From 5f6199290ea70e8d7b906b75bc0bc58ffd268c46 Mon Sep 17 00:00:00 2001
From: Tracewebstudio Dev <dev@tracewebstudio.com>
Date: Fri, 17 Apr 2026 00:31:45 +0200
Subject: [PATCH] ci: standardize woodpecker secret names

---
 .woodpecker.yml       | 16 ++++++++++------
 .woodpecker/README.md | 18 ++++++++++++++++++
 2 files changed, 28 insertions(+), 6 deletions(-)
 create mode 100644 .woodpecker/README.md

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 4d75918..2ffa762 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -9,6 +9,8 @@ steps:
   - name: login-and-push
     image: docker:28-cli
     environment:
+      REGISTRY_HOSTPORT:
+        from_secret: REGISTRY_HOSTPORT
       REGISTRY_USERNAME:
         from_secret: REGISTRY_USERNAME
       REGISTRY_PASSWORD:
@@ -16,9 +18,9 @@ steps:
       SERVICE_NAME:
         from_secret: SERVICE_NAME
     commands:
-      - echo "${REGISTRY_PASSWORD}" | docker login registry.nxtgauge.com -u "${REGISTRY_USERNAME}" --password-stdin
-      - docker build -t registry.nxtgauge.com/nxtgauge-rust-${SERVICE_NAME} --build-arg SERVICE_NAME=${SERVICE_NAME} -f Dockerfile.simple .
-      - docker push registry.nxtgauge.com/nxtgauge-rust-${SERVICE_NAME}
+      - echo "${REGISTRY_PASSWORD}" | docker login "${REGISTRY_HOSTPORT}" -u "${REGISTRY_USERNAME}" --password-stdin
+      - docker build -t "${REGISTRY_HOSTPORT}/nxtgauge-rust-${SERVICE_NAME}" --build-arg SERVICE_NAME=${SERVICE_NAME} -f Dockerfile.simple .
+      - docker push "${REGISTRY_HOSTPORT}/nxtgauge-rust-${SERVICE_NAME}"
 
 ---
 when:
@@ -29,11 +31,13 @@ steps:
   - name: login-and-push-migrate
     image: docker:28-cli
     environment:
+      REGISTRY_HOSTPORT:
+        from_secret: REGISTRY_HOSTPORT
       REGISTRY_USERNAME:
         from_secret: REGISTRY_USERNAME
       REGISTRY_PASSWORD:
         from_secret: REGISTRY_PASSWORD
     commands:
-      - echo "${REGISTRY_PASSWORD}" | docker login registry.nxtgauge.com -u "${REGISTRY_USERNAME}" --password-stdin
-      - docker build -t registry.nxtgauge.com/nxtgauge-db-migrate -f Dockerfile.migrate .
-      - docker push registry.nxtgauge.com/nxtgauge-db-migrate
+      - echo "${REGISTRY_PASSWORD}" | docker login "${REGISTRY_HOSTPORT}" -u "${REGISTRY_USERNAME}" --password-stdin
+      - docker build -t "${REGISTRY_HOSTPORT}/nxtgauge-db-migrate" -f Dockerfile.migrate .
+      - docker push "${REGISTRY_HOSTPORT}/nxtgauge-db-migrate"
diff --git a/.woodpecker/README.md b/.woodpecker/README.md
new file mode 100644
index 0000000..5376c38
--- /dev/null
+++ b/.woodpecker/README.md
@@ -0,0 +1,18 @@
+# Woodpecker CI Secrets
+
+The following Woodpecker secrets are required for CI/CD pipelines:
+
+| Secret Name          | Purpose                                                        |
+| -------------------- | -------------------------------------------------------------- |
+| `REGISTRY_HOSTPORT`  | Registry host:port (e.g., `registry.nxtgauge.com`)             |
+| `REGISTRY_USERNAME`  | Registry username for authentication                           |
+| `REGISTRY_PASSWORD`  | Registry password/token for authentication                     |
+| `DOCKERHUB_USERNAME` | Docker Hub username (optional, for Docker Hub pushes)          |
+| `DOCKERHUB_TOKEN`    | Docker Hub access token (optional, for Docker Hub pushes)      |
+| `GHCR_USERNAME`      | GitHub Container Registry username (optional, for GHCR pushes) |
+| `GHCR_TOKEN`         | GitHub Container Registry token (optional, for GHCR pushes)    |
+| `GITOPS_REPO_URL`    | GitOps repository URL (optional)                               |
+
+## Usage
+
+All build/push steps use these secrets via `from_secret:` references. No credentials are hardcoded in pipeline files.