Add secrets support to Gitea Actions workflow
Some checks failed
deploy-authentik / deploy (push) Failing after 2m44s
Some checks failed
deploy-authentik / deploy (push) Failing after 2m44s
- Create .env dynamically from Gitea secrets and variables - Add SECRETS.md with configuration instructions - Use secrets for sensitive data (PG_PASS, AUTHENTIK_SECRET_KEY) - Use variables for non-sensitive config
This commit is contained in:
@@ -8,9 +8,33 @@ jobs:
|
|||||||
#───────────────── deploy ─────────────────
|
#───────────────── deploy ─────────────────
|
||||||
deploy:
|
deploy:
|
||||||
runs-on: docker
|
runs-on: docker
|
||||||
|
env:
|
||||||
|
PG_PASS: ${{ secrets.PG_PASS }}
|
||||||
|
PG_USER: ${{ vars.PG_USER }}
|
||||||
|
PG_DB: ${{ vars.PG_DB }}
|
||||||
|
AUTHENTIK_SECRET_KEY: ${{ secrets.AUTHENTIK_SECRET_KEY }}
|
||||||
|
AUTHENTIK_ERROR_REPORTING__ENABLED: ${{ vars.AUTHENTIK_ERROR_REPORTING__ENABLED }}
|
||||||
|
AUTHENTIK_IMAGE: ${{ vars.AUTHENTIK_IMAGE }}
|
||||||
|
AUTHENTIK_TAG: ${{ vars.AUTHENTIK_TAG }}
|
||||||
|
COMPOSE_PORT_HTTP: ${{ vars.COMPOSE_PORT_HTTP }}
|
||||||
|
COMPOSE_PORT_HTTPS: ${{ vars.COMPOSE_PORT_HTTPS }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Create .env file from secrets
|
||||||
|
run: |
|
||||||
|
cat > .env << EOF
|
||||||
|
PG_PASS=${{ secrets.PG_PASS }}
|
||||||
|
PG_USER=${{ vars.PG_USER }}
|
||||||
|
PG_DB=${{ vars.PG_DB }}
|
||||||
|
AUTHENTIK_SECRET_KEY=${{ secrets.AUTHENTIK_SECRET_KEY }}
|
||||||
|
AUTHENTIK_ERROR_REPORTING__ENABLED=${{ vars.AUTHENTIK_ERROR_REPORTING__ENABLED }}
|
||||||
|
AUTHENTIK_IMAGE=${{ vars.AUTHENTIK_IMAGE }}
|
||||||
|
AUTHENTIK_TAG=${{ vars.AUTHENTIK_TAG }}
|
||||||
|
COMPOSE_PORT_HTTP=${{ vars.COMPOSE_PORT_HTTP }}
|
||||||
|
COMPOSE_PORT_HTTPS=${{ vars.COMPOSE_PORT_HTTPS }}
|
||||||
|
EOF
|
||||||
|
|
||||||
- name: Ensure external docker network exists
|
- name: Ensure external docker network exists
|
||||||
run: |
|
run: |
|
||||||
docker network inspect principal >/dev/null 2>&1 || docker network create principal
|
docker network inspect principal >/dev/null 2>&1 || docker network create principal
|
||||||
|
|||||||
30
SECRETS.md
Normal file
30
SECRETS.md
Normal file
@@ -0,0 +1,30 @@
|
|||||||
|
# Configuración de Secrets y Variables en Gitea
|
||||||
|
|
||||||
|
Ve a la configuración del repositorio en Gitea: **Settings → Secrets and Variables**
|
||||||
|
|
||||||
|
## Secrets (datos sensibles)
|
||||||
|
|
||||||
|
Crear los siguientes **Secrets**:
|
||||||
|
|
||||||
|
| Nombre | Valor |
|
||||||
|
|--------|-------|
|
||||||
|
| `PG_PASS` | `jdCqHkd9t6Gnry2hqPCvmb1O0/EPtWVizWgi8iwvvotI8aHV` |
|
||||||
|
| `AUTHENTIK_SECRET_KEY` | `f4e7VN546NgKVt6Q0qxgo+6T8nNfjMU5UWDcb+P/qHXUH4NJPXToH02ME59OtsUajjOUE4f2hI7mdz9d` |
|
||||||
|
|
||||||
|
## Variables (configuración no sensible)
|
||||||
|
|
||||||
|
Crear las siguientes **Variables**:
|
||||||
|
|
||||||
|
| Nombre | Valor |
|
||||||
|
|--------|-------|
|
||||||
|
| `PG_USER` | `authentik` |
|
||||||
|
| `PG_DB` | `authentik` |
|
||||||
|
| `AUTHENTIK_ERROR_REPORTING__ENABLED` | `true` |
|
||||||
|
| `AUTHENTIK_IMAGE` | `ghcr.io/goauthentik/server` |
|
||||||
|
| `AUTHENTIK_TAG` | `2025.8.4` |
|
||||||
|
| `COMPOSE_PORT_HTTP` | `9000` |
|
||||||
|
| `COMPOSE_PORT_HTTPS` | `9443` |
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
**IMPORTANTE:** Después de crear estos secrets y variables, el workflow de Gitea Actions generará automáticamente el archivo `.env` durante el deployment.
|
||||||
Reference in New Issue
Block a user