed: 131 additions & 39 deletions
@@ -28,7 +28,7 @@ MyElectricalData implémente un système de chiffrement **GDPR-compliant** pour
 │      │                                                      │
 │      ▼                                                      │
 │  ┌─────────────────────────────────────┐                    │
-│  │  Redis (données chiffrées)          │                    │
+│  │  Valkey (données chiffrées)         │                    │
 │  │                                     │                    │
 │  │  consumption:daily:{pdl}:{date}     │                    │
 │  │  production:daily:{pdl}:{date}      │                    │
@@ -115,7 +115,7 @@ async def set(
     encryption_key: str,
     ttl: int | None = None
 ) -> bool:
-    """Store encrypted data in Redis"""
+    """Store encrypted data in Valkey"""
     try:
         # 1. Sérialise en JSON
         json_data = json.dumps(value)
@@ -124,7 +124,7 @@ async def set(
         cipher = self._get_cipher(encryption_key)
         encrypted_data = cipher.encrypt(json_data.encode())
 
-        # 3. Stocke dans Redis avec TTL
+        # 3. Stocke dans Valkey avec TTL
         await self.redis.setex(
             key,
             ttl or self.default_ttl,
@@ -140,7 +140,7 @@ async def set(
 
 ```python
 async def get(self, key: str, encryption_key: str) -> Any | None:
-    """Retrieve and decrypt data from Redis"""
+    """Retrieve and decrypt data from Valkey"""
     try:
         # 1. Récupère les bytes chiffrés
         encrypted_data = await self.redis.get(key)
@@ -282,9 +282,9 @@ Le `client_secret` est stocké en clair dans la base de données car :
 
 ## Scénarios de sécurité
 
-### Redis compromis
+### Valkey compromis
 
-Si un attaquant accède à Redis :
+Si un attaquant accède à Valkey :
 
 - ✅ Il ne voit que des bytes chiffrés
 - ✅ Sans le `client_secret`, déchiffrement impossible
@@ -295,7 +295,7 @@ Si un attaquant accède à Redis :
 Si un attaquant accède à PostgreSQL/SQLite :
 
 - ⚠️ Il peut lire les `client_secret`
-- ⚠️ Il pourrait déchiffrer les caches Redis
+- ⚠️ Il pourrait déchiffrer les caches Valkey
 - 🔒 **Mitigation** : Chiffrer la base de données au niveau disque
 
 ### Rotation des clés
@@ -313,7 +313,7 @@ Actuellement, le `client_secret` ne change jamais après la création du compte.
 ### Variables d'environnement
 
 ```bash
-# Redis connection
+# Valkey connection (protocole Redis compatible)
 REDIS_URL=redis://localhost:6379/0
 
 # Cache TTL (default: 24 hours)
@@ -351,7 +351,7 @@ async def get(self, key: str, encryption_key: str) -> Any | None:
 | ------------------ | ------------------------------------------------- |
 | `get()` échoue     | Retourne `None`, données récupérées depuis Enedis |
 | `set()` échoue     | Retourne `False`, données non cachées             |
-| Redis indisponible | Application continue, performances dégradées      |
+| Valkey indisponible | Application continue, performances dégradées      |
 | Clé invalide       | Déchiffrement échoue silencieusement              |
 
 ---
 
@@ -43,4 +43,4 @@ Energie (Wh) = Puissance (W) / (60 / interval_minutes)
 | --------------------------------- | ------------------------------ |
 | `apps/api/src/adapters/enedis.py` | Wrapper API avec rate limiting |
 | `apps/api/src/routers/enedis.py`  | Endpoints FastAPI              |
-| `apps/api/src/services/cache.py`  | Cache chiffre Redis            |
+| `apps/api/src/services/cache.py`  | Cache chiffre Valkey           |
@@ -2,12 +2,12 @@
 # Copier ce fichier vers .env.local et ajuster selon votre environnement
 
 # =============================================================================
-# Redis - Cache partagé entre les branches
+# Valkey - Cache partagé entre les branches (Redis-compatible)
 # =============================================================================
-# Option 1: Redis local (Docker ou natif)
+# Option 1: Valkey local (Docker ou natif)
 REDIS_URL=redis://localhost:6379/0
 
-# Option 2: Redis Docker sur le réseau host
+# Option 2: Valkey Docker sur le réseau host
 # REDIS_URL=redis://host.docker.internal:6379/0
 
