Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[#1003] Apply basic auth on staging environment #1020

Merged
merged 2 commits into from
May 14, 2024
Merged

[#1003] Apply basic auth on staging environment #1020

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3a948e2
[#1003] Apply basic auth on staging environment
placek May 14, 2024
06675fc
[#1003] Apply environment variables for basic authentication in GitHu…
placek May 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions .github/workflows/build-and-deploy-beta.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ jobs:
DBSYNC_POSTGRES_USER: "postgres"
GA_CLIENT_EMAIL: ${{ secrets.GA_CLIENT_EMAIL }}
GA_PRIVATE_KEY: ${{ secrets.GA_PRIVATE_KEY }}
GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }}
GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }}
Expand All @@ -32,7 +31,6 @@ jobs:
IP_ADDRESS_BYPASSING_BASIC_AUTH2: ${{ secrets.IP_ADDRESS_BYPASSING_BASIC_AUTH2 }}
NEXT_PUBLIC_API_URL: "https://participation.sanchogov.tools"
NEXT_PUBLIC_GA4_PROPERTY_ID: ${{ secrets.NEXT_PUBLIC_GA4_PROPERTY_ID }}
NGINX_BASIC_AUTH: ${{ secrets.NGINX_BASIC_AUTH }}
PIPELINE_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN_FRONTEND }}
SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }}
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/build-and-deploy-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ jobs:
DBSYNC_POSTGRES_USER: "postgres"
GA_CLIENT_EMAIL: ${{ secrets.GA_CLIENT_EMAIL }}
GA_PRIVATE_KEY: ${{ secrets.GA_PRIVATE_KEY }}
GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }}
GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }}
Expand All @@ -31,7 +30,7 @@ jobs:
IP_ADDRESS_BYPASSING_BASIC_AUTH2: ${{ secrets.IP_ADDRESS_BYPASSING_BASIC_AUTH2 }}
NEXT_PUBLIC_API_URL: "https://participation.sanchogov.tools"
NEXT_PUBLIC_GA4_PROPERTY_ID: ${{ secrets.NEXT_PUBLIC_GA4_PROPERTY_ID }}
NGINX_BASIC_AUTH: ${{ secrets.NGINX_BASIC_AUTH }}
DEV_NGINX_BASIC_AUTH: ${{ secrets.DEV_NGINX_BASIC_AUTH }}
PIPELINE_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN_FRONTEND }}
SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }}
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/build-and-deploy-staging.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ jobs:
DBSYNC_POSTGRES_USER: "postgres"
GA_CLIENT_EMAIL: ${{ secrets.GA_CLIENT_EMAIL }}
GA_PRIVATE_KEY: ${{ secrets.GA_PRIVATE_KEY }}
GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }}
GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }}
Expand All @@ -33,7 +32,7 @@ jobs:
IP_ADDRESS_BYPASSING_BASIC_AUTH2: ${{ secrets.IP_ADDRESS_BYPASSING_BASIC_AUTH2 }}
NEXT_PUBLIC_API_URL: "https://participation.sanchogov.tools"
NEXT_PUBLIC_GA4_PROPERTY_ID: ${{ secrets.NEXT_PUBLIC_GA4_PROPERTY_ID }}
NGINX_BASIC_AUTH: ${{ secrets.NGINX_BASIC_AUTH }}
STAGING_NGINX_BASIC_AUTH: ${{ secrets.STAGING_NGINX_BASIC_AUTH }}
PIPELINE_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN_FRONTEND }}
SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }}
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/build-and-deploy-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ jobs:
DBSYNC_POSTGRES_USER: "postgres"
GA_CLIENT_EMAIL: ${{ secrets.GA_CLIENT_EMAIL }}
GA_PRIVATE_KEY: ${{ secrets.GA_PRIVATE_KEY }}
GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }}
GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }}
Expand All @@ -33,7 +32,7 @@ jobs:
IP_ADDRESS_BYPASSING_BASIC_AUTH2: ${{ secrets.IP_ADDRESS_BYPASSING_BASIC_AUTH2 }}
NEXT_PUBLIC_API_URL: "https://participation.sanchogov.tools"
NEXT_PUBLIC_GA4_PROPERTY_ID: ${{ secrets.NEXT_PUBLIC_GA4_PROPERTY_ID }}
NGINX_BASIC_AUTH: ${{ secrets.NGINX_BASIC_AUTH }}
TEST_NGINX_BASIC_AUTH: ${{ secrets.TEST_NGINX_BASIC_AUTH }}
PIPELINE_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN_FRONTEND }}
SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }}
Expand Down
14 changes: 13 additions & 1 deletion scripts/govtool/.envrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,16 @@
source_up
env_vars_required ENVIRONMENT AWS_PROFILE CARDANO_NETWORK DBSYNC_POSTGRES_USER DBSYNC_POSTGRES_PASSWORD DBSYNC_POSTGRES_DB TRAEFIK_LE_EMAIL GTM_ID SENTRY_DSN_BACKEND SENTRY_DSN SENTRY_ENVIRONMENT GRAFANA_ADMIN_PASSWORD GRAFANA_SLACK_RECIPIENT NGINX_BASIC_AUTH GRAFANA_SLACK_OAUTH_TOKEN IP_ADDRESS_BYPASSING_BASIC_AUTH1 IP_ADDRESS_BYPASSING_BASIC_AUTH2
env_vars_required ENVIRONMENT AWS_PROFILE CARDANO_NETWORK DBSYNC_POSTGRES_USER DBSYNC_POSTGRES_PASSWORD DBSYNC_POSTGRES_DB TRAEFIK_LE_EMAIL GTM_ID SENTRY_DSN_BACKEND SENTRY_DSN SENTRY_ENVIRONMENT GRAFANA_ADMIN_PASSWORD GRAFANA_SLACK_RECIPIENT GRAFANA_SLACK_OAUTH_TOKEN IP_ADDRESS_BYPASSING_BASIC_AUTH1 IP_ADDRESS_BYPASSING_BASIC_AUTH2

case "$ENVIRONMENT" in
"dev")
env_vars_required DEV_NGINX_BASIC_AUTH
;;
"test")
env_vars_required TEST_NGINX_BASIC_AUTH
;;
"staging")
env_vars_required STAGING_NGINX_BASIC_AUTH
;;
esac

use flake --extra-experimental-features nix-command --extra-experimental-features flakes ../..#scripts
6 changes: 3 additions & 3 deletions scripts/govtool/config.mk
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,9 +112,9 @@ $(target_config_dir)/nginx/auth.conf: $(target_config_dir)/nginx/
fi

$(target_config_dir)/nginx/govtool.htpasswd: $(target_config_dir)/nginx/
@:$(call check_defined, domain)
if [[ "$(domain)" == *"sanchonet.govtool.byron.network"* ]]; then \
echo "$${NGINX_BASIC_AUTH}" > $@; \
@:$(call check_defined, env)
if [[ "$(env)" != "beta" ]]; then \
echo "$${$(shell echo $(env) | tr a-z A-Z)_NGINX_BASIC_AUTH}" > $@; \
else \
echo > $@; \
fi