fixed secrets

.gitignore

@@ -143,3 +143,7 @@ chart/secrets.*.yaml
 !chart/values.prod.public.yaml
 
 .bkup/
+
+# Ignore production values and secrets files
+chart/values.prod.yaml
+chart/secrets.prod.yaml

README.md

@@ -50,12 +50,14 @@ A full-stack application boilerplate with a React frontend and Node.js backend
   - [CI/CD Kubernetes Deployment Setup](#cicd-kubernetes-deployment-setup)
   - [Using Private Docker Registry with Kubernetes](#using-private-docker-registry-with-kubernetes)
   - [Production Secrets Management (Gitea as Source of Truth)](#production-secrets-management-gitea-as-source-of-truth)
+  - [CI/CD Pipeline Behavior: Multiple Merges to Main](#cicd-pipeline-behavior-multiple-merges-to-main)
 
 ---
 
 ## 📁 Project Structure
 
-fusero-app-boilerplate/
+```
+fusero-app-boilerplate
 ├── chart/                  # Helm chart for Kubernetes
 │   ├── Chart.yaml
 │   ├── values.dev.yaml
@@ -93,6 +95,7 @@ fusero-app-boilerplate/
 ├── test/
 ├── utils/
 └── README.md
+```
 
 ---
 
@@ -607,3 +610,12 @@ This allows Kubernetes to authenticate to your private registry and pull images
 - **Summary:** Gitea secrets are the source of truth for production. Always update secrets in Gitea and redeploy to apply changes to new pods.
 
 ---
+
+## CI/CD Pipeline Behavior: Multiple Merges to Main
+
+- If multiple merges or pushes happen to the `main` branch in quick succession, your CI/CD system will start a separate pipeline for each commit.
+- These pipelines will run in parallel unless your CI/CD is configured to queue or cancel previous runs.
+- This can result in race conditions, where the last pipeline to finish will determine the final deployed state.
+- **Best practice:** Avoid merging multiple large changes to `main` at the same time. Wait for the pipeline to finish before merging the next PR, or configure your CI/CD to cancel previous runs on new pushes.
+
+---

chart/values.prod.template.yaml

@@ -64,3 +64,4 @@ postgres:
     limits:
       cpu: "500m"
       memory: "512Mi"
+  password: "<POSTGRES_PASSWORD>"