 # =============================================================================
 
@@ -0,0 +1,85 @@
+name: Helm CI
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+      - 'feature/**'
+    paths:
+      - 'helm/**'
+  pull_request:
+    paths:
+      - 'helm/**'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  CHART_PATH: helm/myelectricaldata
+
+jobs:
+  validate:
+    name: Validate Chart
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install Helm
+        uses: azure/setup-helm@v4
+        with:
+          version: 'v3.14.0'
+
+      - name: Update dependencies
+        run: helm dependency update ${{ env.CHART_PATH }}
+
+      - name: Lint chart
+        run: helm lint ${{ env.CHART_PATH }}
+
+      - name: Template chart (default values)
+        run: |
+          helm template myelectricaldata ${{ env.CHART_PATH }} \
+            --debug \
+            > /dev/null
+          echo "✅ Template with default values succeeded"
+
+      - name: Template chart (example values)
+        if: hashFiles('helm/values-dev.yaml') != ''
+        run: |
+          helm template myelectricaldata ${{ env.CHART_PATH }} \
+            -f helm/values-dev.yaml \
+            --debug \
+            > /dev/null
+          echo "✅ Template with dev values succeeded"
+
+      - name: Validate Chart.yaml
+        run: |
+          # Check required fields
+          if ! grep -q "^version:" ${{ env.CHART_PATH }}/Chart.yaml; then
+            echo "❌ Missing version in Chart.yaml"
+            exit 1
+          fi
+          if ! grep -q "^appVersion:" ${{ env.CHART_PATH }}/Chart.yaml; then
+            echo "❌ Missing appVersion in Chart.yaml"
+            exit 1
+          fi
+          echo "✅ Chart.yaml validation passed"
+
+      - name: Summary
+        run: |
+          VERSION=$(grep '^version:' ${{ env.CHART_PATH }}/Chart.yaml | awk '{print $2}')
+          APP_VERSION=$(grep '^appVersion:' ${{ env.CHART_PATH }}/Chart.yaml | awk '{print $2}' | tr -d '"')
+
+          echo "## Helm Chart Validation ✅" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY
+          echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY
+          echo "| Chart Version | \`$VERSION\` |" >> $GITHUB_STEP_SUMMARY
+          echo "| App Version | \`$APP_VERSION\` |" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Checks Passed" >> $GITHUB_STEP_SUMMARY
+          echo "- ✅ Helm lint" >> $GITHUB_STEP_SUMMARY
+          echo "- ✅ Helm template (default)" >> $GITHUB_STEP_SUMMARY
+          echo "- ✅ Chart.yaml validation" >> $GITHUB_STEP_SUMMARY
@@ -2,36 +2,136 @@ name: Release Helm Chart
 
 on:
   push:
-    tags:
-      - 'helm-v*'  # Déclenché par les tags comme helm-v0.1.0
+    branches:
+      - main
+      - develop
     paths:
       - 'helm/myelectricaldata/**'
-  workflow_dispatch:  # Permet le déclenchement manuel
-    inputs:
-      version:
-        description: 'Version du chart (ex: 0.1.0)'
-        required: false
-        default: ''
-
-# Annule les builds en cours sur la même branche
+  workflow_dispatch:
+
+# Prevent concurrent releases
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
+  group: helm-release-${{ github.ref }}
+  cancel-in-progress: false
 
 env:
   REGISTRY: ghcr.io
   CHART_PATH: helm/myelectricaldata
 
 jobs:
+  # ===========================================
+  # STEP 1: Validate Chart
+  # ===========================================
+  validate:
+    name: Validate Chart
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install Helm
+        uses: azure/setup-helm@v4
+        with:
+          version: 'v3.14.0'
+
+      - name: Update dependencies
+        run: helm dependency update ${{ env.CHART_PATH }}
+
+      - name: Lint chart
+        run: helm lint ${{ env.CHART_PATH }}
+
+      - name: Template chart
+        run: helm template myelectricaldata ${{ env.CHART_PATH }} --debug > /dev/null
+
+  # ===========================================
+  # STEP 2: Semantic Release for Helm Chart
+  # ===========================================
   release:
+    name: Semantic Release
+    needs: validate
     runs-on: ubuntu-latest
     permissions:
-      contents: read
+      contents: write
+      issues: write
+      pull-requests: write
       packages: write
+    outputs:
+      new_release_published: ${{ steps.semantic.outputs.new_release_published }}
+      new_release_version: ${{ steps.semantic.outputs.new_release_version }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+
+      - name: Use Helm release config
+        run: |
+          # Backup original releaserc if exists
+          if [ -f .releaserc.yaml ]; then
+            mv .releaserc.yaml .releaserc.yaml.bak
+          fi
+          # Use helm-specific config
+          cp .releaserc-helm.yaml .releaserc.yaml
+
+      - name: Semantic Release
+        id: semantic
+        uses: cycjimmy/semantic-release-action@v4
+        with:
+          extra_plugins: |
+            @semantic-release/changelog@6.0.3
+            @semantic-release/git@10.0.1
+            semantic-release-replace-plugin@1.2.7
+            conventional-changelog-conventionalcommits@8.0.0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Restore original config
+        if: always()
+        run: |
+          # Restore original releaserc
+          if [ -f .releaserc.yaml.bak ]; then
+            mv .releaserc.yaml.bak .releaserc.yaml
+          else
+            rm -f .releaserc.yaml
+          fi
 
