Implementa Novo Deploy de Secrets

2023-09-14 07:28:03 -03:00
parent 22b1962afc
commit 11ffc7e49b
3 changed files with 24 additions and 46 deletions
--- a/.github/workflows/deploy-staging.yml
+++ b/.github/workflows/deploy-staging.yml
@@ -48,11 +48,11 @@ jobs:
                  envkey_VIRUS_CHECKER_TYPE: ${{ secrets.VIRUS_CHECKER_TYPE }}
                  envkey_VIRUS_CHECKER_API_KEY: ${{ secrets.VIRUS_CHECKER_API_KEY }}

-            - name: Inserts Prod Enviromental Variables
-              run: |
-                python -m pip install --upgrade pip pipenv
-                pipenv install
-                pipenv run python setup.py -e staging -f .env
+            # - name: Inserts Prod Enviromental Variables
+            #   run: |
+            #     python -m pip install --upgrade pip pipenv
+            #     pipenv install
+            #     pipenv run python setup.py -e staging -f .env

            - name: copy file via ssh
              uses: appleboy/scp-action@master
@@ -64,13 +64,13 @@ jobs:
                source: "."
                target: "infra-hideyoshi.com"

-            - name: executing remote ssh commands
-              uses: appleboy/ssh-action@master
-              with:
-                host: ${{ secrets.SSH_HOST }}
-                username: ${{ secrets.SSH_USER }}
-                port: ${{ secrets.SSH_PORT }}
-                key: ${{ secrets.SSH_KEY }}
-                script: |
-                  cd infra-hideyoshi.com
-                  ./deploy.sh --staging
+            # - name: executing remote ssh commands
+            #   uses: appleboy/ssh-action@master
+            #   with:
+            #     host: ${{ secrets.SSH_HOST }}
+            #     username: ${{ secrets.SSH_USER }}
+            #     port: ${{ secrets.SSH_PORT }}
+            #     key: ${{ secrets.SSH_KEY }}
+            #     script: |
+            #       cd infra-hideyoshi.com
+            #       ./deploy.sh --staging
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
-.env
+.env*

 .secret*

--- a/setup.py
+++ b/setup.py
@@ -31,38 +31,19 @@ ENV_VARIABLES = [
    "AWS_SECRET_ACCESS_KEY",
    "AWS_REGION_NAME",
    "AWS_BUCKET_NAME",
+    "VIRUS_CHECKER_TYPE",
+    "VIRUS_CHECKER_API_KEY",
 ]

-FORCE_BASE64_FIELD = [
-    "OAUTH_GITHUB_CLIENT_ID",
-    "OAUTH_GITHUB_CLIENT_SECRET",
-    "AWS_ACCESS_KEY_ID",
-    "AWS_SECRET_ACCESS_KEY",
-]
-
-
-def is_force_base64_fields(field: str) -> bool:
-    return field in FORCE_BASE64_FIELD
-
-
-def is_validate_base64(value: str) -> bool:
-    if not isinstance(value, str):
-        return False
-
-    try:
-        if b64encode(b64decode(value)).decode() == value:
-            return True
-    except:
-        pass
-
-    return False
-

 def setting_environment(environment: str):
-    if not environment in ("prod", "staging", "dev"):
+    if not environment in ("prod", "staging", "local", "dev"):
        raise ValueError("Invalid Environment Selected")

    match environment:
+        case "local":
+            DOMAIN = "local.hideyoshi.com.br"
+            API_DOMAIN = "api.local.hideyoshi.com.br"
        case "staging":
            DOMAIN = "staging.hideyoshi.com.br"
            API_DOMAIN = "api.staging.hideyoshi.com.br"
@@ -85,9 +66,6 @@ def load_secret_file(file: str):
 def fetch_env_variables():
    for env in ENV_VARIABLES:
        value = os.environ[env]
-        if not is_force_base64_fields(env) and is_validate_base64(value):
-            os.environ[env] = value
-        else:
        value = value.encode("utf-8")
        os.environ[env] = b64encode(value).decode()