nucleo000/authentikNucleo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add secrets support to Gitea Actions workflow
Some checks failed
deploy-authentik / deploy (push) Failing after 2m44s
Details

Browse Source 
- Create .env dynamically from Gitea secrets and variables
- Add SECRETS.md with configuration instructions
- Use secrets for sensitive data (PG_PASS, AUTHENTIK_SECRET_KEY)
- Use variables for non-sensitive config
This commit is contained in:
josedario87
2025-10-04 15:20:03 -06:00
parent 9ac3eb8dc1
commit daee45b908
2 changed files with 54 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
.gitea/workflows/deploy.yml
View File

@@ -8,9 +8,33 @@ jobs:
#───────────────── deploy ─────────────────
deploy:
runs-on: docker
env:
PG_PASS: ${{ secrets.PG_PASS }}
PG_USER: ${{ vars.PG_USER }}
PG_DB: ${{ vars.PG_DB }}
AUTHENTIK_SECRET_KEY: ${{ secrets.AUTHENTIK_SECRET_KEY }}
AUTHENTIK_ERROR_REPORTING__ENABLED: ${{ vars.AUTHENTIK_ERROR_REPORTING__ENABLED }}
AUTHENTIK_IMAGE: ${{ vars.AUTHENTIK_IMAGE }}
AUTHENTIK_TAG: ${{ vars.AUTHENTIK_TAG }}
COMPOSE_PORT_HTTP: ${{ vars.COMPOSE_PORT_HTTP }}
COMPOSE_PORT_HTTPS: ${{ vars.COMPOSE_PORT_HTTPS }}
steps:
- uses: actions/checkout@v3
- name: Create .env file from secrets
run: |
cat > .env << EOF
PG_PASS=${{ secrets.PG_PASS }}
PG_USER=${{ vars.PG_USER }}
PG_DB=${{ vars.PG_DB }}
AUTHENTIK_SECRET_KEY=${{ secrets.AUTHENTIK_SECRET_KEY }}
AUTHENTIK_ERROR_REPORTING__ENABLED=${{ vars.AUTHENTIK_ERROR_REPORTING__ENABLED }}
AUTHENTIK_IMAGE=${{ vars.AUTHENTIK_IMAGE }}
AUTHENTIK_TAG=${{ vars.AUTHENTIK_TAG }}
COMPOSE_PORT_HTTP=${{ vars.COMPOSE_PORT_HTTP }}
COMPOSE_PORT_HTTPS=${{ vars.COMPOSE_PORT_HTTPS }}
EOF
- name: Ensure external docker network exists
run: |
docker network inspect principal >/dev/null 2>&1 || docker network create principal

30
SECRETS.md Normal file
View File

@@ -0,0 +1,30 @@
# Configuración de Secrets y Variables en Gitea
Ve a la configuración del repositorio en Gitea: **Settings → Secrets and Variables**
## Secrets (datos sensibles)
Crear los siguientes **Secrets**:
| Nombre | Valor |
|--------|-------|
| `PG_PASS` | `jdCqHkd9t6Gnry2hqPCvmb1O0/EPtWVizWgi8iwvvotI8aHV` |
| `AUTHENTIK_SECRET_KEY` | `f4e7VN546NgKVt6Q0qxgo+6T8nNfjMU5UWDcb+P/qHXUH4NJPXToH02ME59OtsUajjOUE4f2hI7mdz9d` |
## Variables (configuración no sensible)
Crear las siguientes **Variables**:
| Nombre | Valor |
|--------|-------|
| `PG_USER` | `authentik` |
| `PG_DB` | `authentik` |
| `AUTHENTIK_ERROR_REPORTING__ENABLED` | `true` |
| `AUTHENTIK_IMAGE` | `ghcr.io/goauthentik/server` |
| `AUTHENTIK_TAG` | `2025.8.4` |
| `COMPOSE_PORT_HTTP` | `9000` |
| `COMPOSE_PORT_HTTPS` | `9443` |
---
**IMPORTANTE:** Después de crear estos secrets y variables, el workflow de Gitea Actions generará automáticamente el archivo `.env` durante el deployment.