ci: trim cyberstar-env Secret to DATABASE_URL only
Some checks failed
Build and Deploy / build-and-deploy (push) Has been cancelled
Some checks failed
Build and Deploy / build-and-deploy (push) Has been cancelled
Previous commit scoped too broadly. Other env vars (TOS/SMS/WECHAT/etc.) already have application-level fallbacks and aren't required to make the deploy work, so they don't need to be in the workflow yet. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
19e789d6ac
commit
2c3357e33d
@ -93,27 +93,9 @@ jobs:
|
|||||||
--docker-password="${{ env.CR_PASSWORD_ACTIVE }}" \
|
--docker-password="${{ env.CR_PASSWORD_ACTIVE }}" \
|
||||||
--dry-run=client -o yaml | kubectl apply -f -
|
--dry-run=client -o yaml | kubectl apply -f -
|
||||||
|
|
||||||
# 2) 应用运行时 Secret(从 Gitea 仓库 Secrets 同步,每次 push 自动更新)
|
# 2) 应用运行时 Secret(数据库连接串)
|
||||||
kubectl create secret generic cyberstar-env \
|
kubectl create secret generic cyberstar-env \
|
||||||
--from-literal=DATABASE_URL='${{ secrets.DATABASE_URL }}' \
|
--from-literal=DATABASE_URL='${{ secrets.DATABASE_URL }}' \
|
||||||
--from-literal=REDIS_URL='${{ secrets.REDIS_URL }}' \
|
|
||||||
--from-literal=AUTH_SECRET='${{ secrets.AUTH_SECRET }}' \
|
|
||||||
--from-literal=AUTH_URL="https://${{ env.DOMAIN_WEB }}" \
|
|
||||||
--from-literal=AUTH_TRUST_HOST='true' \
|
|
||||||
--from-literal=TOS_ENDPOINT='${{ secrets.TOS_ENDPOINT }}' \
|
|
||||||
--from-literal=TOS_REGION='${{ secrets.TOS_REGION }}' \
|
|
||||||
--from-literal=TOS_BUCKET='${{ secrets.TOS_BUCKET }}' \
|
|
||||||
--from-literal=TOS_ACCESS_KEY='${{ secrets.TOS_ACCESS_KEY }}' \
|
|
||||||
--from-literal=TOS_SECRET_KEY='${{ secrets.TOS_SECRET_KEY }}' \
|
|
||||||
--from-literal=NEXT_PUBLIC_TOS_DOMAIN='${{ secrets.NEXT_PUBLIC_TOS_DOMAIN }}' \
|
|
||||||
--from-literal=WECHAT_APP_ID='${{ secrets.WECHAT_APP_ID }}' \
|
|
||||||
--from-literal=WECHAT_APP_SECRET='${{ secrets.WECHAT_APP_SECRET }}' \
|
|
||||||
--from-literal=SMS_ACCESS_KEY='${{ secrets.SMS_ACCESS_KEY }}' \
|
|
||||||
--from-literal=SMS_SECRET_KEY='${{ secrets.SMS_SECRET_KEY }}' \
|
|
||||||
--from-literal=SMS_SIGN_NAME='${{ secrets.SMS_SIGN_NAME }}' \
|
|
||||||
--from-literal=SMS_TEMPLATE_CODE='${{ secrets.SMS_TEMPLATE_CODE }}' \
|
|
||||||
--from-literal=HCAPTCHA_SITE_KEY='${{ secrets.HCAPTCHA_SITE_KEY }}' \
|
|
||||||
--from-literal=HCAPTCHA_SECRET='${{ secrets.HCAPTCHA_SECRET }}' \
|
|
||||||
--dry-run=client -o yaml | kubectl apply -f -
|
--dry-run=client -o yaml | kubectl apply -f -
|
||||||
|
|
||||||
# 3) Apply manifests
|
# 3) Apply manifests
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user