From a01930a6a6c4b3903e4775491c361b839abff6a5 Mon Sep 17 00:00:00 2001 From: colin Date: Wed, 11 Jun 2025 16:18:23 -0400 Subject: [PATCH] Fix CI deployment script to remove OIDC secrets from required variables - Remove IDENTITY_PROVIDERS_OIDC_* and CLIENT_SECRET_* from required env vars - Remove them from secrets management list - This fixes deployment script failure when OIDC is disabled --- scripts/ci-deploy-production.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ci-deploy-production.sh b/scripts/ci-deploy-production.sh index 27d9c71..0e87e1c 100755 --- a/scripts/ci-deploy-production.sh +++ b/scripts/ci-deploy-production.sh @@ -122,8 +122,8 @@ pre_flight_checks() { exit 1 fi - # Verify required environment variables - REQUIRED_VARS="REGISTRY_USER REGISTRY_PASSWORD CI_REPO_NAME AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD IDENTITY_PROVIDERS_OIDC_HMAC_SECRET IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY IDENTITY_PROVIDERS_OIDC_JWKS_KEY CLIENT_SECRET_HEADSCALE CLIENT_SECRET_HEADADMIN" + # Verify required environment variables (OIDC secrets temporarily disabled) + REQUIRED_VARS="REGISTRY_USER REGISTRY_PASSWORD CI_REPO_NAME AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD" for var in $REQUIRED_VARS; do eval "var_value=\$$var" @@ -298,8 +298,8 @@ wait_for_stack_removal() { manage_secrets() { log "Managing Docker secrets" - # List of secrets (space-separated instead of array) - SECRETS="AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD IDENTITY_PROVIDERS_OIDC_HMAC_SECRET IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY IDENTITY_PROVIDERS_OIDC_JWKS_KEY CLIENT_SECRET_HEADSCALE CLIENT_SECRET_HEADADMIN" + # List of secrets (OIDC secrets temporarily disabled) + SECRETS="AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD" # Remove old secrets log "Removing old Docker secrets"