feat(auth): support per-deploy login password key override
Deployment Config CI / Deployment Config (push) Successful in 27s
Backend CI / Backend (push) Successful in 15m4s

Multi-replica deployments need every Pod/container to share one RSA private key, otherwise public keys handed to the browser may not match the key that decrypts the resulting ciphertext. Introduce a `*.local.yaml` override layer that ops-config and tenant-config both load on top of the base config, ship example overrides plus compose/k3s wiring, and tolerate PEM bodies that arrive folded or escaped from Secrets.
This commit is contained in:
2026-05-14 11:54:40 +08:00
parent 2bc192b3c7
commit b939cfa2fa
16 changed files with 310 additions and 10 deletions
+4 -1
View File
@@ -6,6 +6,8 @@ dist/
.env
.env.local
.env.signing
deploy/config.local.yaml
deploy/ops-config.local.yaml
apps/*/.env.signing
apps/*/dist/
apps/*/out/
@@ -23,4 +25,5 @@ apps/*/firefox-mv*/
*.tmp
apps/*/stats.html
ops-api
tmp/*
tmp/*
*.pem