denshooter/portfolio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update workflows to match actual Variables and Secrets configuration
Some checks failed
CI/CD Pipeline (Simple) / test-and-build (push) Has been skipped
Details
CI/CD Pipeline (Simple) / production (push) Failing after 7m54s
Details

Browse Source 
- Use Variables for non-sensitive data (NODE_ENV, LOG_LEVEL, URLs, emails)
- Use Secrets for sensitive data (passwords, auth tokens)
- Add all configured variables: NODE_ENV, LOG_LEVEL, UMAMI analytics
- Update verification checks to match actual configuration
- Improve debug workflow to show Variables vs Secrets clearly
- Fix environment variable mapping in Docker Compose deployment
This commit is contained in:
denshooter
2025-09-13 00:16:43 +02:00
parent e245e8afe1
commit 4ccb2b146d
2 changed files with 48 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
.gitea/workflows/ci-cd.yml
View File

@@ -86,28 +86,48 @@ jobs:
- name: Verify secrets and variables before deployment - name: Verify secrets and variables before deployment
run: | run: |
echo "🔍 Verifying secrets and variables..." echo "🔍 Verifying secrets and variables..."
if [ -z "${{ secrets.NEXT_PUBLIC_BASE_URL }}" ] && [ -z "${{ vars.NEXT_PUBLIC_BASE_URL }}" ]; then
echo "❌ NEXT_PUBLIC_BASE_URL is missing in both secrets and variables!" # Check Variables
echo "Please add it to either Settings → Secrets or Settings → Variables" if [ -z "${{ vars.NEXT_PUBLIC_BASE_URL }}" ]; then
echo "❌ NEXT_PUBLIC_BASE_URL variable is missing!"
exit 1 exit 1
fi fi
if [ -z "${{ secrets.MY_EMAIL }}" ]; then if [ -z "${{ vars.MY_EMAIL }}" ]; then
echo "❌ MY_EMAIL secret is missing!" echo "❌ MY_EMAIL variable is missing!"
exit 1
fi
if [ -z "${{ vars.MY_INFO_EMAIL }}" ]; then
echo "❌ MY_INFO_EMAIL variable is missing!"
exit 1
fi
# Check Secrets
if [ -z "${{ secrets.MY_PASSWORD }}" ]; then
echo "❌ MY_PASSWORD secret is missing!"
exit 1
fi
if [ -z "${{ secrets.MY_INFO_PASSWORD }}" ]; then
echo "❌ MY_INFO_PASSWORD secret is missing!"
exit 1 exit 1
fi fi
if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then
echo "❌ ADMIN_BASIC_AUTH secret is missing!" echo "❌ ADMIN_BASIC_AUTH secret is missing!"
exit 1 exit 1
fi fi
echo "✅ All required secrets and variables are present" echo "✅ All required secrets and variables are present"
- name: Start services with Docker Compose - name: Start services with Docker Compose
run: | run: |
docker-compose up -d docker-compose up -d
env: env:
NEXT_PUBLIC_BASE_URL: ${{ secrets.NEXT_PUBLIC_BASE_URL || vars.NEXT_PUBLIC_BASE_URL }} NODE_ENV: ${{ vars.NODE_ENV }}
MY_EMAIL: ${{ secrets.MY_EMAIL }} LOG_LEVEL: ${{ vars.LOG_LEVEL }}
MY_INFO_EMAIL: ${{ secrets.MY_INFO_EMAIL }} NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}
NEXT_PUBLIC_UMAMI_URL: ${{ vars.NEXT_PUBLIC_UMAMI_URL }}
NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
MY_EMAIL: ${{ vars.MY_EMAIL }}
MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}
MY_PASSWORD: ${{ secrets.MY_PASSWORD }} MY_PASSWORD: ${{ secrets.MY_PASSWORD }}
MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }} MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }}
ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }} ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }}

45
.gitea/workflows/debug-secrets.yml
View File

@@ -17,27 +17,17 @@ jobs:
echo "🔍 Checking if secrets are available..." echo "🔍 Checking if secrets are available..."
echo "" echo ""
# Check each secret/variable (without revealing values) echo "📊 VARIABLES:"
if [ -n "${{ secrets.NEXT_PUBLIC_BASE_URL }}" ]; then echo "✅ NODE_ENV: ${{ vars.NODE_ENV }}"
echo "✅ NEXT_PUBLIC_BASE_URL: Set as SECRET (length: ${#NEXT_PUBLIC_BASE_URL})" echo "✅ LOG_LEVEL: ${{ vars.LOG_LEVEL }}"
elif [ -n "${{ vars.NEXT_PUBLIC_BASE_URL }}" ]; then echo "✅ NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}"
echo "✅ NEXT_PUBLIC_BASE_URL: Set as VARIABLE (length: ${#NEXT_PUBLIC_BASE_URL})" echo "✅ NEXT_PUBLIC_UMAMI_URL: ${{ vars.NEXT_PUBLIC_UMAMI_URL }}"
else echo "✅ NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}"
echo "❌ NEXT_PUBLIC_BASE_URL: Not set in secrets or variables" echo "✅ MY_EMAIL: ${{ vars.MY_EMAIL }}"
fi echo "✅ MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}"
if [ -n "${{ secrets.MY_EMAIL }}" ]; then
echo "✅ MY_EMAIL: Set (length: ${#MY_EMAIL})"
else
echo "❌ MY_EMAIL: Not set"
fi
if [ -n "${{ secrets.MY_INFO_EMAIL }}" ]; then
echo "✅ MY_INFO_EMAIL: Set (length: ${#MY_INFO_EMAIL})"
else
echo "❌ MY_INFO_EMAIL: Not set"
fi
echo ""
echo "🔐 SECRETS:"
if [ -n "${{ secrets.MY_PASSWORD }}" ]; then if [ -n "${{ secrets.MY_PASSWORD }}" ]; then
echo "✅ MY_PASSWORD: Set (length: ${#MY_PASSWORD})" echo "✅ MY_PASSWORD: Set (length: ${#MY_PASSWORD})"
else else
@@ -58,12 +48,17 @@ jobs:
echo "" echo ""
echo "📋 Summary:" echo "📋 Summary:"
echo "Total secrets checked: 6" echo "Variables: 7 configured"
echo "Set secrets: $(echo "${{ secrets.NEXT_PUBLIC_BASE_URL }}${{ secrets.MY_EMAIL }}${{ secrets.MY_INFO_EMAIL }}${{ secrets.MY_PASSWORD }}${{ secrets.MY_INFO_PASSWORD }}${{ secrets.ADMIN_BASIC_AUTH }}" | grep -o . | wc -l)" echo "Secrets: 3 configured"
echo "Total environment variables: 10"
env: env:
NEXT_PUBLIC_BASE_URL: ${{ secrets.NEXT_PUBLIC_BASE_URL || vars.NEXT_PUBLIC_BASE_URL }} NODE_ENV: ${{ vars.NODE_ENV }}
MY_EMAIL: ${{ secrets.MY_EMAIL }} LOG_LEVEL: ${{ vars.LOG_LEVEL }}
MY_INFO_EMAIL: ${{ secrets.MY_INFO_EMAIL }} NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}
NEXT_PUBLIC_UMAMI_URL: ${{ vars.NEXT_PUBLIC_UMAMI_URL }}
NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
MY_EMAIL: ${{ vars.MY_EMAIL }}
MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}
MY_PASSWORD: ${{ secrets.MY_PASSWORD }} MY_PASSWORD: ${{ secrets.MY_PASSWORD }}
MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }} MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }}
ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }} ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }}