Added env file support
This commit is contained in:
@@ -96,6 +96,14 @@ Port the app listens on inside the container (default `3000`)
|
||||
|
||||
Extra `KEY=VALUE` docker build args (space-separated)
|
||||
|
||||
`env-vars`
|
||||
|
||||
Runtime env vars for the container, one `KEY=VALUE` per line. Merged on top of `/opt/apps/${app-name}/.env.${environment}` on the runner — keys defined here win. Reference secrets here so values stay masked in logs.
|
||||
|
||||
env-vars: |
|
||||
DATABASE_URL=${{ secrets.DATABASE_URL }}
|
||||
API_KEY=${{ secrets.API_KEY }}
|
||||
|
||||
### Cleanup
|
||||
|
||||
Stops the preview container and removes its Pangolin resource. Intended for `delete` branch events — the slug is derived from the branch name internally.
|
||||
|
||||
@@ -16,6 +16,13 @@ inputs:
|
||||
required: false
|
||||
default: ""
|
||||
description: Extra docker build args (space-separated KEY=VALUE pairs)
|
||||
env-vars:
|
||||
required: false
|
||||
default: ""
|
||||
description: |
|
||||
Runtime env vars for the container, one KEY=VALUE per line.
|
||||
Merged on top of /opt/apps/${app-name}/.env.${environment} on the runner;
|
||||
keys defined here win. Use secrets to avoid leaking values into logs.
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
@@ -66,6 +73,19 @@ runs:
|
||||
-t ${{ inputs.app-name }}:${{ steps.derive.outputs.tag }} \
|
||||
-f dockerfile .
|
||||
|
||||
- name: Write workflow env-vars to file
|
||||
id: env-file
|
||||
shell: bash
|
||||
env:
|
||||
ENV_VARS: ${{ inputs.env-vars }}
|
||||
run: |
|
||||
OVERRIDE_FILE=""
|
||||
if [[ -n "$ENV_VARS" ]]; then
|
||||
OVERRIDE_FILE=$(mktemp)
|
||||
printf '%s\n' "$ENV_VARS" > "$OVERRIDE_FILE"
|
||||
fi
|
||||
echo "path=$OVERRIDE_FILE" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Deploy container
|
||||
shell: bash
|
||||
run: |
|
||||
@@ -74,7 +94,8 @@ runs:
|
||||
--tag "${{ steps.derive.outputs.tag }}" \
|
||||
--port "${{ steps.derive.outputs.port }}" \
|
||||
--internal-port "${{ inputs.internal-port }}" \
|
||||
--env "${{ steps.derive.outputs.environment }}"
|
||||
--env "${{ steps.derive.outputs.environment }}" \
|
||||
--env-override "${{ steps.env-file.outputs.path }}"
|
||||
|
||||
- name: Register Pangolin resource
|
||||
shell: bash
|
||||
|
||||
@@ -6,27 +6,45 @@ TAG=""
|
||||
PORT=""
|
||||
INTERNAL_PORT="3000"
|
||||
ENV=""
|
||||
ENV_OVERRIDE=""
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
--name) APP_NAME="$2"; shift 2 ;;
|
||||
--tag) TAG="$2"; shift 2 ;;
|
||||
--port) PORT="$2"; shift 2 ;;
|
||||
--internal-port) INTERNAL_PORT="$2"; shift 2 ;;
|
||||
--env) ENV="$2"; shift 2 ;;
|
||||
--name) APP_NAME="$2"; shift 2 ;;
|
||||
--tag) TAG="$2"; shift 2 ;;
|
||||
--port) PORT="$2"; shift 2 ;;
|
||||
--internal-port) INTERNAL_PORT="$2";shift 2 ;;
|
||||
--env) ENV="$2"; shift 2 ;;
|
||||
--env-override) ENV_OVERRIDE="$2"; shift 2 ;;
|
||||
*) echo "Unknown arg: $1"; exit 1 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
CONTAINER="${APP_NAME}-${TAG}"
|
||||
ON_DISK="/opt/apps/${APP_NAME}/.env.${ENV}"
|
||||
|
||||
echo "→ Deploying container: ${CONTAINER} on port ${PORT}"
|
||||
|
||||
docker stop "${CONTAINER}" 2>/dev/null && docker rm "${CONTAINER}" 2>/dev/null || true
|
||||
|
||||
ENV_FILE_ARG=""
|
||||
if [[ -f "/opt/apps/${APP_NAME}/.env.${ENV}" ]]; then
|
||||
ENV_FILE_ARG="--env-file /opt/apps/${APP_NAME}/.env.${ENV}"
|
||||
HAS_ON_DISK=0
|
||||
HAS_OVERRIDE=0
|
||||
[[ -f "${ON_DISK}" ]] && HAS_ON_DISK=1
|
||||
[[ -n "${ENV_OVERRIDE}" && -f "${ENV_OVERRIDE}" ]] && HAS_OVERRIDE=1
|
||||
|
||||
if (( HAS_ON_DISK == 1 && HAS_OVERRIDE == 0 )); then
|
||||
ENV_FILE_ARG="--env-file ${ON_DISK}"
|
||||
elif (( HAS_OVERRIDE == 1 && HAS_ON_DISK == 0 )); then
|
||||
ENV_FILE_ARG="--env-file ${ENV_OVERRIDE}"
|
||||
elif (( HAS_ON_DISK == 1 && HAS_OVERRIDE == 1 )); then
|
||||
MERGED=$(mktemp)
|
||||
# On-disk first, override second; tac/awk/tac keeps the last occurrence per key.
|
||||
{ cat "${ON_DISK}"; echo; cat "${ENV_OVERRIDE}"; } \
|
||||
| grep -Ev '^[[:space:]]*(#|$)' \
|
||||
| tac | awk -F= '!seen[$1]++' | tac \
|
||||
> "${MERGED}"
|
||||
ENV_FILE_ARG="--env-file ${MERGED}"
|
||||
fi
|
||||
|
||||
docker run -d \
|
||||
|
||||
@@ -24,6 +24,9 @@ jobs:
|
||||
with:
|
||||
app-name: ${{ vars.APP_NAME }}
|
||||
branch: ${{ github.ref_name }}
|
||||
env-vars: |
|
||||
DATABASE_URL=${{ secrets.DATABASE_URL }}
|
||||
API_KEY=${{ secrets.API_KEY }}
|
||||
|
||||
cleanup-preview:
|
||||
if: github.event_name == 'delete' && github.event.ref_type == 'branch'
|
||||
|
||||
Reference in New Issue
Block a user