Skip to content

Commit 61d658d

Browse files
DontMashDontMash
committed
feat: use docker secrets
1 parent 526b74a commit 61d658d

File tree

2 files changed

+9
-24
lines changed

2 files changed

+9
-24
lines changed

.github/workflows/ci.yml

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -33,15 +33,16 @@ jobs:
3333
tags: registry.work.soren.codes/portfolio:latest
3434
build-args: |
3535
REPOSITORY=${ GITHUB_REPOSITORY }
36-
PREVIEW_SITE=${{ secrets.PREVIEW_SITE }}
37-
KEYSTATIC_GITHUB_CLIENT_ID=${{ secrets.KEYSTATIC_GITHUB_CLIENT_ID }}
38-
KEYSTATIC_GITHUB_CLIENT_SECRET=${{ secrets.KEYSTATIC_GITHUB_CLIENT_SECRET }}
39-
KEYSTATIC_SECRET=${{ secrets.KEYSTATIC_SECRET }}
40-
PUBLIC_KEYSTATIC_GITHUB_APP_SLUG=${{ secrets.PUBLIC_KEYSTATIC_GITHUB_APP_SLUG }}
41-
RESEND_API_KEY=${{ secrets.RESEND_API_KEY }}
42-
EMAIL_USER=${{ secrets.EMAIL_USER }}
43-
EMAIL_TARGET=${{ secrets.EMAIL_TARGET }}
4436
BRAND_NAME=${{ vars.BRAND_NAME }}
4537
BRAND_DESCRIPTION=${{ vars.BRAND_DESCRIPTION }}
4638
BRAND_LOGO=${{ vars.BRAND_LOGO }}
4739
BRAND_TWITTER=${{ vars.BRAND_TWITTER }}
40+
secrets: |
41+
"PREVIEW_SITE=${{ secrets.PREVIEW_SITE }}"
42+
"KEYSTATIC_GITHUB_CLIENT_ID=${{ secrets.KEYSTATIC_GITHUB_CLIENT_ID }}"
43+
"KEYSTATIC_GITHUB_CLIENT_SECRET=${{ secrets.KEYSTATIC_GITHUB_CLIENT_SECRET }}"
44+
"KEYSTATIC_SECRET=${{ secrets.KEYSTATIC_SECRET }}"
45+
"PUBLIC_KEYSTATIC_GITHUB_APP_SLUG=${{ secrets.PUBLIC_KEYSTATIC_GITHUB_APP_SLUG }}"
46+
"RESEND_API_KEY=${{ secrets.RESEND_API_KEY }}"
47+
"EMAIL_USER=${{ secrets.EMAIL_USER }}"
48+
"EMAIL_TARGET=${{ secrets.EMAIL_TARGET }}"

dockerfile

Lines changed: 0 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -6,36 +6,20 @@ WORKDIR /app
66
ARG BUN_VERSION
77
RUN echo "Using bun ${BUN_VERSION}-slim"
88

9-
ARG PREVIEW_SITE
109
ARG REPOSITORY
1110
ARG KEYSTATIC_SKIP
12-
ARG KEYSTATIC_GITHUB_CLIENT_ID
13-
ARG KEYSTATIC_GITHUB_CLIENT_SECRET
14-
ARG KEYSTATIC_SECRET
15-
ARG PUBLIC_KEYSTATIC_GITHUB_APP_SLUG
1611
ARG BRAND_NAME
1712
ARG BRAND_DESCRIPTION
1813
ARG BRAND_LOGO
1914
ARG BRAND_TWITTER
20-
ARG RESEND_API_KEY
21-
ARG EMAIL_USER
22-
ARG EMAIL_TARGET
2315

2416
ENV ASTRO_TELEMETRY_DISABLED=1
25-
ENV PREVIEW_SITE=$PREVIEW_SITE
2617
ENV REPOSITORY=$REPOSITORY
2718
ENV KEYSTATIC_SKIP=$KEYSTATIC_SKIP
28-
ENV KEYSTATIC_GITHUB_CLIENT_ID=$KEYSTATIC_GITHUB_CLIENT_ID
29-
ENV KEYSTATIC_GITHUB_CLIENT_SECRET=$KEYSTATIC_GITHUB_CLIENT_SECRET
30-
ENV KEYSTATIC_SECRET=$KEYSTATIC_SECRET
31-
ENV PUBLIC_KEYSTATIC_GITHUB_APP_SLUG=$PUBLIC_KEYSTATIC_GITHUB_APP_SLUG
3219
ENV BRAND_NAME=$BRAND_NAME
3320
ENV BRAND_DESCRIPTION=$BRAND_DESCRIPTION
3421
ENV BRAND_LOGO=$BRAND_LOGO
3522
ENV BRAND_TWITTER=$BRAND_TWITTER
36-
ENV RESEND_API_KEY=$RESEND_API_KEY
37-
ENV EMAIL_USER=$EMAIL_USER
38-
ENV EMAIL_TARGET=$EMAIL_TARGET
3923

4024
COPY package.json bun.lock ./
4125

0 commit comments

Comments
 (0)