fix: inject production jwt secret during deploy
TaxBaik CI/CD / build-and-deploy (push) Successful in 59s
TaxBaik CI/CD / build-and-deploy (push) Successful in 59s
This commit is contained in:
@@ -32,6 +32,31 @@ jobs:
|
|||||||
- name: Publish Web (통합 앱)
|
- name: Publish Web (통합 앱)
|
||||||
run: dotnet publish TaxBaik.Web/ -c Release -o ./publish --no-restore
|
run: dotnet publish TaxBaik.Web/ -c Release -o ./publish --no-restore
|
||||||
|
|
||||||
|
- name: Write production secrets
|
||||||
|
run: |
|
||||||
|
set -e
|
||||||
|
JWT_SECRET_KEY="${{ secrets.TAXBAIK_JWT_SECRET_KEY }}"
|
||||||
|
if [ -z "$JWT_SECRET_KEY" ]; then
|
||||||
|
echo "Missing TAXBAIK_JWT_SECRET_KEY secret" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
JWT_SECRET_KEY="$JWT_SECRET_KEY" python3 - <<'PY'
|
||||||
|
import json
|
||||||
|
import os
|
||||||
|
from pathlib import Path
|
||||||
|
|
||||||
|
config = {
|
||||||
|
"Jwt": {
|
||||||
|
"SecretKey": os.environ["JWT_SECRET_KEY"]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Path("./publish/appsettings.Production.json").write_text(
|
||||||
|
json.dumps(config, ensure_ascii=False, indent=2),
|
||||||
|
encoding="utf-8",
|
||||||
|
)
|
||||||
|
PY
|
||||||
|
|
||||||
- name: Copy migrations to publish
|
- name: Copy migrations to publish
|
||||||
run: |
|
run: |
|
||||||
cp -r db/migrations ./publish/migrations || true
|
cp -r db/migrations ./publish/migrations || true
|
||||||
@@ -121,5 +146,6 @@ jobs:
|
|||||||
if [ "$HOME_STATUS" = "200" ] && [ "$LOGIN_STATUS" = "200" ] && echo "$AUTH_BODY" | grep -q '"token"'; then
|
if [ "$HOME_STATUS" = "200" ] && [ "$LOGIN_STATUS" = "200" ] && echo "$AUTH_BODY" | grep -q '"token"'; then
|
||||||
echo "✓ Service is running"
|
echo "✓ Service is running"
|
||||||
else
|
else
|
||||||
echo "⚠ Service may not be running (home: $HOME_STATUS, login: $LOGIN_STATUS, auth: $AUTH_BODY)"
|
echo "Service verification failed (home: $HOME_STATUS, login: $LOGIN_STATUS, auth: $AUTH_BODY)" >&2
|
||||||
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user