railiance-cluster

coulomb/railiance-cluster

Fork 0

Commit Graph

Author	SHA1	Message	Date
Bernd Worsch	7daef079c2	feat(secrets): encrypt gitea Helm values with SOPS (age) Some checks failed railiance-tests / smoke (push) Has been cancelled Details Add .sops.yaml policy targeting *.sops.yaml files using the shared age key from railiance-infra. Migrate helm/gitea-values.yaml to encrypted helm/gitea-values.sops.yaml. Pins all postgresql-ha passwords (postgresql, postgres, repmgr, pgpool, pgpool-admin, sr-check) so helm upgrade never regenerates secrets and breaks the running cluster. Fixes WP-0003 T01. Usage: helm upgrade gitea gitea/gitea -n default -f <(sops -d helm/gitea-values.sops.yaml) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 13:37:22 +00:00

Author

SHA1

Message

Date

Bernd Worsch

7daef079c2

feat(secrets): encrypt gitea Helm values with SOPS (age)

railiance-tests / smoke (push) Has been cancelled

Details

Add .sops.yaml policy targeting *.sops.yaml files using the shared age
key from railiance-infra. Migrate helm/gitea-values.yaml to encrypted
helm/gitea-values.sops.yaml.

Pins all postgresql-ha passwords (postgresql, postgres, repmgr, pgpool,
pgpool-admin, sr-check) so helm upgrade never regenerates secrets and
breaks the running cluster. Fixes WP-0003 T01.

Usage: helm upgrade gitea gitea/gitea -n default -f <(sops -d helm/gitea-values.sops.yaml)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-10 13:37:22 +00:00

1 Commits