wrangler: leverage env and secrets
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
This commit is contained in:
parent
67fba3aab6
commit
cc1d50f8e7
|
@ -29,11 +29,12 @@ jobs:
|
|||
npm install -g @cloudflare/wrangler
|
||||
mkdir -p ~/.wrangler/config/
|
||||
echo "api_token=\"${CF_API_TOKEN}\"" > ~/.wrangler/config/default.toml
|
||||
./scripts/decrypt-secret.sh config/wrangler-main.toml.enc wrangler.toml ${SECRETS_ENC_KEY}
|
||||
~/bin/wrangler publish
|
||||
~/bin/wrangler publish --env production
|
||||
env:
|
||||
SECRETS_ENC_KEY: ${{ secrets.SECRETS_ENC_KEY }}
|
||||
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
||||
CF_ZONE_ID: ${{ secrets.CF_ZONE_ID }}
|
||||
CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||
|
||||
deploy-staging:
|
||||
if: "contains(github.event.head_commit.message, '[staging]')"
|
||||
|
@ -58,8 +59,9 @@ jobs:
|
|||
npm install -g @cloudflare/wrangler
|
||||
mkdir -p ~/.wrangler/config/
|
||||
echo "api_token=\"${CF_API_TOKEN}\"" > ~/.wrangler/config/default.toml
|
||||
./scripts/decrypt-secret.sh config/wrangler-staging.toml.enc wrangler.toml ${SECRETS_ENC_KEY}
|
||||
~/bin/wrangler publish
|
||||
env:
|
||||
SECRETS_ENC_KEY: ${{ secrets.SECRETS_ENC_KEY }}
|
||||
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
||||
CF_ZONE_ID: ${{ secrets.CF_ZONE_ID }}
|
||||
CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||
|
|
|
@ -5,4 +5,3 @@ node_modules/
|
|||
transpiled/
|
||||
worker/
|
||||
package-lock.json
|
||||
wrangler.toml
|
||||
|
|
Binary file not shown.
Binary file not shown.
|
@ -1,13 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
INPUT_FILE=$1
|
||||
OUTPUT_FILE=$2
|
||||
ENCRYPT_KEY=$3
|
||||
|
||||
if [[ -n "$ENCRYPT_KEY" && -n "$INPUT_FILE" && -n "$OUTPUT_FILE" ]]; then
|
||||
openssl enc -aes-256-cbc -md sha256 -pbkdf2 -d -in "${INPUT_FILE}" -out "${OUTPUT_FILE}" -k "${ENCRYPT_KEY}"
|
||||
else
|
||||
echo "Usage: ./decrypt-secret.sh <input file> <output file> <encryption key>"
|
||||
fi
|
|
@ -0,0 +1,13 @@
|
|||
name = "msfjarvis-dev-staging"
|
||||
type = "webpack"
|
||||
webpack_config = "webpack.config.js"
|
||||
workers_dev = false
|
||||
route = "staging.msfjarvis.dev/*"
|
||||
|
||||
[site]
|
||||
bucket = "./public"
|
||||
entry-point = "workers-site"
|
||||
|
||||
[env.production]
|
||||
name = "msfjarvis-dev"
|
||||
route = "msfjarvis.dev/*"
|
Loading…
Reference in New Issue