fix: add Stripe secrets to CI/CD and build configuration (refs #55)

- Add VITE_STRIPE_PUBLISHABLE_KEY to frontend Dockerfile build args - Add VITE_STRIPE_PUBLISHABLE_KEY to docker-compose.yml build args - Add :ro flag to backend Stripe secret volume mounts for consistency - Update inject-secrets.sh with STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET - Add Stripe secrets to staging.yaml workflow (build arg + inject step) - Add Stripe secrets to production.yaml workflow (inject step) Requires STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET secrets and VITE_STRIPE_PUBLISHABLE_KEY variable to be configured in Gitea. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-18 19:20:29 -06:00
parent 52c0b59a86
commit 254bed18d0
5 changed files with 17 additions and 3 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -53,6 +53,7 @@ services:
        VITE_AUTH0_CLIENT_ID: ${VITE_AUTH0_CLIENT_ID:-yspR8zdnSxmV8wFIghHynQ08iXAPoQJ3}
        VITE_AUTH0_AUDIENCE: ${VITE_AUTH0_AUDIENCE:-https://api.motovaultpro.com}
        VITE_API_BASE_URL: ${VITE_API_BASE_URL:-/api}
+        VITE_STRIPE_PUBLISHABLE_KEY: ${VITE_STRIPE_PUBLISHABLE_KEY:-}
    container_name: mvp-frontend
    restart: unless-stopped
    environment:
@@ -121,8 +122,8 @@ services:
      - ./secrets/app/resend-api-key.txt:/run/secrets/resend-api-key:ro
      - ./secrets/app/auth0-management-client-id.txt:/run/secrets/auth0-management-client-id:ro
      - ./secrets/app/auth0-management-client-secret.txt:/run/secrets/auth0-management-client-secret:ro
-      - ./secrets/app/stripe-secret-key.txt:/run/secrets/stripe-secret-key
-      - ./secrets/app/stripe-webhook-secret.txt:/run/secrets/stripe-webhook-secret
+      - ./secrets/app/stripe-secret-key.txt:/run/secrets/stripe-secret-key:ro
+      - ./secrets/app/stripe-webhook-secret.txt:/run/secrets/stripe-webhook-secret:ro
      # Filesystem storage for documents
      - ./data/documents:/app/data/documents
      # Filesystem storage for backups