From 3b7437619162551f281aa4c60621152f37a66b39 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Sun, 25 Dec 2022 22:50:20 +0100
Subject: [PATCH] update drone secrets for rotation

---
 cluster/prod/app/drone-ci/secrets.toml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cluster/prod/app/drone-ci/secrets.toml b/cluster/prod/app/drone-ci/secrets.toml
index 5bd98d0..ac07926 100644
--- a/cluster/prod/app/drone-ci/secrets.toml
+++ b/cluster/prod/app/drone-ci/secrets.toml
@@ -2,8 +2,8 @@
 
 [secrets."drone-ci/rpc_secret"]
 type = 'command'
-rotate = true
 command = 'openssl rand -hex 16'
+# don't rotate, it would break all runners
 
 [secrets."drone-ci/cookie_secret"]
 type = 'command'
@@ -13,6 +13,7 @@ command = 'openssl rand -hex 16'
 [secrets."drone-ci/db_enc_secret"]
 type = 'command'
 command = 'openssl rand -hex 16'
+# don't rotate, it is used to encrypt data which we would lose if we change this
 
 
 # Oauth config for gitea