infra

Viktor Barzin f82ece8d1f add Vault→Woodpecker secret sync CronJob (Part E) Syncs secrets from Vault KV at secret/ci/global to Woodpecker global secrets via REST API every 6 hours. Authenticates via K8s SA JWT (woodpecker-sync role). New repos just add secrets to Vault and use from_secret: in pipeline files. Also removes k8s-dashboard static admin token — use vault write kubernetes/creds/dashboard-admin instead.		2026-03-18 08:04:02 +00:00
..
main.tf	add Vault→Woodpecker secret sync CronJob (Part E)	2026-03-18 08:04:02 +00:00
secrets	[ci skip] Add Woodpecker CI stack (WIP) and claude agents	2026-02-22 21:30:25 +00:00
terragrunt.hcl	migrate all secrets from SOPS to Vault KV	2026-03-18 08:03:59 +00:00
tiers.tf	[ci skip] Phase 1: PostgreSQL migrated to CNPG on local disk	2026-02-28 19:08:06 +00:00
values.yaml	migrate consuming stacks to ESO + remove k8s-dashboard static token	2026-03-18 08:04:02 +00:00