From 603f5e3d03a57731110b0eab0710c8059fd5f9e8 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Wed, 4 Jun 2025 16:34:09 -0400
Subject: [PATCH] Add all Authelia secrets to Woodpecker CI pipeline

---
 .woodpecker.yml | 92 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 92 insertions(+)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 1b53d12..77e32fe 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -23,6 +23,29 @@ steps:
         from_secret: DOCKER_REGISTRY_USER
       DOCKER_REGISTRY_PASSWORD:
         from_secret: DOCKER_REGISTRY_PASSWORD
+      # Authelia Core Secrets
+      AUTHENTICATION_BACKEND_LDAP_PASSWORD:
+        from_secret: AUTHENTICATION_BACKEND_LDAP_PASSWORD
+      IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
+        from_secret: IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
+      STORAGE_ENCRYPTION_KEY:
+        from_secret: STORAGE_ENCRYPTION_KEY
+      SESSION_SECRET:
+        from_secret: SESSION_SECRET
+      NOTIFIER_SMTP_PASSWORD:
+        from_secret: NOTIFIER_SMTP_PASSWORD
+      # OIDC Secrets
+      IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
+        from_secret: IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
+      IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
+      IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
+      # Client Secrets
+      CLIENT_SECRET_HEADSCALE:
+        from_secret: CLIENT_SECRET_HEADSCALE
+      CLIENT_SECRET_HEADADMIN:
+        from_secret: CLIENT_SECRET_HEADADMIN
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
@@ -45,6 +68,29 @@ steps:
         from_secret: REGISTRY_USER
       REGISTRY_PASSWORD:
         from_secret: REGISTRY_PASSWORD
+      # Authelia Core Secrets
+      AUTHENTICATION_BACKEND_LDAP_PASSWORD:
+        from_secret: AUTHENTICATION_BACKEND_LDAP_PASSWORD
+      IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
+        from_secret: IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
+      STORAGE_ENCRYPTION_KEY:
+        from_secret: STORAGE_ENCRYPTION_KEY
+      SESSION_SECRET:
+        from_secret: SESSION_SECRET
+      NOTIFIER_SMTP_PASSWORD:
+        from_secret: NOTIFIER_SMTP_PASSWORD
+      # OIDC Secrets
+      IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
+        from_secret: IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
+      IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
+      IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
+      # Client Secrets
+      CLIENT_SECRET_HEADSCALE:
+        from_secret: CLIENT_SECRET_HEADSCALE
+      CLIENT_SECRET_HEADADMIN:
+        from_secret: CLIENT_SECRET_HEADADMIN
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
@@ -88,6 +134,29 @@ steps:
         from_secret: DOCKER_REGISTRY_USER
       DOCKER_REGISTRY_PASSWORD:
         from_secret: DOCKER_REGISTRY_PASSWORD
+      # Authelia Core Secrets
+      AUTHENTICATION_BACKEND_LDAP_PASSWORD:
+        from_secret: AUTHENTICATION_BACKEND_LDAP_PASSWORD
+      IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
+        from_secret: IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
+      STORAGE_ENCRYPTION_KEY:
+        from_secret: STORAGE_ENCRYPTION_KEY
+      SESSION_SECRET:
+        from_secret: SESSION_SECRET
+      NOTIFIER_SMTP_PASSWORD:
+        from_secret: NOTIFIER_SMTP_PASSWORD
+      # OIDC Secrets
+      IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
+        from_secret: IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
+      IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
+      IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
+      # Client Secrets
+      CLIENT_SECRET_HEADSCALE:
+        from_secret: CLIENT_SECRET_HEADSCALE
+      CLIENT_SECRET_HEADADMIN:
+        from_secret: CLIENT_SECRET_HEADADMIN
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
@@ -110,6 +179,29 @@ steps:
         from_secret: REGISTRY_USER
       REGISTRY_PASSWORD:
         from_secret: REGISTRY_PASSWORD
+      # Authelia Core Secrets
+      AUTHENTICATION_BACKEND_LDAP_PASSWORD:
+        from_secret: AUTHENTICATION_BACKEND_LDAP_PASSWORD
+      IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
+        from_secret: IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
+      STORAGE_ENCRYPTION_KEY:
+        from_secret: STORAGE_ENCRYPTION_KEY
+      SESSION_SECRET:
+        from_secret: SESSION_SECRET
+      NOTIFIER_SMTP_PASSWORD:
+        from_secret: NOTIFIER_SMTP_PASSWORD
+      # OIDC Secrets
+      IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
+        from_secret: IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
+      IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
+      IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
+        from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
+      # Client Secrets
+      CLIENT_SECRET_HEADSCALE:
+        from_secret: CLIENT_SECRET_HEADSCALE
+      CLIENT_SECRET_HEADADMIN:
+        from_secret: CLIENT_SECRET_HEADADMIN
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands: