fix ci, 5

.woodpecker.yml

@@ -2,8 +2,7 @@ steps:
   build:
     image: plugins/kaniko
     settings:
-      repo:
+      repo: gitea.hottis.de/wn/udi
-        from_secret: image_name
       registry: 
         from_secret: container_registry
       tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG}
@@ -20,6 +19,10 @@ steps:
     secrets:
       - source: kube_config
         target: KUBE_CONFIG_CONTENT
+      - source: encryption_key
+        target: ENCRYPTION_KEY
+      - source: secrets_checksum
+        target: MD5_CHECKSUM
     commands:
       - export IMAGE_TAG=$CI_COMMIT_TAG
       - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig

deployment/decrypt-secrets.sh

@@ -11,7 +11,7 @@ if [ "$MD5_CHECKSUM" = "" ]; then
 fi
 
 SECRETS_CIPHERTEXT_FILE=secrets.enc
-SECRETS_PLAINTEXT_FILE=secrets
+SECRETS_PLAINTEXT_FILE=/tmp/secrets
 TMP_FILE=`mktemp`
 POD_NAME_SUFFIX=`date +%s`
 
@@ -37,6 +37,7 @@ if [ "$MD5_CHECKSUM" != "$CALCULATED_CHECKSUM" ]; then
   exit 1
 fi
 
+cat $TMP_FILE
 mv $TMP_FILE $SECRETS_PLAINTEXT_FILE
 
 

deployment/deploy.sh

@@ -5,10 +5,6 @@ if [ "$IMAGE_TAG" == "" ]; then
   exit 1
 fi
 
-./decrypt-secrets.sh || exit 1 
-
-. secrets
-rm secrets
 
 IMAGE_NAME=gitea.hottis.de/wn/udi
 
@@ -18,6 +14,11 @@ CONFIG_FILE=config.json
 DEPLOYMENT_DIR=$PWD/deployment
 INSTANCES_DIR=$DEPLOYMENT_DIR/instances
 
+pushd $DEPLOYMENT_DIR > /dev/null
+./decrypt-secrets.sh || exit 1 
+. /tmp/secrets
+rm /tmp/secrets
+popd > /dev/null
 
 for NAMESPACE_DIR in `find $INSTANCES_DIR -type d -mindepth 1 -maxdepth 1`; do
   NAMESPACE=`basename $NAMESPACE_DIR`