Create SECURITY.md #205
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy DEVELOPMENT to App Engine | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
environment: dev | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: "18.17.1" | |
- name: Authenticate to Google Cloud | |
uses: google-github-actions/auth@v1 | |
with: | |
credentials_json: ${{ secrets.SERVICE_ACCOUNT_KEY }} | |
- name: Set up Cloud SDK | |
uses: google-github-actions/setup-gcloud@v1 | |
with: | |
project_id: ${{ secrets.GCP_PROJECT_ID }} | |
- name: Create .env file | |
run: | | |
cd booking-app | |
echo "NEXT_PUBLIC_BASE_URL=${{ secrets.NEXT_PUBLIC_BASE_URL }}" >> .env.production | |
echo "GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}" >> .env.production | |
echo "GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}" >> .env.production | |
echo "GOOGLE_REDIRECT_URI=${{ secrets.GOOGLE_REDIRECT_URI }}" >> .env.production | |
echo "GOOGLE_REFRESH_TOKEN=${{ secrets.GOOGLE_REFRESH_TOKEN }}" >> .env.production | |
echo "GOOGLE_API_KEY=${{ secrets.GOOGLE_API_KEY }}" >> .env.production | |
echo "GOOGLE_SHEET_ID=${{ secrets.GOOGLE_SHEET_ID }}" >> .env.production | |
echo "GOOGLE_SPREADSHEET_ID=${{ secrets.GOOGLE_SPREADSHEET_ID }}" >> .env.production | |
echo "FIREBASE_PROJECT_ID=${{ secrets.FIREBASE_PROJECT_ID }}" >> .env.production | |
echo "FIREBASE_PRIVATE_KEY_ID=${{ secrets.FIREBASE_PRIVATE_KEY_ID }}" >> .env.production | |
echo "FIREBASE_PRIVATE_KEY=${{ secrets.FIREBASE_PRIVATE_KEY }}" >> .env.production | |
echo "FIREBASE_CLIENT_EMAIL=${{ secrets.FIREBASE_CLIENT_EMAIL }}" >> .env.production | |
echo "FIREBASE_CLIENT_ID=${{ secrets.FIREBASE_CLIENT_ID }}" >> .env.production | |
echo "FIREBASE_AUTH_URI=${{ secrets.FIREBASE_AUTH_URI }}" >> .env.production | |
echo "FIREBASE_TOKEN_URI=${{ secrets.FIREBASE_TOKEN_URI }}" >> .env.production | |
echo "FIREBASE_AUTH_PROVIDER_X509_CERT_URL=${{ secrets.FIREBASE_AUTH_PROVIDER_X509_CERT_URL }}" >> .env.production | |
echo "FIREBASE_CLIENT_X509_CERT_URL=${{ secrets.FIREBASE_CLIENT_X509_CERT_URL }}" >> .env.production | |
echo "NEXT_PUBLIC_FIREBASE_API_KEY=${{ secrets.NEXT_PUBLIC_FIREBASE_API_KEY }}" >> .env.production | |
echo "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=${{ secrets.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN }}" >> .env.production | |
echo "NEXT_PUBLIC_FIREBASE_PROJECT_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_PROJECT_ID }}" >> .env.production | |
echo "NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=${{ secrets.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET }}" >> .env.production | |
echo "NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID }}" >> .env.production | |
echo "NEXT_PUBLIC_FIREBASE_APP_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_APP_ID }}" >> .env.production | |
echo "NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID }}" >> .env.production | |
echo "NEXT_PUBLIC_DATABASE_NAME=${{ secrets.NEXT_PUBLIC_DATABASE_NAME }}" >> .env.production | |
echo "NEXT_PUBLIC_BRANCH_NAME=${{ secrets.NEXT_PUBLIC_BRANCH_NAME }}" >> .env.production | |
echo "NEXT_PUBLIC_GCP_LOG_NAME=${{ secrets.NEXT_PUBLIC_GCP_LOG_NAME }}" >> .env.production | |
- name: Install dependencies | |
run: | | |
cd booking-app | |
npm ci | |
- name: Build | |
run: | | |
cd booking-app | |
npm run build | |
- name: Deploy to App Engine | |
run: | | |
cd booking-app | |
gcloud app deploy app.development.yaml --project=${{ secrets.GCP_PROJECT_ID }} --quiet | |
- name: Delete old versions | |
run: | | |
CURRENT_VERSION=$(gcloud app versions list --service=development --sort-by=~version --limit=1 --format="value(version.id)") | |
echo "Current version: $CURRENT_VERSION" | |
VERSIONS_TO_DELETE=$(gcloud app versions list --service=development --sort-by=~version --format="value(version.id)" | tail -n +3) | |
if [ -n "$VERSIONS_TO_DELETE" ]; then | |
echo "Deleting old versions: $VERSIONS_TO_DELETE" | |
echo $VERSIONS_TO_DELETE | xargs gcloud app versions delete --service=development --quiet | |
else | |
echo "No old versions to delete" | |
fi |