🚧 generate env file from github secrets

devfolioco · Jun 15, 2023 · b7736ad · b7736ad
1 parent 857a8fa
commit b7736ad
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 10 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -18,31 +18,37 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Generate ENV file
+        uses: SpicyPizza/[email protected]
+        with:
+          envkey_INFURA_ID: ${{ secrets.INFURA_ID }}
       - name: Build and push Latest
         if: github.event.release.prerelease == false
         id: docker_build_latest
         uses: docker/build-push-action@v3
         with:
+          context: .
           push: true
           cache-from: type=gha
           cache-to: type=gha,mode=max
           platforms: linux/amd64
           tags: |
             ghcr.io/devfolioco/siwe-oidc:${{ github.event.release.tag_name }}
             ghcr.io/devfolioco/siwe-oidc:latest
-          secrets: |
-            "INFURA_ID=${{ secrets.INFURA_ID }}"
+          secret-files: |
+            "ENV=./.env"
       - name: Build and push Pre-Release
         if: github.event.release.prerelease == true
         id: docker_build_prerelease
         uses: docker/build-push-action@v3
         with:
+          context: .
           push: true
           cache-from: type=gha
           cache-to: type=gha,mode=max
           # @todo Add arm builds once they are faster
           platforms: linux/amd64
           tags: |
             ghcr.io/devfolioco/siwe-oidc:${{ github.event.release.tag_name }}
-          secrets: |
-            "INFURA_ID=${{ secrets.INFURA_ID }}"
+          secret-files: |
+            "ENV=./.env"
diff --git a/Dockerfile b/Dockerfile
@@ -18,12 +18,8 @@ FROM node:16-alpine as node_builder
 # Reference https://github.com/mhart/alpine-node/issues/27#issuecomment-880663905
 RUN apk add --no-cache --virtual .build-deps alpine-sdk python3
 
-RUN --mount=type=secret,id=INFURA_ID \
-    export INFURA_ID=$(cat /run/secrets/INFURA_ID)
-
-ENV FORTMATIC_KEY=""
-ENV INFURA_ID=""
-ENV PORTIS_ID=""
+RUN --mount=type=secret,id=ENV,dst=/ENV \
+  NODE_OPTIONS="--max-old-space-size=8192" cat /ENV > .env
 
 
 ADD --chown=node:node ./static /siwe-oidc/static
@@ -36,6 +32,7 @@ FROM chef as builder
 COPY --from=dep_cacher /siwe-oidc/target/ ./target/
 COPY --from=dep_cacher $CARGO_HOME $CARGO_HOME
 COPY --from=dep_planner /siwe-oidc/ ./
+COPY --from=dep_planner /siwe-oidc/.env .env
 RUN cargo build --release
 
 FROM alpine