search

seppevs / migrate-mongo

A database migration tool for MongoDB in Node
MIT License
926 stars 163 forks source link

how to load environemnt variables on github actions #376

Closed raza2022 closed 1 year ago

raza2022 commented 3 years ago

I don't know am I using it right but I have a use case where I need to load GitHub secrets with dotenv file so here is my use case I am using migrate-mongo in next js which is working fine locally within nestJS application however as I am using migration within isolated JS file, so I have to load env variables separately too, like

mongodb+srv://${secrets.DATABASE_USER}:${process.env.DATABASE_PASSWORD} so locally I just added the required dotenv module with local file path on top of migrate-mongo config file and it's working fine

require('dotenv').config({ path: '.env.development.local' })

however I couldn't able to find a solution for github action pipelines as I know in .yml file secrets can be accessed as {{ secrets.DATABASE_USER }} so I tried these ways in migrate-mongo config

require('dotenv').config() require('dotenv').config({ path: 'secrets' })

but nothing works, so my question what is the best way to achieve it on GitHub actions (with or without dotenv) any solution/guidence will be greatly appreciated

raza2022 commented 3 years ago

@Moeriki @davidmat @jesstelford @nabeards any suggestion/guidance about this use case?

daveboulard commented 3 years ago

Hello @raza2022

I don't know if I understood your issue right, but I just did something similar and it was a pain because I suck at that kind of stuff.

First, you need to understand this : https://vsupalov.com/docker-arg-env-variable-guide

Based on that, you know you will need an ENV with the secret to go into your container. This ENV will come from your ARG in the Dockerfile.

So, to do it, just pass along the secret in the github action workflow file you are using. For instance :

      - name: Build the thing
        uses: docker/build-push-action@v2
        with:
          context: .
          file: Dockerfile
          push: true
          build-args: |
            SUPER_SECRET_THAT_HAS_BEEN_SET=${{ secrets.SUPER_SECRET_THAT_HAS_BEEN_SET }}

In the Dockerfile, you will now have an ARG that is called SUPER_SECRET_THAT_HAS_BEEN_SET. Just create an ENV out of it.

ARG SUPER_SECRET_THAT_HAS_BEEN_SET
ENV SUPER_SECRET_THAT_HAS_BEEN_SET ${SUPER_SECRET_THAT_HAS_BEEN_SET:-null}

now, your should be able to access it through process.env.SUPER_SECRET_THAT_HAS_BEEN_SET.

mongodb+srv://${process.env.SUPER_SECRET_THAT_HAS_BEEN_SET}:${process.env.SUPER_SECRET_THAT_HAS_BEEN_SET}
seppevs commented 1 year ago

Closing this, as this is not a migrate-mongo issue.