🌱 woodpecker-ci: Hashicorp vault as secret storage integration

fixes/cncf-generated/woodpecker-ci/woodpecker-ci-929-hashicorp-vault-as-secret-storage-integration.json

@@ -0,0 +1,73 @@
+{
+  "version": "kc-mission-v1",
+  "name": "woodpecker-ci-929-hashicorp-vault-as-secret-storage-integration",
+  "missionClass": "fixer",
+  "author": "KubeStellar Bot",
+  "authorGithub": "kubestellar",
+  "mission": {
+    "title": "woodpecker-ci: Hashicorp vault as secret storage integration",
+    "description": "Hashicorp vault as secret storage integration. Requested by 10+ users.",
+    "type": "feature",
+    "status": "completed",
+    "steps": [
+      {
+        "title": "Check current woodpecker-ci deployment",
+        "description": "Verify your woodpecker-ci version and configuration:\n```bash\nkubectl get pods -n woodpecker-ci -l app.kubernetes.io/name=woodpecker-ci\nhelm list -n woodpecker-ci 2>/dev/null || echo \"Not installed via Helm\"\n```\nThis feature requires a working woodpecker-ci installation."
+      },
+      {
+        "title": "Review woodpecker-ci configuration",
+        "description": "Inspect the relevant woodpecker-ci configuration:\n```bash\nkubectl get all -n woodpecker-ci -l app.kubernetes.io/name=woodpecker-ci\nkubectl get configmap -n woodpecker-ci -l app.kubernetes.io/part-of=woodpecker-ci\n```\n### Clear and concise description of the problem\n\nHi there, that would be awesome if secrets would be pullable from Hashicorp Vault, by integration like [this](https://docs.gitlab.com/ee/ci/examples/authenticating-with-hashicorp-vault/)\n\n###"
+      },
+      {
+        "title": "Apply the fix for Hashicorp vault as secret storage integration",
+        "description": "Allow users to set / use service extensions (for this PR just config, secrets / registries could be added later on) on a per repo basis. Those extensions are little external webservice which can implement a set of endpoints to replace woodpeckers internal functionality like:\n- pipeline config processing\n\n# TODO\n\nSee the source issue for community-verified solutions."
+      },
+      {
+        "title": "Verify the feature works",
+        "description": "Test that the new capability is working as expected:\n```bash\nkubectl get pods -n woodpecker-ci -l app.kubernetes.io/name=woodpecker-ci\nkubectl get events -n woodpecker-ci --sort-by='.lastTimestamp' | tail -10\n```\nConfirm the feature described in \"Hashicorp vault as secret storage integration\" is functioning correctly."
+      }
+    ],
+    "resolution": {
+      "summary": "Allow users to set / use service extensions (for this PR just config, secrets / registries could be added later on) on a per repo basis. Those extensions are little external webservice which can implement a set of endpoints to replace woodpeckers internal functionality like:\n- pipeline config processing\n\n# TODO",
+      "codeSnippets": []
+    }
+  },
+  "metadata": {
+    "tags": [
+      "woodpecker-ci",
+      "community",
+      "ci-cd",
+      "feature"
+    ],
+    "cncfProjects": [
+      "woodpecker-ci"
+    ],
+    "targetResourceKinds": [],
+    "difficulty": "intermediate",
+    "issueTypes": [
+      "feature"
+    ],
+    "maturity": "community",
+    "sourceUrls": {
+      "issue": "https://github.com/woodpecker-ci/woodpecker/issues/929",
+      "repo": "https://github.com/woodpecker-ci/woodpecker",
+      "pr": "https://github.com/woodpecker-ci/woodpecker/pull/3349"
+    },
+    "reactions": 10,
+    "comments": 17,
+    "synthesizedBy": "copilot"
+  },
+  "prerequisites": {
+    "kubernetes": ">=1.24",
+    "tools": [
+      "kubectl"
+    ],
+    "description": "A running Kubernetes cluster with woodpecker-ci installed or the issue environment reproducible."
+  },
+  "security": {
+    "scannedAt": "2026-04-03T06:57:58.337Z",
+    "scannerVersion": "cncf-gen-3.0.0",
+    "sanitized": true,
+    "findings": []
+  }
+}

solutions/cncf-generated/woodpecker-ci/woodpecker-ci-929-hashicorp-vault-as-secret-storage-integration.json

