fix: refactor: rename vault-runner → runner and vault-run → run (#43)

2026-03-29 12:43:18 +00:00 · 2026-03-29 12:43:18 +00:00 · 4bcd2c275b
commit 4bcd2c275b
parent 9335681a72
10 changed files with 47 additions and 44 deletions
--- a/.env.example
+++ b/.env.example
@ -49,7 +49,7 @@ WOODPECKER_DB_NAME=woodpecker              # [CONFIG] Postgres database name

 # ── Vault-only secrets (DO NOT put these in .env) ────────────────────────
 # These tokens grant access to external systems (GitHub, ClawHub, deploy targets).
-# They live ONLY in .env.vault.enc and are injected into the ephemeral vault-runner
+# They live ONLY in .env.vault.enc and are injected into the ephemeral runner
 # container at fire time (#745). lib/env.sh explicitly unsets them so agents
 # can never hold them directly — all external actions go through vault dispatch.
 #
@ -58,7 +58,7 @@ WOODPECKER_DB_NAME=woodpecker              # [CONFIG] Postgres database name
 #   (deploy keys)         — SSH keys for deployment targets
 #
 # To manage vault secrets: disinto secrets edit-vault
-# See also: vault/vault-run-action.sh, vault/vault-fire.sh
+# See also: vault/run-action.sh, vault/vault-fire.sh

 # ── Project-specific secrets ──────────────────────────────────────────────
 # Store all project secrets here so formulas reference env vars, never hardcode.