Fix CI deployment script to remove OIDC secrets from required variables - Remove IDENTITY_PROVIDERS_OIDC_* and CLIENT_SECRET_* from required env vars - Remove them from secrets management list - This fixes deployment script failure when OIDC is disabled

scripts/ci-deploy-production.sh

@@ -122,8 +122,8 @@ pre_flight_checks() {
         exit 1
     fi
     
-    # Verify required environment variables
+    # Verify required environment variables (OIDC secrets temporarily disabled)
-    REQUIRED_VARS="REGISTRY_USER REGISTRY_PASSWORD CI_REPO_NAME AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD IDENTITY_PROVIDERS_OIDC_HMAC_SECRET IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY IDENTITY_PROVIDERS_OIDC_JWKS_KEY CLIENT_SECRET_HEADSCALE CLIENT_SECRET_HEADADMIN"
+    REQUIRED_VARS="REGISTRY_USER REGISTRY_PASSWORD CI_REPO_NAME AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD"
     
     for var in $REQUIRED_VARS; do
         eval "var_value=\$$var"
@@ -298,8 +298,8 @@ wait_for_stack_removal() {
 manage_secrets() {
     log "Managing Docker secrets"
     
-    # List of secrets (space-separated instead of array)
+    # List of secrets (OIDC secrets temporarily disabled)
-    SECRETS="AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD IDENTITY_PROVIDERS_OIDC_HMAC_SECRET IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY IDENTITY_PROVIDERS_OIDC_JWKS_KEY CLIENT_SECRET_HEADSCALE CLIENT_SECRET_HEADADMIN"
+    SECRETS="AUTHENTICATION_BACKEND_LDAP_PASSWORD IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET STORAGE_ENCRYPTION_KEY SESSION_SECRET NOTIFIER_SMTP_PASSWORD"
     
     # Remove old secrets
     log "Removing old Docker secrets"