From 4a7349543aac01c8c8858b4c970554c03caa3436 Mon Sep 17 00:00:00 2001 From: Marcel Date: Fri, 15 May 2026 13:45:07 +0200 Subject: [PATCH] devops(ci): wire SENTRY_DSN into staging and production env files Adds SENTRY_DSN as an optional secret (empty by default) so it can be set after GlitchTip first-run without requiring another code change. Backend reads it via application.yaml; empty value keeps Sentry disabled. Co-Authored-By: Claude Sonnet 4.6 --- .gitea/workflows/nightly.yml | 4 ++++ .gitea/workflows/release.yml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/.gitea/workflows/nightly.yml b/.gitea/workflows/nightly.yml index 030b38eb..838d859f 100644 --- a/.gitea/workflows/nightly.yml +++ b/.gitea/workflows/nightly.yml @@ -30,6 +30,9 @@ name: nightly # STAGING_OCR_TRAINING_TOKEN # STAGING_APP_ADMIN_USERNAME # STAGING_APP_ADMIN_PASSWORD +# GRAFANA_ADMIN_PASSWORD +# GLITCHTIP_SECRET_KEY +# SENTRY_DSN (set after GlitchTip first-run; empty = Sentry disabled) on: schedule: @@ -81,6 +84,7 @@ jobs: GRAFANA_ADMIN_PASSWORD=${{ secrets.GRAFANA_ADMIN_PASSWORD }} GLITCHTIP_SECRET_KEY=${{ secrets.GLITCHTIP_SECRET_KEY }} GLITCHTIP_DOMAIN=https://glitchtip.archiv.raddatz.cloud + SENTRY_DSN=${{ secrets.SENTRY_DSN }} EOF - name: Verify backend /import:ro mount is wired diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml index f7d631c3..16da676f 100644 --- a/.gitea/workflows/release.yml +++ b/.gitea/workflows/release.yml @@ -34,6 +34,9 @@ name: release # MAIL_PORT # MAIL_USERNAME # MAIL_PASSWORD +# GRAFANA_ADMIN_PASSWORD +# GLITCHTIP_SECRET_KEY +# SENTRY_DSN (set after GlitchTip first-run; empty = Sentry disabled) on: push: @@ -79,6 +82,7 @@ jobs: GRAFANA_ADMIN_PASSWORD=${{ secrets.GRAFANA_ADMIN_PASSWORD }} GLITCHTIP_SECRET_KEY=${{ secrets.GLITCHTIP_SECRET_KEY }} GLITCHTIP_DOMAIN=https://glitchtip.archiv.raddatz.cloud + SENTRY_DSN=${{ secrets.SENTRY_DSN }} EOF - name: Build images