injecting env files

Author: rodolfoIOET

.github/workflows/time-tracker-ui-cd-stage.yml

@@ -32,6 +32,19 @@ jobs:
     - name: Build the docker image
       run: make build_prod
 
+    - name: Inject Secrets
+      env:
+        SCOPES: ${{ secrets.SCOPES }}
+        CLIENT_ID: ${{ secrets.CLIENT_ID}}
+        CLIENT_URL: ${{ secrets.CLIENT_URL }}
+        AUTHORITY: ${{ secrets.AUTHORITY }}
+        STACK_EXCHANGE_ID: ${{ secrets.STACK_EXCHANGE_ID }}
+        STACK_EXCHANGE_ACCESS_TOKEN: ${{ secrets.STACK_EXCHANGE_ACCESS_TOKEN }}
+        AZURE_APP_CONFIGURATION_CONNECTION_STRING: ${{ secrets.AZURE_APP_CONFIGURATION_CONNECTION_STRING }}
+      run: |
+        chmod +x ./scripts/populate-keys.sh
+        sh ./scripts/populate-keys.sh
+
     - name: Publish docker image to stage azure container registry
       run: |
         make login publish acr=timetrackerservicestageregistry image_tag=$RELEASE_VERSION
@@ -46,22 +59,10 @@ jobs:
       with:
         ssh-private-key: ${{ secrets.INFRA_TERRAFORM_MODULES_SSH_PRIV_KEY }}
 
-    - name: append secret to secret.auto.tfvars
-      working-directory: ./${{ env.WORKING_DIR }}
-      run: |
-        ./append_secret.py CHROME_BIN /opt/google/chrome/google-chrome
-        ./append_secret.py AUTHORITY "${{ secrets.AUTHORITY }}"
-        ./append_secret.py CLIENT_ID "${{ secrets.CLIENT_ID }}"
-        ./append_secret.py SCOPES "${{ secrets.SCOPES }}"
-        ./append_secret.py STACK_EXCHANGE_ID "${{ secrets.STACK_EXCHANGE_ID }}"
-        ./append_secret.py STACK_EXCHANGE_ACCESS_TOKEN "${{ secrets.STACK_EXCHANGE_ACCESS_TOKEN }}"
-        ./append_secret.py AZURE_APP_CONFIGURATION_CONNECTION_STRING "${{ secrets.AZURE_APP_CONFIGURATION_CONNECTION_STRING }}"
-
-
     - name: Terraform Init
       working-directory: ${{ env.WORKING_DIR }}
       run: terraform init
 
     - name: Terraform Apply
       working-directory: ${{ env.WORKING_DIR }}
-      run: terraform apply -lock=false -var-file="${{ env.TF_WORKSPACE }}.tfvars" -var "image_tag=$RELEASE_VERSION" -auto-approve
+      run: terraform apply -lock=false -var-file="${{ env.TF_WORKSPACE }}.tfvars" -var "image_tag=$RELEASE_VERSION" -auto-approve

.github/workflows/time-tracker-ui-ci.yml

@@ -37,6 +37,7 @@ jobs:
       env:
         SCOPES: ${{ secrets.SCOPES }}
         CLIENT_ID: ${{ secrets.CLIENT_ID }}
+        CLIENT_URL: ${{ secrets.CLIENT_URL }}
         AUTHORITY: ${{ secrets.AUTHORITY }}
         STACK_EXCHANGE_ID: ${{ secrets.STACK_EXCHANGE_ID }}
         STACK_EXCHANGE_ACCESS_TOKEN: ${{ secrets.STACK_EXCHANGE_ACCESS_TOKEN }}
@@ -45,17 +46,6 @@ jobs:
         chmod +x ./scripts/populate-keys.sh
         sh ./scripts/populate-keys.sh
 
-    - name: append secret to secret.auto.tfvars
-      working-directory: ./${{ env.WORKING_DIR }}
-      run: |
-        ./append_secret.py CHROME_BIN /opt/google/chrome/google-chrome
-        ./append_secret.py AUTHORITY "${{ secrets.AUTHORITY }}"
-        ./append_secret.py CLIENT_ID "${{ secrets.CLIENT_ID }}"
-        ./append_secret.py SCOPES "${{ secrets.SCOPES }}"
-        ./append_secret.py STACK_EXCHANGE_ID "${{ secrets.STACK_EXCHANGE_ID }}"
-        ./append_secret.py STACK_EXCHANGE_ACCESS_TOKEN "${{ secrets.STACK_EXCHANGE_ACCESS_TOKEN }}"
-        ./append_secret.py AZURE_APP_CONFIGURATION_CONNECTION_STRING "${{ secrets.AZURE_APP_CONFIGURATION_CONNECTION_STRING }}"
-
     - name: Running tests
       run: |
         chmod -R 777 ./$home
@@ -142,11 +132,10 @@ jobs:
             repo: context.repo.repo,
             body: output
           })
-
     - name: Terraform Plan Stage Status
       if: steps.plan-stage.outcome == 'failure'
       run: exit 1
 
