Skip to content
Snippets Groups Projects
Commit 9c9e3ff0 authored by michael.minelli's avatar michael.minelli
Browse files

Merge branch 'dotenv-vault-migration' into v2.1.0

parents 738fcf25 c0b7a381
No related branches found
No related tags found
No related merge requests found
Pipeline #26402 passed
This commit is part of merge request !2. Comments created here will be created in the context of that merge request.
.env
aws.xml
workspace.xml
......@@ -184,11 +182,10 @@ web_modules/
.yarn-integrity
# dotenv environment variable files
.env
.env.development.local
.env.test.local
.env.production.local
.env.local
.env*
.flaskenv*
!.env.project
!.env.vault
# parcel-bundler cache (https://parceljs.org/)
.cache
......
......@@ -3,6 +3,8 @@ variables:
GIT_SUBMODULE_FORCE_HTTPS: "true"
SECURE_FILES_DOWNLOAD_PATH: './'
PROJECT_NAME: DojoCLI
BIN_NAME: dojo
MACOS_PKG_EXTENSION: '.pkg'
......@@ -62,17 +64,13 @@ variables:
- PACKAGE_URL_MACOS_X64_PKG="${PACKAGE_REGISTRY_URL}_macOS-pkg-x64/${VERSION}/${MACOS_PKG_BIN_NAME}"
# Wiki
- WIKI_ARCHIVE_NAME="DojoCLI_Wiki_${VERSION}.tar.xz"
- PACKAGE_URL_WIKI="${PACKAGE_REGISTRY_URL}_Windows-x64/${VERSION}/${WIKI_ARCHIVE_NAME}"
- WIKI_ARCHIVE_NAME="${PROJECT_NAME}_Wiki_${VERSION}.tar.xz"
- PACKAGE_URL_WIKI="${PACKAGE_REGISTRY_URL}_Wiki/${VERSION}/${WIKI_ARCHIVE_NAME}"
.build_cli:
script:
- cd NodeApp
# Download secure files
- curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash
- mv env_$VERSION .env
- cd "${PROJECT_FOLDER}"
# Install dependencies
- npm install
......@@ -155,7 +153,7 @@ test:build:
# Build
- !reference [.build_cli, script]
rules:
- if: '$CI_COMMIT_TAG =~ "/^$/" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH && $CI_COMMIT_BRANCH !~ /^v[0-9]+(\.[0-9]+)*$/'
- if: '$CI_COMMIT_REF_PROTECTED != "true"'
build:version:
......@@ -170,6 +168,10 @@ build:version:
- mkdir -p $ARTIFACTS_FOLDER
- echo $VERSION > $VERSION_FILE
- |
echo "Replace DOTENV_KEY if we are on a protected branch" # Hide the print of the DOTENV_PROD_KEY
sed -r "s/(DOTENV_KEY[ ]*:[ ]*[\'\"\`])[^'\"\`]*([\'\"\`])/\${DOTENV_PROD_KEY}\2/g" ${PROJECT_FOLDER}/src/app.ts > ${PROJECT_FOLDER}/src/app.ts;
# Build
- !reference [.build_cli, script]
artifacts:
......@@ -178,7 +180,7 @@ build:version:
- $ARTIFACTS_FOLDER/*
expire_in: 1 hour
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /^v[0-9]+(\.[0-9]+)*$/'
- if: '$CI_COMMIT_REF_PROTECTED == "true"'
sign:macos:
......@@ -203,7 +205,7 @@ sign:macos:
- $ARTIFACTS_FOLDER/*
expire_in: 1 hour
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /^v[0-9]+(\.[0-9]+)*$/'
- if: '$CI_COMMIT_REF_PROTECTED == "true"'
clean:release:
......@@ -215,7 +217,7 @@ clean:release:
- !reference [.get_version, script]
- !reference [.clean_release, script]
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /^v[0-9]+(\.[0-9]+)*$/'
- if: '$CI_COMMIT_REF_PROTECTED == "true"'
clean:packages:
......@@ -227,7 +229,7 @@ clean:packages:
- !reference [.get_version, script]
- !reference [.clean_packages, script]
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /^v[0-9]+(\.[0-9]+)*$/'
- if: '$CI_COMMIT_REF_PROTECTED == "true"'
clean:dev:release:
......@@ -281,7 +283,7 @@ upload:packages:
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${BIN_FILE_WINDOWS_ARM64} "${PACKAGE_URL_WINDOWS_ARM64_BIN}";'
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${BIN_FILE_WINDOWS_X64} "${PACKAGE_URL_WINDOWS_X64_BIN}";'
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /^v[0-9]+(\.[0-9]+)*$/'
- if: '$CI_COMMIT_REF_PROTECTED == "true"'
upload:packages:wiki:
......@@ -304,7 +306,7 @@ upload:packages:wiki:
# Send package
- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${WIKI_ARCHIVE_PATH} "${PACKAGE_URL_WIKI}";'
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /^v[0-9]+(\.[0-9]+)*$/'
- if: '$CI_COMMIT_REF_PROTECTED == "true"'
release:wiki:
......@@ -414,4 +416,4 @@ release:gitlab:
--header "JOB-TOKEN: $CI_JOB_TOKEN" \
--request POST "${GITLAB_API_PROJECT_URL}/releases"
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /^v[0-9]+(\.[0-9]+)*$/'
\ No newline at end of file
- if: '$CI_COMMIT_REF_PROTECTED == "true"'
\ No newline at end of file
......@@ -30,6 +30,7 @@
### 📚 Documentation
- Added Wiki base
## 2.0.0 (2023-09-15)
### ✨ Feature
......
