fix(ci): Remove environment variables and secrets inputs from Dockerf…

…ile and workflow (#239)
compsci-adl · Feb 4, 2025 · 8781299 · 8781299
1 parent bc5a5e8
commit 8781299
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 52 deletions.
diff --git a/.github/workflows/production.yml b/.github/workflows/production.yml
@@ -49,19 +49,11 @@ jobs:
 
       - name: Build Docker container
         env:
-          NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI: ${{ secrets.NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI }}
-          NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER: ${{ secrets.NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER }}
-          NEXT_PUBLIC_DRIVE_LINK: ${{ secrets.NEXT_PUBLIC_DRIVE_LINK }}
-          NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
           PRODUCTION_BUILD: 'true'
         run: |
           docker buildx build \
             --cache-from=type=local,src=/tmp/.buildx-cache \
             --cache-to=type=local,dest=/tmp/.buildx-cache-new,mode=max \
-            --secret id=NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI \
-            --secret id=NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER \
-            --secret id=NEXT_PUBLIC_DRIVE_LINK \
-            --secret id=NEXT_PUBLIC_UMAMI_WEBSITE_ID \
             --output type=docker,dest=csclub-website.tar \
             --platform=linux/arm64 --file=Dockerfile -t csclub-website .
           gzip csclub-website.tar
@@ -87,47 +79,12 @@ jobs:
           KEY: ${{ secrets.SSH_EC2_KEY }}
           HOSTNAME: ${{ secrets.SSH_EC2_HOSTNAME }}
           USER: ${{ secrets.SSH_EC2_USER }}
-          AUTH_SECRET: ${{ secrets.AUTH_SECRET }}
-          AUTH_KEYCLOAK_ID: ${{ secrets.AUTH_KEYCLOAK_ID }}
-          AUTH_KEYCLOAK_SECRET: ${{ secrets.AUTH_KEYCLOAK_SECRET }}
-          AUTH_KEYCLOAK_ISSUER: ${{ secrets.AUTH_KEYCLOAK_ISSUER }}
-          NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI: ${{ secrets.NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI }}
-          NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER: ${{ secrets.NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER }}
-          DATABASE_URL: ${{ secrets.DATABASE_URL }}
-          DATABASE_AUTH_TOKEN: ${{ secrets.DATABASE_AUTH_TOKEN }}
-          REDIS_URI: ${{ secrets.REDIS_URI }}
-          NEXT_PUBLIC_DRIVE_LINK: ${{ secrets.NEXT_PUBLIC_DRIVE_LINK }}
-          NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
-          SMTP_HOST: ${{ secrets.SMTP_HOST }}
-          SMTP_USER: ${{ secrets.SMTP_USER }}
-          SMTP_PASS: ${{ secrets.SMTP_PASS }}
-          SMTP_EMAIL_ADDRESS: ${{ secrets.SMTP_EMAIL_ADDRESS }}
-          SQUARE_ACCESS_TOKEN: ${{ secrets.SQUARE_ACCESS_TOKEN }}
-          SQUARE_LOCATION_ID: ${{ secrets.SQUARE_LOCATION_ID }}
         run: |
           echo "$KEY" > private_key && chmod 600 private_key
           ssh -v -o StrictHostKeyChecking=no -i private_key ${USER}@${HOSTNAME} '
             cd ~/website
             aws s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/website/csclub-website.tar.gz .
             aws s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/website/docker-compose.yml .
-            echo AUTH_SECRET=${{ secrets.AUTH_SECRET }} > .env.local
-            echo AUTH_KEYCLOAK_ID=${{ secrets.AUTH_KEYCLOAK_ID }} > .env.local
-            echo AUTH_KEYCLOAK_SECRET=${{ secrets.AUTH_KEYCLOAK_SECRET }} >> .env.local
-            echo AUTH_KEYCLOAK_ISSUER=${{ secrets.AUTH_KEYCLOAK_ISSUER }} >> .env.local
-            echo NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI=${{ secrets.NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI }} >> .env.local
-            echo NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER=${{ secrets.NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER }} >> .env.local
-            echo DATABASE_URL=${{ secrets.DATABASE_URL }} >> .env.local
-            echo DATABASE_AUTH_TOKEN=${{ secrets.DATABASE_AUTH_TOKEN }} >> .env.local
-            echo REDIS_URI=${{ secrets.REDIS_URI }} >> .env.local
-            echo NEXT_PUBLIC_DRIVE_LINK=${{ secrets.NEXT_PUBLIC_DRIVE_LINK }} >> .env.local
-            echo NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} >> .env.local
-            echo SMTP_HOST=${{ secrets.SMTP_HOST }} >> .env.local
-            echo SMTP_USER=${{ secrets.SMTP_USER }} >> .env.local
-            echo SMTP_PASS=${{ secrets.SMTP_PASS }} >> .env.local
-            echo SMTP_EMAIL_ADDRESS=${{ secrets.SMTP_EMAIL_ADDRESS }} >> .env.local
-            echo SQUARE_ACCESS_TOKEN=${{ secrets.SQUARE_ACCESS_TOKEN }} >> .env.local
-            echo SQUARE_LOCATION_ID=${{ secrets.SQUARE_LOCATION_ID }} >> .env.local
             docker load -i csclub-website.tar.gz
             docker compose up -d
-            docker restart csclub-website
           '
diff --git a/Dockerfile b/Dockerfile
@@ -22,15 +22,7 @@ RUN npm install -g pnpm \
 
 COPY . .
 
-RUN --mount=type=secret,id=NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI,target=/run/secrets/NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI \
-    --mount=type=secret,id=NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER,target=/run/secrets/NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER \
-    --mount=type=secret,id=NEXT_PUBLIC_DRIVE_LINK,target=/run/secrets/NEXT_PUBLIC_DRIVE_LINK \
-    --mount=type=secret,id=NEXT_PUBLIC_UMAMI_WEBSITE_ID,target=/run/secrets/NEXT_PUBLIC_UMAMI_WEBSITE_ID \
-    NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI=$(cat /run/secrets/NEXT_PUBLIC_KEYCLOAK_REDIRECT_URI) \
-    NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER=$(cat /run/secrets/NEXT_PUBLIC_AUTH_KEYCLOAK_ISSUER) \
-    NEXT_PUBLIC_DRIVE_LINK=$(cat /run/secrets/NEXT_PUBLIC_DRIVE_LINK) \
-    NEXT_PUBLIC_UMAMI_WEBSITE_ID=$(cat /run/secrets/NEXT_PUBLIC_UMAMI_WEBSITE_ID) \
-    pnpm run build
+RUN pnpm run build
 
 # Final deployment image
 FROM node:20-bookworm-slim AS runner