7efdddd794
fix: bake Woodpecker OAuth2 + agent secret into Helm values
...
Permanent fix for cluster rebuilds:
- OAuth2 client_id/secret baked into woodpecker/values.yaml
- WOODPECKER_AGENT_SECRET shared between server and agents
- runmefirst.sh uses baked creds if present, creates fresh ones only
if values.yaml still has placeholders
- Agents survive DB wipes since they auth via shared secret
2026-04-21 02:12:58 +00:00
dad9b46fa2
ci: pre-create kargo-controller SA with Helm labels, fix JSON pod annotations, remove --wait from woodpecker helm
2026-04-19 05:28:09 +00:00
00a6485e70
ci: sync esnixi changes - CA download, dockerhub auth, local-path storage, proxy exclusions, pod annotations
2026-04-19 05:14:13 +00:00
dba79b1dae
ci: grant cluster-admin to default SA in woodpecker ns for inttest step pods
2026-04-19 04:52:24 +00:00
b38f4c4766
ci: use .local suffix in NO_PROXY to cover all cluster-internal traffic
2026-04-19 03:03:34 +00:00
9e39d59afa
ci: add woodpecker Kyverno proxy CA policy with NO_PROXY for gRPC
2026-04-19 03:00:06 +00:00
76dd58c1dc
ci: final pipeline fixes - kargo SA workaround, oauth2 flow, timeouts
2026-04-19 02:41:41 +00:00
8bee515bd4
ci: fix runmelast hanging, add proxy CA injection, clean SA/CRD leftovers on redeploy
2026-04-19 02:01:18 +00:00
1607baba90
ci: persist live fixes to pipeline scripts - grpc addr, storage, remove netpol, webhook config
2026-04-18 21:14:51 +00:00
5f6d23888a
ci: fix lint errors across project, update ruff.toml per-file ignores
2026-04-18 21:02:28 +00:00
Celes Renata