fix: ensure COMPOSE_PROFILES and AUTH_MIDDLEWARE are correctly populated in env file

2026-02-11 19:05:36 +01:00
parent 79d7cfd009
commit e9d01d5aeb
1 changed files with 15 additions and 15 deletions
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -221,9 +221,21 @@ jobs:
          TRAEFIK_RULE:     ${{ needs.prepare.outputs.traefik_rule }}
          ENV_FILE:         ${{ needs.prepare.outputs.env_file }}
        run: |
-          # Generate Environment File
+          # Middleware Selection Logic
+          # Regular app routes get auth on non-production
+          # Unprotected routes (/stats, /errors) never get auth
          LOG_LEVEL=$( [[ "$TARGET" == "testing" || "$TARGET" == "development" ]] && echo "debug" || echo "info" )
          COOKIE_DOMAIN=.$(echo $NEXT_PUBLIC_BASE_URL | sed 's|https://||')
+          STD_MW="${PROJECT_NAME}-ratelimit,${PROJECT_NAME}-forward,${PROJECT_NAME}-compress"
+          
+          if [[ "$TARGET" == "production" ]]; then
+            AUTH_MIDDLEWARE="$STD_MW"
+            COMPOSE_PROFILES=""
+          else
+            AUTH_MIDDLEWARE="${PROJECT_NAME}-auth,$STD_MW"
+            COMPOSE_PROFILES="gatekeeper"
+          fi
+          AUTH_MIDDLEWARE_UNPROTECTED="$STD_MW"

          cat > .env.deploy << EOF
          # Generated by CI - $TARGET
@@ -265,22 +277,10 @@ jobs:
          TRAEFIK_HOST_RULE='$TRAEFIK_RULE'
          ENV_FILE=$ENV_FILE
          COMPOSE_PROFILES=$COMPOSE_PROFILES
+          AUTH_MIDDLEWARE=$AUTH_MIDDLEWARE
+          AUTH_MIDDLEWARE_UNPROTECTED=$AUTH_MIDDLEWARE_UNPROTECTED
          EOF

-          # Middleware Selection Logic
-          # Regular app routes get auth on non-production
-          # Unprotected routes (/stats, /errors) never get auth
-          STD_MW="${PROJECT_NAME}-ratelimit,${PROJECT_NAME}-forward,${PROJECT_NAME}-compress"
-          
-          if [[ "$TARGET" == "production" ]]; then
-            printf "AUTH_MIDDLEWARE=%s\n" "$STD_MW" >> .env.deploy
-            COMPOSE_PROFILES=""
-          else
-            printf "AUTH_MIDDLEWARE=%s\n" "${PROJECT_NAME}-auth,$STD_MW" >> .env.deploy
-            COMPOSE_PROFILES="gatekeeper"
-          fi
-          printf "AUTH_MIDDLEWARE_UNPROTECTED=%s\n" "$STD_MW" >> .env.deploy
-
      - name: 🚀 SSH Deploy
        shell: bash
        env: