colin
/
ploughshares
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Simplify configuration to use direct password instead of secrets
ci/woodpecker/push/woodpecker Pipeline was successful Details

This commit is contained in:
colin 2025-07-03 12:44:06 -04:00
parent 1491667307
commit 149f651df0
2 changed files with 3 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.woodpecker.yml
View File

@ -45,8 +45,6 @@ steps:
from_secret: REGISTRY_USER
REGISTRY_PASSWORD:
from_secret: REGISTRY_PASSWORD
DB_PASSWORD:
from_secret: DB_PASSWORD
volumes:
- /var/run/docker.sock:/var/run/docker.sock
commands:
@ -55,8 +53,7 @@ steps:
- HOSTNAME=$(docker info --format "{{.Name}}")
- echo "Deploying on $HOSTNAME"
- echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us
# Create required secret for database password
- echo "$${DB_PASSWORD}" | docker secret create db_password - || echo "Secret db_password already exists"
# No need to create secrets, using direct environment variables
- docker stack deploy --with-registry-auth -c stack.production.yml ploughshares
when:
branch: main

12
stack.production.yml
View File

@ -28,14 +28,12 @@ services:
- POSTGRES_PORT=5432
- POSTGRES_DB=ploughshares
- POSTGRES_USER=ploughshares
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
- POSTGRES_PASSWORD=ploughshares_password
networks:
- traefik
- ploughshares-internal
volumes:
- ploughshares_uploads:/app/uploads
secrets:
- db_password
depends_on:
- ploughshares-db
@ -49,13 +47,11 @@ services:
environment:
- POSTGRES_DB=ploughshares
- POSTGRES_USER=ploughshares
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
- POSTGRES_PASSWORD=ploughshares_password
networks:
- ploughshares-internal
volumes:
- ploughshares_db_data:/var/lib/postgresql/data
secrets:
- db_password
volumes:
ploughshares_db_data:
@ -63,7 +59,3 @@ volumes:
ploughshares_uploads:
driver: local
secrets:
db_password:
external: true