added axway github token

added clawhub token
Merge remote-tracking branch 'refs/remotes/origin/main'
2026-05-19 12:15:16 +10:00 · 2026-05-15 13:58:45 +10:00 · 2026-05-15 13:47:41 +10:00 · 2026-05-15 13:46:12 +10:00 · 2026-05-14 22:12:37 +10:00 · 2026-05-02 19:35:10 +10:00
9 changed files with 93 additions and 5 deletions
--- a/manifests/clawdbox-ssh-secret.yaml
+++ b/manifests/clawdbox-ssh-secret.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+data:
+  id_rsa: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNEQlZPTmlVcDBOYVlxT2NXaENJTFI5eTRSczhQNnpkeW5HaGhCMnNValQ2QUFBQUpnWGYvQlNGMy93ClVnQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDREJWT05pVXAwTmFZcU9jV2hDSUxSOXk0UnM4UDZ6ZHluR2hoQjJzVWpUNkEKQUFBRUEvaTE4aGR5ZjA4SXB5WlJHUTlrRUhTeFFoNGZTakFISGZhSm5JMFhhTXljRlU0MkpTblExcGlvNXhhRUlndEgzTApoR3p3L3JOM0tjYUdFSGF4U05Qb0FBQUFFbU52Ym1GdVFFMXBibWxOWlM1c2IyTmhiQUVDQXc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K
+kind: Secret
+type: Opaque
--- a/manifests/deployment.yaml
+++ b/manifests/deployment.yaml
@@ -31,7 +31,6 @@ spec:
                  --gateway-port 18789 --gateway-bind lan \
                  --skip-daemon --skip-channels --skip-skills --skip-health --skip-ui
              fi
-              # Run the gateway
              exec node /app/openclaw.mjs gateway --port 18789 --bind lan
          ports:
            - name: gateway
@@ -49,7 +48,7 @@ spec:
            - name: TZ
              value: "Australia/Sydney"
            - name: NODE_OPTIONS
-              value: "--dns-result-order=ipv4first --no-network-family-autoselection --import /home/node/canvas-patch.mjs"
+              value: "--dns-result-order=ipv4first --no-network-family-autoselection"
            - name: OPENCLAW_GATEWAY_TOKEN
              value: 356a221b029c582ea983c21b8b01a6689fafb1e0182e8af7
            - name: GITHUB_TOKEN
@@ -57,17 +56,61 @@ spec:
                secretKeyRef:
                  name: github
                  key: pat
+            - name: AXWAY_GITHUB_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: axway-github
+                  key: token
            - name: DISCORD_BOT_TOKEN
              valueFrom:
                secretKeyRef:
                  name: discord
                  key: token
+            - name: MINIMAX_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: minimax
+                  key: token
+            - name: HOOKS_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: hooks-token
+                  key: token
+            - name: TELEGRAM_BOT_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: telegram-bot-token
+                  key: token
+            - name: ZAI_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: zai
+                  key: token
+            - name: PAPRIKA_EMAIL
+              valueFrom:
+                secretKeyRef:
+                  name: paprika
+                  key: email
+            - name: PAPRIKA_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: paprika
+                  key: password
+            - name: NPM_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: npm
+                  key: token
+            - name: CLAWHUB_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: clawhub
+                  key: token
          volumeMounts:
            - name: home
              mountPath: /home/node
            - name: tmp
              mountPath: /tmp
-
      volumes:
        - name: home
          persistentVolumeClaim:
--- a/manifests/discord-secret.yaml
+++ b/manifests/discord-secret.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+data:
+  token: TVRRNU1qQTNNRGM0TWpFM01EUXpNVFUwT0EuR2MwWGh1Lm9yV3d6Vl9aNUxzZUJsODVzQ1BId2Z2a2djM0FiNmRDM2o5V0d3
+kind: Secret
+type: Opaque
--- a/manifests/gateway-token-secret.yaml
