fix(deploy): wire the Robokassa direct rail into the prod deploy + rollback #236

Merged
developer merged 1 commits from fix/prod-robokassa-wiring into development 2026-07-10 10:04:03 +00:00
Owner

The Robokassa credentials reached only the test contour (ci.yaml → TEST_ secrets). The prod-deploy / prod-rollback workflows and write-prod-env.sh never rendered BACKEND_ROBOKASSA_*, so on prod the shop login was empty and the direct RUB rail stayed off — the PROD_BACKEND_ROBOKASSA_* secrets went nowhere.

Wires the shop login + Password1/Password2 (secrets) and a BACKEND_ROBOKASSA_TEST flag (a variable — go-live is a flag flip, not a secret rotation) from both prod workflows, and emits the four ROBOKASSA_* vars from write-prod-env.sh (shared by deploy + rollback, so a rollback keeps the rail up). Compose already maps ROBOKASSA_* → BACKEND_ROBOKASSA_*.

Docs: deploy/README.md + .env.example. Password3 (Robokassa's JWT-invoice API) is unused.

Owner action: set the Gitea variable PROD_BACKEND_ROBOKASSA_TEST=1 for the initial test-payment phase (empty/0 = live). Secrets PROD_BACKEND_ROBOKASSA_{MERCHANT_LOGIN,PASSWORD1,PASSWORD2} already set.

The Robokassa credentials reached only the test contour (ci.yaml → TEST_ secrets). The prod-deploy / prod-rollback workflows and `write-prod-env.sh` never rendered `BACKEND_ROBOKASSA_*`, so on prod the shop login was empty and the direct RUB rail stayed off — the `PROD_BACKEND_ROBOKASSA_*` secrets went nowhere. Wires the shop login + Password1/Password2 (secrets) and a `BACKEND_ROBOKASSA_TEST` flag (a **variable** — go-live is a flag flip, not a secret rotation) from both prod workflows, and emits the four `ROBOKASSA_*` vars from `write-prod-env.sh` (shared by deploy + rollback, so a rollback keeps the rail up). Compose already maps `ROBOKASSA_* → BACKEND_ROBOKASSA_*`. Docs: `deploy/README.md` + `.env.example`. Password3 (Robokassa's JWT-invoice API) is unused. **Owner action:** set the Gitea **variable** `PROD_BACKEND_ROBOKASSA_TEST=1` for the initial test-payment phase (empty/0 = live). Secrets `PROD_BACKEND_ROBOKASSA_{MERCHANT_LOGIN,PASSWORD1,PASSWORD2}` already set.
developer added 1 commit 2026-07-10 09:59:39 +00:00
fix(deploy): wire the Robokassa direct rail into the prod deploy + rollback
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 11s
CI / integration (pull_request) Successful in 27s
CI / ui (pull_request) Successful in 1m11s
CI / conformance (pull_request) Successful in 10s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m54s
0a0a9e5a8d
The Robokassa credentials reached only the test contour (ci.yaml → TEST_
secrets). The prod-deploy / prod-rollback workflows and write-prod-env.sh
never rendered BACKEND_ROBOKASSA_*, so on prod the shop login was empty and
the direct RUB rail stayed disabled — the PROD_BACKEND_ROBOKASSA_* secrets
went nowhere.

Export the shop login + Password1/Password2 (secrets) and a
BACKEND_ROBOKASSA_TEST flag (a variable, so go-live is a flag flip not a
secret rotation) from both prod workflows, and emit the four ROBOKASSA_*
vars from write-prod-env.sh (the shared deploy/rollback env renderer) so a
rollback keeps the rail up. The compose already maps ROBOKASSA_* →
BACKEND_ROBOKASSA_*. Document the new secrets/variable in the deploy README
and .env.example. Password3 (Robokassa's JWT-invoice API) is unused.
owner approved these changes 2026-07-10 10:01:46 +00:00
developer merged commit df9eace09f into development 2026-07-10 10:04:03 +00:00
developer deleted branch fix/prod-robokassa-wiring 2026-07-10 10:04:03 +00:00
Sign in to join this conversation.
No Reviewers
No Label
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: developer/scrabble-game#236