fix: ensure COMPOSE_PROFILES and AUTH_MIDDLEWARE are correctly populated in env file
This commit is contained in:
@@ -221,9 +221,21 @@ jobs:
|
|||||||
TRAEFIK_RULE: ${{ needs.prepare.outputs.traefik_rule }}
|
TRAEFIK_RULE: ${{ needs.prepare.outputs.traefik_rule }}
|
||||||
ENV_FILE: ${{ needs.prepare.outputs.env_file }}
|
ENV_FILE: ${{ needs.prepare.outputs.env_file }}
|
||||||
run: |
|
run: |
|
||||||
# Generate Environment File
|
# Middleware Selection Logic
|
||||||
|
# Regular app routes get auth on non-production
|
||||||
|
# Unprotected routes (/stats, /errors) never get auth
|
||||||
LOG_LEVEL=$( [[ "$TARGET" == "testing" || "$TARGET" == "development" ]] && echo "debug" || echo "info" )
|
LOG_LEVEL=$( [[ "$TARGET" == "testing" || "$TARGET" == "development" ]] && echo "debug" || echo "info" )
|
||||||
COOKIE_DOMAIN=.$(echo $NEXT_PUBLIC_BASE_URL | sed 's|https://||')
|
COOKIE_DOMAIN=.$(echo $NEXT_PUBLIC_BASE_URL | sed 's|https://||')
|
||||||
|
STD_MW="${PROJECT_NAME}-ratelimit,${PROJECT_NAME}-forward,${PROJECT_NAME}-compress"
|
||||||
|
|
||||||
|
if [[ "$TARGET" == "production" ]]; then
|
||||||
|
AUTH_MIDDLEWARE="$STD_MW"
|
||||||
|
COMPOSE_PROFILES=""
|
||||||
|
else
|
||||||
|
AUTH_MIDDLEWARE="${PROJECT_NAME}-auth,$STD_MW"
|
||||||
|
COMPOSE_PROFILES="gatekeeper"
|
||||||
|
fi
|
||||||
|
AUTH_MIDDLEWARE_UNPROTECTED="$STD_MW"
|
||||||
|
|
||||||
cat > .env.deploy << EOF
|
cat > .env.deploy << EOF
|
||||||
# Generated by CI - $TARGET
|
# Generated by CI - $TARGET
|
||||||
@@ -265,22 +277,10 @@ jobs:
|
|||||||
TRAEFIK_HOST_RULE='$TRAEFIK_RULE'
|
TRAEFIK_HOST_RULE='$TRAEFIK_RULE'
|
||||||
ENV_FILE=$ENV_FILE
|
ENV_FILE=$ENV_FILE
|
||||||
COMPOSE_PROFILES=$COMPOSE_PROFILES
|
COMPOSE_PROFILES=$COMPOSE_PROFILES
|
||||||
|
AUTH_MIDDLEWARE=$AUTH_MIDDLEWARE
|
||||||
|
AUTH_MIDDLEWARE_UNPROTECTED=$AUTH_MIDDLEWARE_UNPROTECTED
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# Middleware Selection Logic
|
|
||||||
# Regular app routes get auth on non-production
|
|
||||||
# Unprotected routes (/stats, /errors) never get auth
|
|
||||||
STD_MW="${PROJECT_NAME}-ratelimit,${PROJECT_NAME}-forward,${PROJECT_NAME}-compress"
|
|
||||||
|
|
||||||
if [[ "$TARGET" == "production" ]]; then
|
|
||||||
printf "AUTH_MIDDLEWARE=%s\n" "$STD_MW" >> .env.deploy
|
|
||||||
COMPOSE_PROFILES=""
|
|
||||||
else
|
|
||||||
printf "AUTH_MIDDLEWARE=%s\n" "${PROJECT_NAME}-auth,$STD_MW" >> .env.deploy
|
|
||||||
COMPOSE_PROFILES="gatekeeper"
|
|
||||||
fi
|
|
||||||
printf "AUTH_MIDDLEWARE_UNPROTECTED=%s\n" "$STD_MW" >> .env.deploy
|
|
||||||
|
|
||||||
- name: 🚀 SSH Deploy
|
- name: 🚀 SSH Deploy
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
|
|||||||
Reference in New Issue
Block a user