Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Docker Secrets in dev and production #254

Merged
merged 1 commit into from
Feb 22, 2023
Merged

Use Docker Secrets in dev and production #254

merged 1 commit into from
Feb 22, 2023

Conversation

humphd
Copy link
Contributor

@humphd humphd commented Feb 21, 2023

This is part of #43. I need to be able to set all the Docker Secrets for the container. In development, we can create any secrets we want in dev-secrets/*. The filename is the name of the secret, and the contents of the file is its value.

I've rewritten the code to use a new ~lib/secrets.server module, which does the right thing in dev and production.

We probably need to move more things out of env and into secrets, so help me find them.

NOTE: the database URL has to be in both places, due to how Prisma works with the command line tooling.

@humphd humphd added category: deployment Related to building our local code into a working unit category: containers A tool that helps us make our solutions into separate microservice containers with docker dependency: docker label used by Dependabot for docker related updates labels Feb 21, 2023
@humphd humphd added this to the Milestone 0.4 milestone Feb 21, 2023
@humphd humphd self-assigned this Feb 21, 2023
ghost
ghost previously approved these changes Feb 21, 2023
View reviewed changes
app/lib/lets-encrypt.server.ts Outdated Show resolved Hide resolved
@shawnyu5
Copy link
Contributor

Does our E2E tests need to be modified as well?

@humphd
Copy link
Contributor Author

humphd commented Feb 21, 2023

Does our E2E tests need to be modified as well?

yeah, just debugging that now. There are 2 issues: 1) we can't use NODE_ENV=production here; 2) we're running from within ./build in e2e tests, so I need to get the path levels right for loading the secrets, or copy them over into the build dir.

Still trying to get it right.

SerpentBytes
SerpentBytes previously approved these changes Feb 21, 2023
View reviewed changes
@humphd humphd dismissed stale reviews from SerpentBytes and ghost via 0afdaaa February 22, 2023 13:27
@humphd humphd requested review from Genne23v, a user and SerpentBytes February 22, 2023 16:25
@humphd
Copy link
Contributor Author

humphd commented Feb 22, 2023

I've updated this so it passes tests. It wasn't easy to figure out the right way to do it, but I think I've got a solid solution now that works in all the various ways we run the code (bundled vs. unbundled, vitest vs. e2e vs. dev vs. stand-alone). Let me know if any of this doesn't make sense.

Genne23v
Genne23v approved these changes Feb 22, 2023
View reviewed changes
Copy link
Contributor

@Genne23v Genne23v left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks good to me

@humphd
Copy link
Contributor Author

humphd commented Feb 22, 2023

I'm going to land this, but fyi @dadolhay and @sfrunza13, this will affect you both in PRs you have open now.

@humphd humphd merged commit b4b72fa into DevelopingSpace:main Feb 22, 2023
This was referenced Feb 22, 2023
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SerpentBytes SerpentBytes SerpentBytes approved these changes

@Genne23v Genne23v Genne23v approved these changes

Assignees

@humphd humphd

Labels
category: containers A tool that helps us make our solutions into separate microservice containers with docker category: deployment Related to building our local code into a working unit dependency: docker label used by Dependabot for docker related updates
Projects
None yet
Milestone
Milestone 0.4
Development

Successfully merging this pull request may close these issues.
4 participants
@humphd @shawnyu5 @SerpentBytes @Genne23v