@@ -0,0 +1,73 @@
+{
+  "version": "kc-mission-v1",
+  "name": "woodpecker-ci-929-hashicorp-vault-as-secret-storage-integration",
+  "missionClass": "solution",
+  "author": "KubeStellar Bot",
+  "authorGithub": "kubestellar",
+  "mission": {
+    "title": "woodpecker-ci: Hashicorp vault as secret storage integration",
+    "description": "Hashicorp vault as secret storage integration. Requested by 10+ users.",
+    "type": "feature",
+    "status": "completed",
+    "steps": [
+      {
+        "title": "Check current woodpecker-ci deployment",
+        "description": "Verify your woodpecker-ci version and configuration:\n```bash\nkubectl get pods -n woodpecker-ci -l app.kubernetes.io/name=woodpecker-ci\nhelm list -n woodpecker-ci 2>/dev/null || echo \"Not installed via Helm\"\n```\nThis feature requires a working woodpecker-ci installation."
+      },
+      {
+        "title": "Review woodpecker-ci configuration",
+        "description": "Inspect the relevant woodpecker-ci configuration:\n```bash\nkubectl get all -n woodpecker-ci -l app.kubernetes.io/name=woodpecker-ci\nkubectl get configmap -n woodpecker-ci -l app.kubernetes.io/part-of=woodpecker-ci\n```\n### Clear and concise description of the problem\n\nHi there, that would be awesome if secrets would be pullable from Hashicorp Vault, by integration like [this](https://docs.gitlab.com/ee/ci/examples/authenticating-with-hashicorp-vault/)\n\n###"
+      },
+      {
+        "title": "Apply the fix for Hashicorp vault as secret storage integration",
+        "description": "Allow users to set / use service extensions (for this PR just config, secrets / registries could be added later on) on a per repo basis. Those extensions are little external webservice which can implement a set of endpoints to replace woodpeckers internal functionality like:\n- pipeline config processing\n\n# TODO\n\nSee the source issue for community-verified solutions."
+      },
+      {
+        "title": "Verify the feature works",
+        "description": "Test that the new capability is working as expected:\n```bash\nkubectl get pods -n woodpecker-ci -l app.kubernetes.io/name=woodpecker-ci\nkubectl get events -n woodpecker-ci --sort-by='.lastTimestamp' | tail -10\n```\nConfirm the feature described in \"Hashicorp vault as secret storage integration\" is functioning correctly."
+      }
+    ],
+    "resolution": {
+      "summary": "Allow users to set / use service extensions (for this PR just config, secrets / registries could be added later on) on a per repo basis. Those extensions are little external webservice which can implement a set of endpoints to replace woodpeckers internal functionality like:\n- pipeline config processing\n\n# TODO",
+      "codeSnippets": []
+    }
+  },
+  "metadata": {
+    "tags": [
+      "woodpecker-ci",
+      "community",
+      "ci-cd",
+      "feature"
+    ],
+    "cncfProjects": [
+      "woodpecker-ci"
+    ],
+    "targetResourceKinds": [],
+    "difficulty": "beginner",
+    "issueTypes": [
+      "feature"
+    ],
+    "maturity": "community",
+    "sourceUrls": {
+      "issue": "https://github.com/woodpecker-ci/woodpecker/issues/929",
+      "repo": "https://github.com/woodpecker-ci/woodpecker",
+      "pr": "https://github.com/woodpecker-ci/woodpecker/pull/3349"
+    },
+    "reactions": 10,
+    "comments": 15,
+    "synthesizedBy": "copilot"
+  },
+  "prerequisites": {
+    "kubernetes": ">=1.24",
+    "tools": [
+      "kubectl"
+    ],
+    "description": "A running Kubernetes cluster with woodpecker-ci installed or the issue environment reproducible."
+  },
+  "security": {
+    "scannedAt": "2026-03-27T06:57:18.098Z",
+    "scannerVersion": "cncf-gen-3.0.0",
+    "sanitized": true,
+    "findings": []
+  }
+}