viktor/wrongmove
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wrongmove/.woodpecker
History
Viktor Barzin 25458fd2a2 wrongmove: bake VITE_MAPBOX_TOKEN into the frontend build 
Adds a build-arg path so the Mapbox public token is injected at
`vite build` time instead of being hardcoded in the bundle:

- `frontend/Dockerfile` declares `ARG VITE_MAPBOX_TOKEN` in the
  builder stage and re-exports it via `ENV` so Vite picks it up.
- `.woodpecker/frontend.yml` maps the global `wrongmove-mapbox-token`
  Woodpecker secret into a step-level `VITE_MAPBOX_TOKEN` env var,
  then forwards it via `build_args_from_env`.

Token is a domain-restricted `pk.*` public token (Mapbox), so bundle
exposure is the intended threat model. Vault-stored at
`secret/ci/global/wrongmove-mapbox-token`; synced to Woodpecker by
the existing vault-woodpecker-sync CronJob every 6h.

Replaces the post-Fix-4 "Map unavailable — set VITE_MAPBOX_TOKEN"
banner with a working basemap.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-15 21:42:40 +00:00
..
api.yml fix: increase install-api-deps memory to 1Gi for CI 2026-03-15 23:47:30 +00:00
frontend.yml wrongmove: bake VITE_MAPBOX_TOKEN into the frontend build 2026-05-15 21:42:40 +00:00