#/-------------------.env.vault---------------------/
#/ cloud-agnostic vaulting standard /
#/ [how it works](https://dotenv.org/env-vault) /
#/--------------------------------------------------/
# development
DOTENV_VAULT_DEVELOPMENT="B5kt0/zMYN446AMgEo208SnTA1fKuYqthjYwagiQxpgT7Ly+wNgKz/Oy9lejYVyV/og6ZVgjqin5/y10gHbCNlUo+qFmz5PGEC7iOwemkKL7if99FjWlVO0QT8grQfc3Eqvnjvgjxs4tA3W7tsogXguXYdB/Y0kNht4NDqwuCXSrUcO74YgU9Ddzhxd2gyx5fbQFPvY+lM05l2TWZg2eaRBpssd3qVX0U0Av/L144g7mLKD379AeU7Yu5Urdvt+QrAk76tgfqAWQ41QfU9ouseS7mfj1v5Q4vpOAefM7FRVz5h8tzQ3vMYnyoEUUx5ofy7GRLqYyehWwHFK3YAZTvOhAGBxWp7R0RCqXS8OuCaC7l7UyZVSbgi9bJioIkwhR2VQ/fkhWYkpJretkht7+AmZyg8+FWtM4ytwq4kzEKHo7CxdRlGCzbmp/advZybcWe1BWlSDY8cf4ap9Smvz75j3iFLs1PONDwTWBeFIQQQIcSg5LDdtxm5RGyBnuFsPhYkcKJ6baDN7k17cjFbBJx9i1sjlsz/9xOup6y7iHHdl93ncvwWApCNX3UR3z3KMxgTxauuKPJQD/zy3jCvL3MAFSL+nfKt9zmGcSgXTwbxEAak1HRcQa4UuoBd+H33HzN7DE6psr6I2Rq+7yxv7CtkZtdKAstPagAAxhe9f7tHN2zK3ovVAdzcFuUuC6PQsBuGSPlc+u7vy0bQ6gt1/8B+cK3Zsg7RsrP44lUJK58qJHAtTOfPhw2YphwT8tmsfFWV3EM9+FoTTAOzhN6ANPbGzywAOVmXQR5gtAt92Q9fgDTH4MdMBd4i+Pe34C8QVOyPi6O+h3/m0="
# production
DOTENV_VAULT_PRODUCTION="00jcz4GMq+kzOtnoIfxwptxXtR6ebQjmaUsC+nJGXn4dCGcbg4PNhwVdhjTJ8Vvy6ntLVl9Re1QaMxKPrdmjnLMQDlv59eUrJo47mRsLG7/3CqwC6AQe/+w8YiuYSiQFpcat25kpty5L34u0UObevHtsMOqZi8YEHI8y+i2pCPn6+MKSgUUTUAsii955/i7C0yjPzN+aRM8eITk2+1U4reKuBQ6lDT94ZOH+J4AqaIPZciP5zJX8iS3kLi7/i52TzYbK0mjBkCWVjTbvqaXQbJIdVZIDAHx8EJUkWniJjXEED1e1wsNX1wkaXv866v95do2MdNCWNx76sOZx+afIgaZUjCFPbAic5HA9ataEYBLD51jTTbPqN0cxQwDTz9o46NmhuJGERqIRconoQ3U0M9Wpf5KEYpOXwPhTA4bOhOzAQdJNV6LtE5Nlagnsgt+VJik1oTjbqByhhkbNzGJ9UDYdAPXM3Zr6Faa53V2aPmeKeYtaH9oKjKlPNdMw5bK4tKi7imjawBJxt/utyJ91d2+vZu74omX7aR5b2HLF/B3OLtHbmCaqrB4sVWfDX7EexsyUcnwSTOD5IRvkKhGNl2RAPZj3v9Ne+VR/VVVQVtVc+RZTm3PkeA1f7mmi7OZOV6Q3/xFbtYsaY9FTAm1mMoPCTe4HKQg//RlwNKsj0GYCTE/9zO/vlINo1bcWBwdkcc+w/o9UVc0me5oUUA=="
.env*
.flaskenv*
!.env.project
!.env.vault
\ No newline at end of file
This diff is collapsed.
......@@ -9,7 +9,7 @@
"scripts": [],
"assets" : [
"node_modules/axios/dist/node/axios.cjs",
".env",
".env.vault",
"assets/**/*"
],
"targets": [
......@@ -17,6 +17,7 @@
"node18-macos-x64",
"node18-linux-arm64",
"node18-linux-x64",
"node18-win-arm64",
"node18-win-x86"
]
},
......@@ -48,6 +49,7 @@
"@types/jsonwebtoken": "^8.5.9",
"@types/node" : "^18.17.2",
"@types/tar-stream" : "^2.2.2",
"dotenv-vault" : "^1.25.0",
"pkg" : "^5.8.1",
"tiny-typed-emitter" : "^2.1.0",
"ts-node" : "^10.9.1",
......
// Read from the .env file
// ATTENTION : This lines MUST be the first of this file (except for the path import)
const path = require('node:path');
require('dotenv').config({ path: path.join(__dirname, '../.env') });
require('dotenv').config({
path : path.join(__dirname, '../.env.vault'),
DOTENV_KEY: 'dotenv://:key_fc323d8e0a02349342f1c6a119bb38495958ce3a43a87d19a3f674b7e2896dcb@dotenv.local/vault/.env.vault?environment=development'
});
require('./shared/helpers/TypeScriptExtensions'); // ATTENTION : This line MUST be the second of this file
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment