You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
Our .env file contains important credentials used for Firebase access and potentially other backend services. However, including the .env file in the remote repository is not advisable, as anonymous readers could access secure credentials, posing a potential security threat.
Developers typically obtain the .env file and its credentials from the project lead. The application requires the .env file during its initialization stage to connect with services like Firebase. This means, however, the GitHub Action will fail because it lacks the .env file in its remote environment, unlike individual developers who have it in their local setup.
One solution to this issue is dynamically creating the .env file during the deployment. This way, when a node server boots up, it can operate with a generated .env file. GitHub supports a secret management feature called GitHub Secrets. To view the secrets in GitHub Secrets in our repository, navigate to the 'Settings' tab. On the left-hand side of the menu, you'll be able to find the 'Secrets' or 'Actions'.
Your task is straightforward. Since we have the .env.example file in the repository containing the names of the secret keys, you need to edit the .github/workflows/node.js.yml file and populate the values in GitHub Secrets corresponding to the keys in the .env.example file. After that, rename .env.example to .env before initiating the server app.
Below is an example code snippet you can refer to for editing the workflow:
modify .github/worfklows/node.js.yml to create .env file during the deployment. Scretes are provided in the Github Scretes. Find the matching keys in .env.example file, fill the values, and rename it.
Our Github Action is currently failing due to the missing env file during the workflow. The issue should be resolved if this ticket is completed correctly. You may make a multiple push to test Github Action runs.
The text was updated successfully, but these errors were encountered:
jiin-kim109
changed the title
Generate .env in Github Action workflow during the deployment.
Dynamically generate .env in Github Action workflow during the deployment.
Nov 19, 2023
Description:
Our .env file contains important credentials used for Firebase access and potentially other backend services. However, including the .env file in the remote repository is not advisable, as anonymous readers could access secure credentials, posing a potential security threat.
Developers typically obtain the .env file and its credentials from the project lead. The application requires the .env file during its initialization stage to connect with services like Firebase. This means, however, the GitHub Action will fail because it lacks the .env file in its remote environment, unlike individual developers who have it in their local setup.
To learn more about GitHub Actions and CI/CD, visit:
https://www.youtube.com/watch?v=URmeTqglS58
https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
One solution to this issue is dynamically creating the .env file during the deployment. This way, when a node server boots up, it can operate with a generated .env file. GitHub supports a secret management feature called GitHub Secrets. To view the secrets in GitHub Secrets in our repository, navigate to the 'Settings' tab. On the left-hand side of the menu, you'll be able to find the 'Secrets' or 'Actions'.
The GitHub workflow can fetch the values of GitHub Secrets while it's running. Check out the following article to see how it works:
https://github.com/Azure/actions-workflow-samples/blob/master/assets/create-secrets-for-GitHub-workflows.md
Your task is straightforward. Since we have the .env.example file in the repository containing the names of the secret keys, you need to edit the .github/workflows/node.js.yml file and populate the values in GitHub Secrets corresponding to the keys in the .env.example file. After that, rename .env.example to .env before initiating the server app.
Below is an example code snippet you can refer to for editing the workflow:
Acceptance Critieria:
modify
.github/worfklows/node.js.yml
to create.env
file during the deployment. Scretes are provided in the Github Scretes. Find the matching keys in .env.example file, fill the values, and rename it.Our Github Action is currently failing due to the missing env file during the workflow. The issue should be resolved if this ticket is completed correctly. You may make a multiple push to test Github Action runs.
The text was updated successfully, but these errors were encountered: