infra

Author	SHA1	Message	Date
Jeremie Fraeys	67eb2227dd	refactor(scripts): simplify forgejo actions secret helper Keep only app_ssh_access essentials: generate keypairs, upload plaintext Actions secrets, optionally update vault public keys.	2026-01-21 23:15:38 -05:00
Jeremie Fraeys	872d0cbe49	fix(forgejo): clearer PAT scope error for user/org secrets Exit cleanly on 403 for user/org scoped secrets and surface required token scope(s) when provided by the API.	2026-01-21 23:10:48 -05:00
Jeremie Fraeys	0814900598	fix(scripts): python3.9 compatibility + better Forgejo secret errors - Replace PEP604 unions with typing.Optional for broader Python compatibility - Print actionable guidance when user/org-scoped secret API calls return 403	2026-01-21 23:09:44 -05:00
Jeremie Fraeys	35796b1069	feat(forgejo): set Actions secrets at user/org scope - Add --scope {user,org,repo} (default user) to upsert Actions secrets\n- Keep repo support and add --org for org scope\n- Include security caveat in CLI help and warning output	2026-01-21 23:07:02 -05:00
Jeremie Fraeys	a3da8deb0f	feat(actions-ssh): use register/deregister keys for services access - Add app_ssh_access role to install forced-command keys for infra-register-stdin and infra-deregister\n- Ensure required infra-controller runtime directories exist on services host\n- Add helper script to generate/register both Actions SSH secrets and update vault public keys	2026-01-20 17:10:02 -05:00