trying to simplify secret creation portion of script

mdr223 · mdr223 · commit 076c8059e579 · 2023-11-13T10:50:05.000-05:00
diff --git a/.github/workflows/dev-ci-cd.yaml b/.github/workflows/dev-ci-cd.yaml
@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - main
+      - feature/grafana
 jobs:
   deploy-dev-system:
     runs-on: ubuntu-latest
@@ -30,57 +31,58 @@ jobs:
       - name: Create Secrets Files
         run: |
           mkdir -p ${{ github.workspace }}/deploy/dev/secrets/
-          touch ${{ github.workspace }}/deploy/dev/secrets/imap_user.txt
-          echo "${{ secrets.DEV_IMAP_USER }}" >> ${{ github.workspace }}/deploy/dev/secrets/imap_user.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/imap_user.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/imap_pw.txt
-          echo "${{ secrets.DEV_IMAP_PW }}" >> ${{ github.workspace }}/deploy/dev/secrets/imap_pw.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/imap_pw.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/cleo_url.txt
-          echo "${{ secrets.DEV_CLEO_URL }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_url.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_url.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/cleo_user.txt
-          echo "${{ secrets.DEV_CLEO_USER }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_user.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_user.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/cleo_pw.txt
-          echo "${{ secrets.DEV_CLEO_PW }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_pw.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_pw.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/cleo_project.txt
-          echo "${{ secrets.DEV_CLEO_PROJECT }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_project.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_project.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/sender_server.txt
-          echo "${{ secrets.DEV_SENDER_SERVER }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_server.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_server.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/sender_port.txt
-          echo "${{ secrets.DEV_SENDER_PORT }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_port.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_port.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/sender_replyto.txt
-          echo "${{ secrets.DEV_SENDER_REPLYTO }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_replyto.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_replyto.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/sender_user.txt
-          echo "${{ secrets.DEV_SENDER_USER }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_user.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_user.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/sender_pw.txt
-          echo "${{ secrets.DEV_SENDER_PW }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_pw.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_pw.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/flask_uploader_app_secret_key.txt
-          echo "${{ secrets.DEV_FLASK_UPLOADER_APP_SECRET_KEY }}" >> ${{ github.workspace }}/deploy/dev/secrets/flask_uploader_app_secret_key.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/flask_uploader_app_secret_key.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/uploader_salt.txt
-          echo "${{ secrets.DEV_UPLOADER_SALT }}" >> ${{ github.workspace }}/deploy/dev/secrets/uploader_salt.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/uploader_salt.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/openai_api_key.txt
-          echo "${{ secrets.OPENAI_API_KEY }}" >> ${{ github.workspace }}/deploy/dev/secrets/openai_api_key.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/openai_api_key.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/hf_token.txt
-          echo "${{ secrets.HF_TOKEN }}" >> ${{ github.workspace }}/deploy/dev/secrets/hf_token.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/hf_token.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/pg_password.txt
-          echo "${{ secrets.DEV_PG_PASSWORD }}" >> ${{ github.workspace }}/deploy/dev/secrets/pg_password.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/pg_password.txt
-          touch ${{ github.workspace }}/deploy/dev/secrets/grafana_password.txt
-          echo "${{ secrets.DEV_GRAFANA_PASSWORD }}" >> ${{ github.workspace }}/deploy/dev/secrets/grafana_password.txt
-          chmod 400 ${{ github.workspace }}/deploy/dev/secrets/grafana_password.txt
+          ./${{ github.workspace }}/deploy/create_secret.sh DEV_IMAP_USER imap_user.txt dev
+          # touch ${{ github.workspace }}/deploy/dev/secrets/imap_user.txt
+          # echo "${{ secrets.DEV_IMAP_USER }}" >> ${{ github.workspace }}/deploy/dev/secrets/imap_user.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/imap_user.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/imap_pw.txt
+          # echo "${{ secrets.DEV_IMAP_PW }}" >> ${{ github.workspace }}/deploy/dev/secrets/imap_pw.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/imap_pw.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/cleo_url.txt
+          # echo "${{ secrets.DEV_CLEO_URL }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_url.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_url.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/cleo_user.txt
+          # echo "${{ secrets.DEV_CLEO_USER }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_user.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_user.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/cleo_pw.txt
+          # echo "${{ secrets.DEV_CLEO_PW }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_pw.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_pw.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/cleo_project.txt
+          # echo "${{ secrets.DEV_CLEO_PROJECT }}" >> ${{ github.workspace }}/deploy/dev/secrets/cleo_project.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/cleo_project.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/sender_server.txt
+          # echo "${{ secrets.DEV_SENDER_SERVER }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_server.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_server.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/sender_port.txt
+          # echo "${{ secrets.DEV_SENDER_PORT }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_port.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_port.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/sender_replyto.txt
+          # echo "${{ secrets.DEV_SENDER_REPLYTO }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_replyto.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_replyto.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/sender_user.txt
+          # echo "${{ secrets.DEV_SENDER_USER }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_user.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_user.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/sender_pw.txt
+          # echo "${{ secrets.DEV_SENDER_PW }}" >> ${{ github.workspace }}/deploy/dev/secrets/sender_pw.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/sender_pw.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/flask_uploader_app_secret_key.txt
+          # echo "${{ secrets.DEV_FLASK_UPLOADER_APP_SECRET_KEY }}" >> ${{ github.workspace }}/deploy/dev/secrets/flask_uploader_app_secret_key.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/flask_uploader_app_secret_key.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/uploader_salt.txt
+          # echo "${{ secrets.DEV_UPLOADER_SALT }}" >> ${{ github.workspace }}/deploy/dev/secrets/uploader_salt.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/uploader_salt.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/openai_api_key.txt
+          # echo "${{ secrets.OPENAI_API_KEY }}" >> ${{ github.workspace }}/deploy/dev/secrets/openai_api_key.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/openai_api_key.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/hf_token.txt
+          # echo "${{ secrets.HF_TOKEN }}" >> ${{ github.workspace }}/deploy/dev/secrets/hf_token.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/hf_token.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/pg_password.txt
+          # echo "${{ secrets.DEV_PG_PASSWORD }}" >> ${{ github.workspace }}/deploy/dev/secrets/pg_password.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/pg_password.txt
+          # touch ${{ github.workspace }}/deploy/dev/secrets/grafana_password.txt
+          # echo "${{ secrets.DEV_GRAFANA_PASSWORD }}" >> ${{ github.workspace }}/deploy/dev/secrets/grafana_password.txt
+          # chmod 400 ${{ github.workspace }}/deploy/dev/secrets/grafana_password.txt
 
