From 12680f93cd689ab88ae05b5213dcd944d2b97267 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Mon, 8 Jun 2026 16:17:00 +1000 Subject: [PATCH] feat: replace webhook secrets policy with woodpecker token policy Webhook URLs are now managed by the Woodpecker terraform provider instead of being stored in Vault. Add read policy for the Woodpecker API token at kv/data/service/woodpecker/tokens/terraform-git. --- .../webhook.yaml => woodpecker/tokens/terraform-git.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename policies/kv/service/{gitea/webhook.yaml => woodpecker/tokens/terraform-git.yaml} (67%) diff --git a/policies/kv/service/gitea/webhook.yaml b/policies/kv/service/woodpecker/tokens/terraform-git.yaml similarity index 67% rename from policies/kv/service/gitea/webhook.yaml rename to policies/kv/service/woodpecker/tokens/terraform-git.yaml index b6ea85a..372f7f9 100644 --- a/policies/kv/service/gitea/webhook.yaml +++ b/policies/kv/service/woodpecker/tokens/terraform-git.yaml @@ -1,6 +1,6 @@ --- rules: - - path: "kv/data/service/gitea/webhook/*" + - path: "kv/data/service/woodpecker/tokens/terraform-git" capabilities: - read