fusero-group/fusero-app-boilerplate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: use secrets for sensitive values in migration job
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 6m6s
Details

Browse Source
This commit is contained in:
liquidrinu 2025-05-27 13:08:28 +02:00
parent 7e132608d7
commit 6f6ddb072b
1 changed files with 45 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
chart/templates/backend-migration.job.yaml
View File

@ -16,43 +16,55 @@ spec:
command: ["/bin/sh", "-c"] command: ["/bin/sh", "-c"]
args: args:
- | - |
echo "=== Environment Variables ===" echo "=== Testing Connection ==="
env | grep POSTGRES
echo "=== Testing Direct Connection ==="
PGPASSWORD=$POSTGRES_PASSWORD psql -h $POSTGRES_HOSTNAME -p $POSTGRES_PORT -U $POSTGRES_USER -d $POSTGRES_NAME -c "SELECT 1" PGPASSWORD=$POSTGRES_PASSWORD psql -h $POSTGRES_HOSTNAME -p $POSTGRES_PORT -U $POSTGRES_USER -d $POSTGRES_NAME -c "SELECT 1"
echo "=== Testing Connection String ==="
PGPASSWORD=$POSTGRES_PASSWORD psql "postgresql://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOSTNAME:$POSTGRES_PORT/$POSTGRES_NAME" -c "SELECT 1"
echo "=== Testing MikroORM Connection ==="
node -e "
const { PostgreSqlDriver } = require('@mikro-orm/postgresql');
const { MikroORM } = require('@mikro-orm/core');
const config = {
driver: PostgreSqlDriver,
dbName: process.env.POSTGRES_NAME,
host: process.env.POSTGRES_HOSTNAME,
port: parseInt(process.env.POSTGRES_PORT),
user: process.env.POSTGRES_USER,
password: process.env.POSTGRES_PASSWORD,
driverOptions: {
connectionString: \`postgresql://\${process.env.POSTGRES_USER}:\${process.env.POSTGRES_PASSWORD}@\${process.env.POSTGRES_HOSTNAME}:\${process.env.POSTGRES_PORT}/\${process.env.POSTGRES_NAME}\`
}
};
console.log('MikroORM config:', JSON.stringify(config, null, 2));
MikroORM.init(config).then(orm => {
console.log('Connected successfully!');
orm.close();
}).catch(err => {
console.error('Connection failed:', err);
process.exit(1);
});
"
echo "=== Running Migrations ===" echo "=== Running Migrations ==="
npx mikro-orm migration:up npx mikro-orm migration:up
echo "=== Running Seeds ===" echo "=== Running Seeds ==="
npm run seed npm run seed
env: env:
{{- range $key, $val := .Values.backend.env }} - name: POSTGRES_HOSTNAME
- name: {{ $key }} value: "{{ .Values.backend.env.POSTGRES_HOSTNAME }}"
value: "{{ $val }}" - name: POSTGRES_PORT
{{- end }} value: "{{ .Values.backend.env.POSTGRES_PORT }}"
- name: POSTGRES_NAME
value: "{{ .Values.backend.env.POSTGRES_NAME }}"
- name: POSTGRES_USER
value: "{{ .Values.backend.env.POSTGRES_USER }}"
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: fusero-backend-secrets
key: POSTGRES_PASSWORD
- name: DEFAULT_ADMIN_USERNAME
value: "{{ .Values.backend.env.DEFAULT_ADMIN_USERNAME }}"
- name: DEFAULT_ADMIN_EMAIL
value: "{{ .Values.backend.env.DEFAULT_ADMIN_EMAIL }}"
- name: DEFAULT_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: fusero-backend-secrets
key: DEFAULT_ADMIN_PASSWORD
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: fusero-backend-secrets
key: ENCRYPTION_KEY
- name: JWT_SECRET
valueFrom:
secretKeyRef:
name: fusero-backend-secrets
key: JWT_SECRET
- name: CHATGPT_API_KEY
valueFrom:
secretKeyRef:
name: fusero-backend-secrets
key: CHATGPT_API_KEY
- name: CANVAS_API_KEY
valueFrom:
secretKeyRef:
name: fusero-backend-secrets
key: CANVAS_API_KEY
- name: CANVAS_API_URL
value: "{{ .Values.backend.env.CANVAS_API_URL }}"
restartPolicy: Never restartPolicy: Never