       # create env file to set tag(s) for docker-compose
       - name: Create Env File
@@ -100,13 +102,13 @@ jobs:
         run: |
           rsync -e ssh -r ${{ github.workspace}}/* --exclude .git/ --delete submit06:~/A2rchi-dev/
 
-      # run deploy script
-      - name: Run Deploy Script
-        run: |
-          export tag="${GITHUB_REF#refs/heads/}"
-          export tag="${tag//\//-}.${GITHUB_SHA}"
-          sed -i "s/BASE_TAG/${tag}/" ${{ github.workspace }}/deploy/dev/dev-install.sh
-          ssh submit06 'bash -s' < ${{ github.workspace }}/deploy/dev/dev-install.sh
+      # # run deploy script
+      # - name: Run Deploy Script
+      #   run: |
+      #     export tag="${GITHUB_REF#refs/heads/}"
+      #     export tag="${tag//\//-}.${GITHUB_SHA}"
+      #     sed -i "s/BASE_TAG/${tag}/" ${{ github.workspace }}/deploy/dev/dev-install.sh
+      #     ssh submit06 'bash -s' < ${{ github.workspace }}/deploy/dev/dev-install.sh
 
       # clean up secret files
       - name: Remove Secrets from Runner
diff --git a/deploy/create_secret.sh b/deploy/create_secret.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+secret_name=$1
+secret_file=$2
+env=$3
+
+touch ${{ github.workspace }}/deploy/${env}/secrets/${secret_file}
+echo "${{ secrets.${secret_name} }}" >> ${{ github.workspace }}/deploy/${env}/secrets/${secret_file}
+chmod 400 ${{ github.workspace }}/deploy/${env}/secrets/${secret_file}
diff --git a/deploy/dev/dev-install.sh b/deploy/dev/dev-install.sh
@@ -34,10 +34,4 @@ echo "Starting docker compose"
 docker compose -f dev-compose.yaml up -d --build --force-recreate --always-recreate-deps
 
 # # secrets files are created by CI pipeline and destroyed here
-# rm secrets/cleo_*.txt
-# rm secrets/imap_*.txt
-# rm secrets/sender_*.txt
-# rm secrets/flask_uploader_app_secret_key.txt
-# rm secrets/uploader_salt.txt
-# rm secrets/openai_api_key.txt
-# rm secrets/hf_token.txt
+# rm secrets/*.txt
