mirror of
https://github.com/r-freeman/portfolio.git
synced 2024-11-25 04:45:41 +00:00
Update handling of secrets
Some checks failed
Build And Publish / BuildAndPublish (push) Failing after 1m39s
Some checks failed
Build And Publish / BuildAndPublish (push) Failing after 1m39s
This commit is contained in:
parent
d4c5abe5f4
commit
033c0222ed
@ -1,3 +1,4 @@
|
|||||||
node_modules
|
node_modules
|
||||||
.git
|
.git
|
||||||
.next
|
.next
|
||||||
|
.env
|
@ -32,13 +32,29 @@ jobs:
|
|||||||
[registry."docker.io"]
|
[registry."docker.io"]
|
||||||
mirrors = ["mirror.gcr.io"]
|
mirrors = ["mirror.gcr.io"]
|
||||||
|
|
||||||
- name: Build and push Docker image
|
# - name: Build and push Docker image
|
||||||
uses: https://github.com/docker/build-push-action@v6
|
# uses: https://github.com/docker/build-push-action@v6
|
||||||
with:
|
# with:
|
||||||
context: .
|
# context: .
|
||||||
file: ./Dockerfile
|
# file: ./Dockerfile
|
||||||
push: true
|
# push: true
|
||||||
tags: ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1
|
# tags: ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1
|
||||||
|
|
||||||
|
- name: Build Docker image
|
||||||
|
run: |
|
||||||
|
DOCKER_BUILDKIT=1 docker build --secret id=SPOTIFY_CLIENT_ID,src=.env \
|
||||||
|
--secret id=SPOTIFY_CLIENT_SECRET,src=.env \
|
||||||
|
--secret id=SPOTIFY_REFRESH_TOKEN,src=.env \
|
||||||
|
--secret id=NEXT_PUBLIC_SITE_URL,src=.env \
|
||||||
|
--secret id=GITHUB_ACCESS_TOKEN,src=.env \
|
||||||
|
--secret id=GITHUB_USERNAME,src=.env \
|
||||||
|
--secret id=GITHUB_CLIENT_ID,src=.env \
|
||||||
|
--secret id=GITHUB_SECRET,src=.env \
|
||||||
|
--secret id=NEXT_PUBLIC_SUPABASE_URL,src=.env \
|
||||||
|
--secret id=NEXT_PUBLIC_SUPABASE_ANON_KEY,src=.env \
|
||||||
|
--secret id=SUPABASE_SERVICE_ROLE_KEY,src=.env \
|
||||||
|
-t ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1 \
|
||||||
|
.
|
||||||
|
|
||||||
- name: Push the Docker image
|
- name: Push the Docker image
|
||||||
run: |
|
run: |
|
||||||
|
33
Dockerfile
33
Dockerfile
@ -6,6 +6,39 @@ FROM base AS deps
|
|||||||
RUN apk add --no-cache libc6-compat
|
RUN apk add --no-cache libc6-compat
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=SPOTIFY_CLIENT_ID \
|
||||||
|
export SPOTIFY_CLIENT_ID=$(cat /run/secrets/SPOTIFY_CLIENT_ID)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=SPOTIFY_CLIENT_SECRET \
|
||||||
|
export SPOTIFY_CLIENT_SECRET=$(cat /run/secrets/SPOTIFY_CLIENT_SECRET)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=SPOTIFY_REFRESH_TOKEN \
|
||||||
|
export SPOTIFY_REFRESH_TOKEN=$(cat /run/secrets/SPOTIFY_REFRESH_TOKEN)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=NEXT_PUBLIC_SITE_URL \
|
||||||
|
export NEXT_PUBLIC_SITE_URL=$(cat /run/secrets/NEXT_PUBLIC_SITE_URL)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=GITHUB_ACCESS_TOKEN \
|
||||||
|
export GITHUB_ACCESS_TOKEN=$(cat /run/secrets/GITHUB_ACCESS_TOKEN)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=GITHUB_USERNAME \
|
||||||
|
export GITHUB_USERNAME=$(cat /run/secrets/GITHUB_USERNAME)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=GITHUB_CLIENT_ID \
|
||||||
|
export GITHUB_CLIENT_ID=$(cat /run/secrets/GITHUB_CLIENT_ID)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=GITHUB_SECRET \
|
||||||
|
export GITHUB_SECRET=$(cat /run/secrets/GITHUB_SECRET)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=NEXT_PUBLIC_SUPABASE_URL \
|
||||||
|
export NEXT_PUBLIC_SUPABASE_URL=$(cat /run/secrets/NEXT_PUBLIC_SUPABASE_URL)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=NEXT_PUBLIC_SUPABASE_ANON_KEY \
|
||||||
|
export NEXT_PUBLIC_SUPABASE_ANON_KEY=$(cat /run/secrets/NEXT_PUBLIC_SUPABASE_ANON_KEY)
|
||||||
|
|
||||||
|
RUN --mount=type=secret,id=SUPABASE_SERVICE_ROLE_KEY \
|
||||||
|
export SUPABASE_SERVICE_ROLE_KEY=$(cat /run/secrets/SUPABASE_SERVICE_ROLE_KEY)
|
||||||
|
|
||||||
# Install dependencies based on the preferred package manager
|
# Install dependencies based on the preferred package manager
|
||||||
COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./
|
COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./
|
||||||
RUN \
|
RUN \
|
||||||
|
Loading…
Reference in New Issue
Block a user