+++ b/manifests/gateway-token-secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gateway-token
+  namespace: openclaw
+type: Opaque
+data:
+  token: MzU2YTIxMWIwMjljNTgyZWE5ODNjMjFiOGIwMWE2Njg5ZmFmYjFlMDE4MmU4YWY3
--- a/manifests/github-secret.yaml
+++ b/manifests/github-secret.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+data:
+  pat: Z2l0aHViX3BhdF8xMUNBMlFGRkkwVjEzUWtvSzQwNnZjXzVMMWYzUlc0ckdOOFhEVkR0V3pCTEc4WThzMEhINGtWMEN0dHoxOUdUeWpLUFVYSks1TG0wZkxsSVV2
+kind: Secret
+type: Opaque
--- a/manifests/hooks-token-secret.yaml
+++ b/manifests/hooks-token-secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: hooks-token
+  namespace: openclaw
+type: Opaque
+data:
+  token: N2IxN2JmZDU0NjBhNTFlYTIwZWY2OGZmODJjN2IwZDYwYTA0NTAyMGVmNjZlYmQ3NGJkYzkzNzAyYWIzNTdmYg==
--- a/manifests/minimax-secret.yaml
+++ b/manifests/minimax-secret.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+data:
+  token: c2stY3AtZTFPT1FTT2RTQjZLbmtSNFVtbXQ3SWJSX1NieFhuY1lYcHV5elp2Znd4Tnp4ZDh6aDRUbWZJQkZRN2F3ZUd1NHBpYlJTcHZDOVRDSlhNRVdlcFh4bXk5eG5xcnllR0N0WHU2Z3pfZVFwX2I2Y00yanhaR0VicUk=
+kind: Secret
+type: Opaque
--- a/manifests/serviceaccount-rbac.yaml
+++ b/manifests/serviceaccount-rbac.yaml
@@ -4,8 +4,6 @@ metadata:
  name: openclaw
  namespace: openclaw
 ---
-# Minimal Role/RoleBinding placeholder.
-# Adjust permissions once we know what OpenClaw needs (MCP, secrets read, etc.)
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -15,6 +13,9 @@ rules:
  - apiGroups: [""]
    resources: ["pods", "pods/log"]
    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources: ["secrets"]
+    verbs: ["get", "list", "watch", "create", "update", "patch"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
--- a/manifests/telegram-secret.yaml
+++ b/manifests/telegram-secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: telegram-bot-token
+  namespace: openclaw
+type: Opaque
+data:
+  token: ODMyMzE1MjY1MDpBQUc2a25mb3pkeTEyWVduakhLQzdvRXVYUDJnMXl1bDZHOA==
Author	SHA1	Message	Date
Conan Scott	8404b91ed7	added axway github token	2026-05-19 12:15:16 +10:00
Conan Scott	b2bdc688da	added clawhub token	2026-05-15 13:58:45 +10:00
Conan Scott	703fa174df	Merge remote-tracking branch 'refs/remotes/origin/main'	2026-05-15 13:47:41 +10:00
Conan Scott	68064a8f6b	added npm token	2026-05-15 13:46:12 +10:00
Conan Scott	d32d7da4c5	dropped the canvas patch from node options	2026-05-14 22:12:37 +10:00
Conan Scott	0b9d8341f6	added paprika secrets	2026-05-02 19:35:10 +10:00
Conan Scott	4eaf19478c	fixed	2026-04-14 16:34:46 +10:00
Conan Scott	942fb165cb	absolute madmax	2026-04-12 22:13:42 +10:00
Conan Scott	428da5c8c3	Fix gateway.token path: write to gateway.auth.token (correct location), not gateway.token	2026-04-12 11:40:34 +00:00
Conan Scott	0d8a2994ec	Fix token patching: gateway.token, hooks.token, telegram.botToken all from OCP env vars; scale replicas to 1	2026-04-12 11:36:57 +00:00
Conan Scott	846316cc45	Secure token migration: gateway-token, hooks-token, telegram-bot-token as OCP secrets + startup script patch for hooks.token	2026-04-12 11:26:36 +00:00
Conan Scott	b8ff432e35	Expand RBAC: allow openclaw SA to create/update secrets in openclaw namespace	2026-04-12 08:00:59 +00:00
Conan Scott	1c0399ac09	Add gateway-token, hooks-token, and telegram-bot-token OCP secrets	2026-04-12 07:59:20 +00:00
Conan Scott	b2b59eeb76	Add gateway-token, hooks-token, and telegram-bot-token OCP secrets	2026-04-12 07:59:19 +00:00
Conan Scott	14c73620f4	Add gateway-token, hooks-token, and telegram-bot-token OCP secrets	2026-04-12 07:59:18 +00:00
Conan Scott	9668fdf1fd	Add gateway-token, hooks-token, and telegram-bot-token OCP secrets	2026-04-12 07:59:17 +00:00
Conan Scott	fd76da7297	added secrets	2026-04-12 17:22:55 +10:00
Conan Scott	436b7fe11c	added minimax key	2026-04-12 17:09:07 +10:00