added missing files

infra/woodpecker/vault/agent.hcl

@@ -0,0 +1,38 @@
+exit_after_auth = false
+pid_file = "/vault/secrets/vault-agent.pid"
+
+auto_auth {
+  method "approle" {
+    mount_path = "auth/approle"
+    config = {
+      role_id_file_path   = "/vault/secrets/role_id"
+      secret_id_file_path = "/vault/secrets/secret_id"
+    }
+  }
+  sink "file" { config = { path = "/vault/secrets/.vault-token" } }
+}
+
+# Render secrets to lowercase files
+template {
+  source      = "/etc/vault/templates/agent_secret.ctmpl"
+  destination = "/vault/secrets/agent_secret"
+  perms       = "0440"
+}
+
+template {
+  source      = "/etc/vault/templates/gitea_client_id.ctmpl"
+  destination = "/vault/secrets/gitea_client_id"
+  perms       = "0440"
+}
+
+template {
+  source      = "/etc/vault/templates/gitea_client_secret.ctmpl"
+  destination = "/vault/secrets/gitea_client_secret"
+  perms       = "0440"
+}
+
+template {
+  source      = "/etc/vault/templates/pg_dsn.ctmpl"
+  destination = "/vault/secrets/pg_dsn"
+  perms       = "0644"
+}

infra/woodpecker/vault/templates/agent_secret.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/cicd/woodpecker/agent" -}}
+{{ .Data.data.secret }}
+{{- end }}

infra/woodpecker/vault/templates/gitea_client_id.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/cicd/woodpecker" -}}
+{{ .Data.data.gitea_client_id }}
+{{- end }}

infra/woodpecker/vault/templates/gitea_client_secret.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/cicd/woodpecker" -}}
+{{ .Data.data.gitea_client_secret }}
+{{- end }}

infra/woodpecker/vault/templates/pg_dsn.ctmpl

@@ -0,0 +1 @@
+{{- with secret "kv/data/cicd/woodpecker" -}}{{ .Data.data.pg_dsn }}{{- end -}}