fix: inject secrets from Consul KV via Nomad template (not baked in image)
Some checks failed
Build and Deploy / deploy (push) Failing after 5s
Some checks failed
Build and Deploy / deploy (push) Failing after 5s
This commit is contained in:
Henrik Jess Nielsen
@@ -25,18 +25,6 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
echo "${{ secrets.HARBOR_ROBOT_TOKEN }}" | docker login registry.i80.dk -u "robot\$gitserver" --password-stdin
|
echo "${{ secrets.HARBOR_ROBOT_TOKEN }}" | docker login registry.i80.dk -u "robot\$gitserver" --password-stdin
|
||||||
|
|
||||||
- name: Write production env
|
|
||||||
run: |
|
|
||||||
cat > .env.production << 'ENVEOF'
|
|
||||||
TINK_CLIENT_ID=${{ secrets.TINK_CLIENT_ID }}
|
|
||||||
TINK_CLIENT_SECRET=${{ secrets.TINK_CLIENT_SECRET }}
|
|
||||||
TINK_REDIRECT_URI=https://tink-demo.i80.dk/callback
|
|
||||||
APP_BASE_URL=https://tink-demo.i80.dk
|
|
||||||
DEMO_MODE=false
|
|
||||||
ENVEOF
|
|
||||||
# Strip leading spaces
|
|
||||||
sed -i 's/^[[:space:]]*//' .env.production
|
|
||||||
|
|
||||||
- name: Build and push image
|
- name: Build and push image
|
||||||
run: |
|
run: |
|
||||||
SHA=$(echo "$GITHUB_SHA" | cut -c1-8)
|
SHA=$(echo "$GITHUB_SHA" | cut -c1-8)
|
||||||
|
|||||||
@@ -34,6 +34,18 @@ job "tink-demo" {
|
|||||||
ports = ["http"]
|
ports = ["http"]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = <<EOH
|
||||||
|
TINK_CLIENT_ID="{{ key "tink-demo/TINK_CLIENT_ID" }}"
|
||||||
|
TINK_CLIENT_SECRET="{{ key "tink-demo/TINK_CLIENT_SECRET" }}"
|
||||||
|
TINK_REDIRECT_URI="https://tink-demo.i80.dk/callback"
|
||||||
|
APP_BASE_URL="https://tink-demo.i80.dk"
|
||||||
|
DEMO_MODE="false"
|
||||||
|
EOH
|
||||||
|
destination = "secrets/app.env"
|
||||||
|
env = true
|
||||||
|
}
|
||||||
|
|
||||||
resources {
|
resources {
|
||||||
cpu = 256
|
cpu = 256
|
||||||
memory = 256
|
memory = 256
|
||||||
|
|||||||
Reference in New Issue
Block a user