From 380d0cf7d11eae64da4a2d3c065f49870a39a8f7 Mon Sep 17 00:00:00 2001
From: syoul <syoul@librezo.fr>
Date: Tue, 17 Mar 2026 19:06:46 +0100
Subject: [PATCH] fix: write-env utilise env|grep (bug Woodpecker: dollar-brace
 dans commands droppe secrets)

---
 .woodpecker.yml | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 7445f75..3ea84da 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -33,8 +33,8 @@ steps:
       - echo "Verifications de securite OK"
 
   # Etape 3a : Ecriture du .env depuis les secrets
-  # BUG Woodpecker next : max 2 from_secret par step, valeur statique obligatoire
-  - name: write-env-1
+  # NOTE: ne pas utiliser ${VAR} dans commands (bug Woodpecker next), utiliser env | grep
+  - name: write-env
     image: alpine:3.20
     environment:
       TEST_STATIC: hello-world
@@ -42,18 +42,16 @@ steps:
         from_secret: ps_domain
       PS_ADMIN_FOLDER:
         from_secret: ps_admin_folder
+      PRESTASHOP_ADMIN_EMAIL:
+        from_secret: prestashop_admin_email
+      PRESTASHOP_ADMIN_PASSWORD:
+        from_secret: prestashop_admin_password
+      DB_ROOT_PASSWORD:
+        from_secret: db_root_password
+      DB_PASSWORD:
+        from_secret: db_password
     commands:
-      - env | grep -E "TEST_STATIC|PS_DOMAIN|PS_ADMIN"
-
-  - name: write-env-2
-    image: alpine:3.20
-    commands:
-      - printf 'PRESTASHOP_ADMIN_EMAIL=PLACEHOLDER\nPRESTASHOP_ADMIN_PASSWORD=PLACEHOLDER\n' >> .env.deploy
-
-  - name: write-env-3
-    image: alpine:3.20
-    commands:
-      - printf 'DB_ROOT_PASSWORD=PLACEHOLDER\nDB_PASSWORD=PLACEHOLDER\n' >> .env.deploy
+      - env | grep -E "^(PS_DOMAIN|PS_ADMIN_FOLDER|PRESTASHOP_ADMIN_EMAIL|PRESTASHOP_ADMIN_PASSWORD|DB_ROOT_PASSWORD|DB_PASSWORD)=" > .env.deploy
       - echo "Fichier .env.deploy cree ($(wc -c < .env.deploy) octets)"
 
   # Etape 3b : Deploiement sur sonic via Docker socket