fix: use secrets for sensitive values in migration job
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 6m6s
Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 6m6s
This commit is contained in:
parent
7e132608d7
commit
6f6ddb072b
@ -16,43 +16,55 @@ spec:
|
||||
command: ["/bin/sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
echo "=== Environment Variables ==="
|
||||
env | grep POSTGRES
|
||||
echo "=== Testing Direct Connection ==="
|
||||
echo "=== Testing Connection ==="
|
||||
PGPASSWORD=$POSTGRES_PASSWORD psql -h $POSTGRES_HOSTNAME -p $POSTGRES_PORT -U $POSTGRES_USER -d $POSTGRES_NAME -c "SELECT 1"
|
||||
echo "=== Testing Connection String ==="
|
||||
PGPASSWORD=$POSTGRES_PASSWORD psql "postgresql://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOSTNAME:$POSTGRES_PORT/$POSTGRES_NAME" -c "SELECT 1"
|
||||
echo "=== Testing MikroORM Connection ==="
|
||||
node -e "
|
||||
const { PostgreSqlDriver } = require('@mikro-orm/postgresql');
|
||||
const { MikroORM } = require('@mikro-orm/core');
|
||||
const config = {
|
||||
driver: PostgreSqlDriver,
|
||||
dbName: process.env.POSTGRES_NAME,
|
||||
host: process.env.POSTGRES_HOSTNAME,
|
||||
port: parseInt(process.env.POSTGRES_PORT),
|
||||
user: process.env.POSTGRES_USER,
|
||||
password: process.env.POSTGRES_PASSWORD,
|
||||
driverOptions: {
|
||||
connectionString: \`postgresql://\${process.env.POSTGRES_USER}:\${process.env.POSTGRES_PASSWORD}@\${process.env.POSTGRES_HOSTNAME}:\${process.env.POSTGRES_PORT}/\${process.env.POSTGRES_NAME}\`
|
||||
}
|
||||
};
|
||||
console.log('MikroORM config:', JSON.stringify(config, null, 2));
|
||||
MikroORM.init(config).then(orm => {
|
||||
console.log('Connected successfully!');
|
||||
orm.close();
|
||||
}).catch(err => {
|
||||
console.error('Connection failed:', err);
|
||||
process.exit(1);
|
||||
});
|
||||
"
|
||||
echo "=== Running Migrations ==="
|
||||
npx mikro-orm migration:up
|
||||
echo "=== Running Seeds ==="
|
||||
npm run seed
|
||||
env:
|
||||
{{- range $key, $val := .Values.backend.env }}
|
||||
- name: {{ $key }}
|
||||
value: "{{ $val }}"
|
||||
{{- end }}
|
||||
- name: POSTGRES_HOSTNAME
|
||||
value: "{{ .Values.backend.env.POSTGRES_HOSTNAME }}"
|
||||
- name: POSTGRES_PORT
|
||||
value: "{{ .Values.backend.env.POSTGRES_PORT }}"
|
||||
- name: POSTGRES_NAME
|
||||
value: "{{ .Values.backend.env.POSTGRES_NAME }}"
|
||||
- name: POSTGRES_USER
|
||||
value: "{{ .Values.backend.env.POSTGRES_USER }}"
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: fusero-backend-secrets
|
||||
key: POSTGRES_PASSWORD
|
||||
- name: DEFAULT_ADMIN_USERNAME
|
||||
value: "{{ .Values.backend.env.DEFAULT_ADMIN_USERNAME }}"
|
||||
- name: DEFAULT_ADMIN_EMAIL
|
||||
value: "{{ .Values.backend.env.DEFAULT_ADMIN_EMAIL }}"
|
||||
- name: DEFAULT_ADMIN_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: fusero-backend-secrets
|
||||
key: DEFAULT_ADMIN_PASSWORD
|
||||
- name: ENCRYPTION_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: fusero-backend-secrets
|
||||
key: ENCRYPTION_KEY
|
||||
- name: JWT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: fusero-backend-secrets
|
||||
key: JWT_SECRET
|
||||
- name: CHATGPT_API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: fusero-backend-secrets
|
||||
key: CHATGPT_API_KEY
|
||||
- name: CANVAS_API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: fusero-backend-secrets
|
||||
key: CANVAS_API_KEY
|
||||
- name: CANVAS_API_URL
|
||||
value: "{{ .Values.backend.env.CANVAS_API_URL }}"
|
||||
restartPolicy: Never
|
||||
|
||||
Loading…
Reference in New Issue
Block a user