mirror of
https://github.com/msfjarvis/msfjarvis.dev.git
synced 2024-06-03 04:18:56 +05:30
wrangler: leverage env and secrets
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
This commit is contained in:
parent
67fba3aab6
commit
cc1d50f8e7
8
.github/workflows/deploy-to-cloudflare.yml
vendored
8
.github/workflows/deploy-to-cloudflare.yml
vendored
|
@ -29,11 +29,12 @@ jobs:
|
||||||
npm install -g @cloudflare/wrangler
|
npm install -g @cloudflare/wrangler
|
||||||
mkdir -p ~/.wrangler/config/
|
mkdir -p ~/.wrangler/config/
|
||||||
echo "api_token=\"${CF_API_TOKEN}\"" > ~/.wrangler/config/default.toml
|
echo "api_token=\"${CF_API_TOKEN}\"" > ~/.wrangler/config/default.toml
|
||||||
./scripts/decrypt-secret.sh config/wrangler-main.toml.enc wrangler.toml ${SECRETS_ENC_KEY}
|
~/bin/wrangler publish --env production
|
||||||
~/bin/wrangler publish
|
|
||||||
env:
|
env:
|
||||||
SECRETS_ENC_KEY: ${{ secrets.SECRETS_ENC_KEY }}
|
SECRETS_ENC_KEY: ${{ secrets.SECRETS_ENC_KEY }}
|
||||||
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
||||||
|
CF_ZONE_ID: ${{ secrets.CF_ZONE_ID }}
|
||||||
|
CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||||
|
|
||||||
deploy-staging:
|
deploy-staging:
|
||||||
if: "contains(github.event.head_commit.message, '[staging]')"
|
if: "contains(github.event.head_commit.message, '[staging]')"
|
||||||
|
@ -58,8 +59,9 @@ jobs:
|
||||||
npm install -g @cloudflare/wrangler
|
npm install -g @cloudflare/wrangler
|
||||||
mkdir -p ~/.wrangler/config/
|
mkdir -p ~/.wrangler/config/
|
||||||
echo "api_token=\"${CF_API_TOKEN}\"" > ~/.wrangler/config/default.toml
|
echo "api_token=\"${CF_API_TOKEN}\"" > ~/.wrangler/config/default.toml
|
||||||
./scripts/decrypt-secret.sh config/wrangler-staging.toml.enc wrangler.toml ${SECRETS_ENC_KEY}
|
|
||||||
~/bin/wrangler publish
|
~/bin/wrangler publish
|
||||||
env:
|
env:
|
||||||
SECRETS_ENC_KEY: ${{ secrets.SECRETS_ENC_KEY }}
|
SECRETS_ENC_KEY: ${{ secrets.SECRETS_ENC_KEY }}
|
||||||
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
CF_API_TOKEN: ${{ secrets.CF_API_TOKEN }}
|
||||||
|
CF_ZONE_ID: ${{ secrets.CF_ZONE_ID }}
|
||||||
|
CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }}
|
||||||
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -5,4 +5,3 @@ node_modules/
|
||||||
transpiled/
|
transpiled/
|
||||||
worker/
|
worker/
|
||||||
package-lock.json
|
package-lock.json
|
||||||
wrangler.toml
|
|
||||||
|
|
Binary file not shown.
Binary file not shown.
|
@ -1,13 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
INPUT_FILE=$1
|
|
||||||
OUTPUT_FILE=$2
|
|
||||||
ENCRYPT_KEY=$3
|
|
||||||
|
|
||||||
if [[ -n "$ENCRYPT_KEY" && -n "$INPUT_FILE" && -n "$OUTPUT_FILE" ]]; then
|
|
||||||
openssl enc -aes-256-cbc -md sha256 -pbkdf2 -d -in "${INPUT_FILE}" -out "${OUTPUT_FILE}" -k "${ENCRYPT_KEY}"
|
|
||||||
else
|
|
||||||
echo "Usage: ./decrypt-secret.sh <input file> <output file> <encryption key>"
|
|
||||||
fi
|
|
13
wrangler.toml
Normal file
13
wrangler.toml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
name = "msfjarvis-dev-staging"
|
||||||
|
type = "webpack"
|
||||||
|
webpack_config = "webpack.config.js"
|
||||||
|
workers_dev = false
|
||||||
|
route = "staging.msfjarvis.dev/*"
|
||||||
|
|
||||||
|
[site]
|
||||||
|
bucket = "./public"
|
||||||
|
entry-point = "workers-site"
|
||||||
|
|
||||||
|
[env.production]
|
||||||
|
name = "msfjarvis-dev"
|
||||||
|
route = "msfjarvis.dev/*"
|
Loading…
Reference in New Issue
Block a user