+      - name: Release info
+        if: steps.semantic.outputs.new_release_published == 'true'
+        run: |
+          echo "## Helm Chart Release 🎉" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Version:** \`${{ steps.semantic.outputs.new_release_version }}\`" >> $GITHUB_STEP_SUMMARY
+          echo "**Tag:** \`helm/${{ steps.semantic.outputs.new_release_version }}\`" >> $GITHUB_STEP_SUMMARY
+          echo "**Branch:** \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
+
+  # ===========================================
+  # STEP 3: Package and Push to GHCR
+  # ===========================================
+  publish:
+    name: Publish to GHCR
+    needs: release
+    if: needs.release.outputs.new_release_published == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
     steps:
-      - name: Checkout repository
+      - name: Checkout
         uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref }}
+          # Fetch latest to get the version bump commit
+          fetch-depth: 1
+
+      - name: Pull latest changes
+        run: git pull origin ${{ github.ref_name }}
 
       - name: Set lowercase owner
         id: repo
@@ -47,34 +147,16 @@ jobs:
         run: |
           echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ${{ env.REGISTRY }} -u ${{ github.actor }} --password-stdin
 
+      - name: Update Helm dependencies
+        run: helm dependency update ${{ env.CHART_PATH }}
+
       - name: Get chart version
         id: chart_version
         run: |
-          if [ -n "${{ github.event.inputs.version }}" ]; then
-            VERSION="${{ github.event.inputs.version }}"
-          elif [[ "${{ github.ref }}" == refs/tags/helm-v* ]]; then
-            VERSION="${{ github.ref_name }}"
-            VERSION="${VERSION#helm-v}"
-          else
-            VERSION=$(grep '^version:' ${{ env.CHART_PATH }}/Chart.yaml | awk '{print $2}')
-          fi
+          VERSION=$(grep '^version:' ${{ env.CHART_PATH }}/Chart.yaml | awk '{print $2}')
           echo "version=$VERSION" >> $GITHUB_OUTPUT
           echo "Chart version: $VERSION"
 
-      - name: Update chart version
-        run: |
-          sed -i "s/^version:.*/version: ${{ steps.chart_version.outputs.version }}/" ${{ env.CHART_PATH }}/Chart.yaml
-          sed -i "s/^appVersion:.*/appVersion: \"${{ steps.chart_version.outputs.version }}\"/" ${{ env.CHART_PATH }}/Chart.yaml
-          cat ${{ env.CHART_PATH }}/Chart.yaml
-
-      - name: Update Helm dependencies
-        run: |
-          helm dependency update ${{ env.CHART_PATH }}
-
-      - name: Lint Helm chart
-        run: |
-          helm lint ${{ env.CHART_PATH }}
-
       - name: Package Helm chart
         run: |
           helm package ${{ env.CHART_PATH }} --destination ./packages
@@ -87,13 +169,23 @@ jobs:
 
       - name: Summary
         run: |
-          echo "## Helm Chart Published" >> $GITHUB_STEP_SUMMARY
+          VERSION="${{ steps.chart_version.outputs.version }}"
+
+          if [[ "$VERSION" == *"-dev."* ]]; then
+            RELEASE_TYPE="🧪 Development"
+          else
+            RELEASE_TYPE="🚀 Production"
+          fi
+
+          echo "## Helm Chart Published 📦" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Release Type:** $RELEASE_TYPE" >> $GITHUB_STEP_SUMMARY
           echo "**Chart:** myelectricaldata" >> $GITHUB_STEP_SUMMARY
-          echo "**Version:** ${{ steps.chart_version.outputs.version }}" >> $GITHUB_STEP_SUMMARY
+          echo "**Version:** \`$VERSION\`" >> $GITHUB_STEP_SUMMARY
+          echo "**Tag:** \`helm/$VERSION\`" >> $GITHUB_STEP_SUMMARY
           echo "**Registry:** oci://${{ env.REGISTRY }}/${{ steps.repo.outputs.owner }}/charts" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
           echo "### Installation" >> $GITHUB_STEP_SUMMARY
           echo "\`\`\`bash" >> $GITHUB_STEP_SUMMARY
-          echo "helm install myelectricaldata oci://${{ env.REGISTRY }}/${{ steps.repo.outputs.owner }}/charts/myelectricaldata --version ${{ steps.chart_version.outputs.version }}" >> $GITHUB_STEP_SUMMARY
+          echo "helm install myelectricaldata oci://${{ env.REGISTRY }}/${{ steps.repo.outputs.owner }}/charts/myelectricaldata --version $VERSION" >> $GITHUB_STEP_SUMMARY
           echo "\`\`\`" >> $GITHUB_STEP_SUMMARY