refactor: use environment variable for GHOST_API_KEY

Replace hardcoded GHOST_API_KEY with process.env.GHOST_API_KEY in API routes to enhance security. Update Docker commands in the CI workflow to pass the GHOST_API_KEY as an environment variable. Add GHOST_API_KEY to the Next.js configuration for consistent access across the application.
2025-02-12 17:30:31 +01:00
parent af35a071a7
commit b87b1d6237
4 changed files with 19 additions and 13 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -39,34 +39,38 @@ jobs:
          IMAGE_NAME="my-nextjs-app:$DEPLOY_ENV"
          NEW_CONTAINER_NAME="$CONTAINER_NAME-new"

-          # Entferne vorhandenen temporären Container, falls vorhanden
+          # Remove existing temporary container, if any
          if [ "$(docker ps -aq -f name=$NEW_CONTAINER_NAME)" ]; then
            echo "Removing existing new container ($NEW_CONTAINER_NAME)..."
            docker rm -f "$NEW_CONTAINER_NAME" || true
          fi

-          # Starte den neuen Container auf einem temporären internen Port
-          docker run -d --name "$NEW_CONTAINER_NAME" -p 40000:3000 $IMAGE_NAME
+          # Start the new container on a temporary internal port
+          docker run -d --name "$NEW_CONTAINER_NAME" -p 40000:3000 \
+            -e GHOST_API_KEY="${{ secrets.GHOST_API_KEY }}" \
+            $IMAGE_NAME

-          # Warte, um sicherzustellen, dass der neue Container läuft
+          # Wait to ensure the new container is running
          sleep 10

-          # Prüfe, ob der neue Container erfolgreich läuft
+          # Check if the new container is running successfully
          if [ "$(docker inspect --format='{{.State.Running}}' $NEW_CONTAINER_NAME)" == "true" ]; then
-            # Stoppe und entferne den alten Container, falls vorhanden
+            # Stop and remove the old container, if any
            if [ "$(docker ps -aq -f name=$CONTAINER_NAME)" ]; then
              docker stop "$CONTAINER_NAME" || true
              docker rm "$CONTAINER_NAME" || true
            fi

-            # Stoppe und entferne den temporären Container
+            # Stop and remove the temporary new container
            docker stop "$NEW_CONTAINER_NAME" || true
            docker rm "$NEW_CONTAINER_NAME" || true

-            # Starte den Container mit dem gewünschten Namen und Port
-            docker run -d --name "$CONTAINER_NAME" -p $PORT:3000 $IMAGE_NAME
+            # Start the container with the desired name and port
+            docker run -d --name "$CONTAINER_NAME" -p $PORT:3000 \
+              -e GHOST_API_KEY="${{ secrets.GHOST_API_KEY }}" \
+              $IMAGE_NAME
          else
            echo "New container failed to start."
            docker logs $NEW_CONTAINER_NAME
            exit 1
-          fi
+          fi