     - name: Terraform Plan Prod Status
       if: steps.plan-prod.outcome == 'failure'
-      run: exit 1
+      run: exit 1

docker-compose.yml

@@ -12,6 +12,7 @@ services:
     environment:
       AUTHORITY: ${AUTHORITY}
       CLIENT_ID: ${CLIENT_ID}
+      CLIENT_URL: ${CLIENT_URL}
       SCOPES: ${SCOPES}
       STACK_EXCHANGE_ID: ${STACK_EXCHANGE_ID}
       STACK_EXCHANGE_ACCESS_TOKEN: ${STACK_EXCHANGE_ACCESS_TOKEN}

infrastructure/append_secret.py

@@ -3,6 +3,7 @@
 > .env
 echo "AUTHORITY='$AUTHORITY'" >> .env
 echo "CLIENT_ID='$CLIENT_ID'" >> .env
+echo "CLIENT_URL='$CLIENT_URL'" >> .env
 echo "SCOPES='$SCOPES'" >> .env
 echo "STACK_EXCHANGE_ID='$STACK_EXCHANGE_ID'" >> .env
 echo "STACK_EXCHANGE_ACCESS_TOKEN='$STACK_EXCHANGE_ACCESS_TOKEN'" >> .env

scripts/populate-keys.sh

@@ -46,7 +46,7 @@ import { ProjectEffects } from './modules/customer-management/components/project
 import { TechnologyEffects } from './modules/shared/store/technology.effects';
 import { ProjectTypeEffects } from './modules/customer-management/components/projects-type/store/project-type.effects';
 import { reducers, metaReducers } from './reducers';
-import { environment } from '../environments/environment';
+import { environment, CLIENT_URL } from '../environments/environment';
 import { CustomerComponent } from './modules/customer-management/pages/customer.component';
 // tslint:disable-next-line: max-line-length
 import { CustomerListComponent } from './modules/customer-management/components/customer-info/components/customer-list/customer-list.component';
@@ -207,7 +207,7 @@ const maskConfig: Partial<IConfig> = {
           {
             id: GoogleLoginProvider.PROVIDER_ID,
             provider: new GoogleLoginProvider(
-              '565556796659-hscrj9e6m2krc41cfng898793ocfnb8j.apps.googleusercontent.com'
+              CLIENT_URL
             )
           }
         ]

src/app/app.module.ts

@@ -7,6 +7,7 @@ export const environment = {
 
 export const AUTHORITY = process.env["AUTHORITY"];
 export const CLIENT_ID = process.env["CLIENT_ID"];
+export const CLIENT_URL = process.env["CLIENT_URL"];
 export const SCOPES = process.env["SCOPES"].split(",");
 export const ITEMS_PER_PAGE = 5;
 export const STACK_EXCHANGE_ID = process.env["STACK_EXCHANGE_ID"];

src/environments/environment.prod.ts

@@ -10,6 +10,7 @@ export const environment = {
 
 export const AUTHORITY = process.env["AUTHORITY"];
 export const CLIENT_ID = process.env["CLIENT_ID"];
+export const CLIENT_URL = process.env["CLIENT_URL"];
 export const SCOPES = process.env["SCOPES"].split(",");
 export const ITEMS_PER_PAGE = 5;
 export const STACK_EXCHANGE_ID = process.env["STACK_EXCHANGE_ID"];

src/environments/environment.ts

@@ -10,6 +10,7 @@ module.exports = (config) => {
       new webpack.DefinePlugin({
         'process.env.AUTHORITY': JSON.stringify(process.env["AUTHORITY"]),
         'process.env.CLIENT_ID':JSON.stringify(process.env["CLIENT_ID"]),
+        'process.env.CLIENT_URL':JSON.stringify(process.env["CLIENT_URL"]),
         'process.env.SCOPES':JSON.stringify(process.env["SCOPES"]),
         'process.env.STACK_EXCHANGE_ID':JSON.stringify(process.env["STACK_EXCHANGE_ID"]),
         'process.env.STACK_EXCHANGE_ACCESS_TOKEN':JSON.stringify(process.env["STACK_EXCHANGE_ACCESS_TOKEN"]),