From 4dc3946dc344b461af4e84c7d82a08e680a561f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Minelli?= <michael@minelli.me>
Date: Thu, 21 Sep 2023 16:56:22 +0200
Subject: [PATCH] CI/CD => modify deployment for dotenv-vault

---
 .gitlab-ci.yml | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 9b99865..3532722 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -3,22 +3,29 @@ variables:
     GIT_SUBMODULE_FORCE_HTTPS: "true"
     SECURE_FILES_DOWNLOAD_PATH: './'
 
+
 stages:
     - deploy
 
+
 deploy:
     image: docker:latest
     stage: deploy
     tags:
         - dojo_backend_deployment
     script:
-        - API_VERSION=$(jq -r .version API/ExpressAPI/package.json)
-        # Download secure files
-        - curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash
-        # Prepare environment
-        - mv env_$API_VERSION .env
-        - cp .env API/.env
+        - cd "API/ExpressAPI"
+
+        # Get API version
+        - API_VERSION=$(jq -r .version package.json)
+
+        # Get env file
+        - |
+            echo "Decrypt production env vars" # Do not remove this line because it is used for hide the production key from the ci/cd console
+            npx dotenv-vault local decrypt "${DOTENV_PROD_KEY}" > ../.env
+
         # Deploy
+        - cd ../../
         - ./infra --run
-    only:
-        - main
\ No newline at end of file
+    rules:
+        - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
\ No newline at end of file
-- 
GitLab