admin/stonks-oracle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: bake Woodpecker OAuth2 + agent secret into Helm values

Browse Source 
Permanent fix for cluster rebuilds:
- OAuth2 client_id/secret baked into woodpecker/values.yaml
- WOODPECKER_AGENT_SECRET shared between server and agents
- runmefirst.sh uses baked creds if present, creates fresh ones only
  if values.yaml still has placeholders
- Agents survive DB wipes since they auth via shared secret
This commit is contained in:
Celes Renata
2026-04-21 02:12:58 +00:00
parent 26e20484c8
commit 7efdddd794
2 changed files with 33 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pipelines/woodpecker/values.yaml
+4 -2
View File
@@ -14,8 +14,9 @@ server:
WOODPECKER_GRPC_ADDR: "0.0.0.0:9000"
WOODPECKER_GITEA: "true"
WOODPECKER_GITEA_URL: "http://gitea-service.git-server.svc.cluster.local:3000"
WOODPECKER_GITEA_CLIENT: "<GITEA_CLIENT_ID>"
WOODPECKER_GITEA_SECRET: "<GITEA_CLIENT_SECRET>"
WOODPECKER_GITEA_CLIENT: "8fb7fc0f-98f6-42b5-b066-6cc4d745de4f"
WOODPECKER_GITEA_SECRET: "gto_izanujbxlcxzc23znan56m3uie6s4ta2lgvro2yhgmuwvw3vutkq"
WOODPECKER_AGENT_SECRET: "01eede973f522dbea9c1f09afc020ed0934a6f946d5832be5fecacb0da04ce23"
WOODPECKER_ADMIN: "admin"
WOODPECKER_PLUGINS_PRIVILEGED: "woodpeckerci/plugin-docker-buildx"
@@ -55,6 +56,7 @@ agent:
env:
WOODPECKER_SERVER: "woodpecker-server:9000"
WOODPECKER_AGENT_SECRET: "01eede973f522dbea9c1f09afc020ed0934a6f946d5832be5fecacb0da04ce23"
WOODPECKER_BACKEND: kubernetes
WOODPECKER_BACKEND_K8S_NAMESPACE: woodpecker
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 5Gi