fix(ci): update Dockerfiles and workflow to include new Cloudinary environment variable
Some checks failed
Deploy — Staging / Lint, Typecheck & Test (push) Successful in 2m6s
Deploy — Staging / Build & push — admin (push) Failing after 2m7s
Deploy — Staging / Build & push — storefront (push) Failing after 1m35s
Deploy — Staging / Deploy to staging VPS (push) Has been skipped
Some checks failed
Deploy — Staging / Lint, Typecheck & Test (push) Successful in 2m6s
Deploy — Staging / Build & push — admin (push) Failing after 2m7s
Deploy — Staging / Build & push — storefront (push) Failing after 1m35s
Deploy — Staging / Deploy to staging VPS (push) Has been skipped
- Added NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME to both admin and storefront Dockerfiles to ensure it is available during the build process. - Updated deploy-staging.yml to pass the new Cloudinary variable as a build argument. - Clarified comments regarding the handling of NEXT_PUBLIC_* variables and Gitea secret prefixes. This change enhances the build configuration for both applications, ensuring all necessary environment variables are correctly passed during the Docker build process.
This commit is contained in:
@@ -19,9 +19,10 @@ on:
|
|||||||
# STAGING_SSH_USER — SSH user on the VPS
|
# STAGING_SSH_USER — SSH user on the VPS
|
||||||
# STAGING_SSH_KEY — SSH private key (full PEM)
|
# STAGING_SSH_KEY — SSH private key (full PEM)
|
||||||
# STAGING_SSH_PORT — (optional) defaults to 22
|
# STAGING_SSH_PORT — (optional) defaults to 22
|
||||||
# STAGING_NEXT_PUBLIC_CONVEX_URL — Convex deployment URL (shared by both apps)
|
# STAGING_NEXT_PUBLIC_CONVEX_URL — Convex deployment URL (shared)
|
||||||
# STAGING_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY — storefront Clerk publishable key
|
# STAGING_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY — storefront Clerk publishable key
|
||||||
# STAGING_ADMIN_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY — admin Clerk publishable key
|
# STAGING_ADMIN_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY — admin Clerk publishable key
|
||||||
|
# STAGING_NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME — admin Cloudinary cloud name
|
||||||
#
|
#
|
||||||
# The Dockerfiles are expected at:
|
# The Dockerfiles are expected at:
|
||||||
# apps/storefront/Dockerfile
|
# apps/storefront/Dockerfile
|
||||||
@@ -107,29 +108,40 @@ jobs:
|
|||||||
# Each app has its own Clerk instance so the publishable key differs.
|
# Each app has its own Clerk instance so the publishable key differs.
|
||||||
# NEXT_PUBLIC_* vars must be baked in at build time — Next.js prerender
|
# NEXT_PUBLIC_* vars must be baked in at build time — Next.js prerender
|
||||||
# fails with "Missing publishableKey" if they are absent.
|
# fails with "Missing publishableKey" if they are absent.
|
||||||
|
# Secrets use STAGING_/PROD_ prefix in Gitea; the prefix is stripped here
|
||||||
|
# so Dockerfiles receive the plain NEXT_PUBLIC_* names they expect.
|
||||||
env:
|
env:
|
||||||
STOREFRONT_CLERK_KEY: ${{ secrets.STAGING_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY }}
|
STOREFRONT_CLERK_KEY: ${{ secrets.STAGING_STOREFRONT_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY }}
|
||||||
ADMIN_CLERK_KEY: ${{ secrets.STAGING_ADMIN_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY }}
|
ADMIN_CLERK_KEY: ${{ secrets.STAGING_ADMIN_NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY }}
|
||||||
NEXT_PUBLIC_CONVEX_URL: ${{ secrets.STAGING_NEXT_PUBLIC_CONVEX_URL }}
|
NEXT_PUBLIC_CONVEX_URL: ${{ secrets.STAGING_NEXT_PUBLIC_CONVEX_URL }}
|
||||||
|
NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME: ${{ secrets.STAGING_NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME }}
|
||||||
run: |
|
run: |
|
||||||
SHORT_SHA="${GITHUB_SHA::7}"
|
SHORT_SHA="${GITHUB_SHA::7}"
|
||||||
IMAGE="${{ secrets.STAGING_REGISTRY }}/${{ matrix.app }}"
|
IMAGE="${{ secrets.STAGING_REGISTRY }}/${{ matrix.app }}"
|
||||||
|
|
||||||
if [ "${{ matrix.app }}" = "admin" ]; then
|
if [ "${{ matrix.app }}" = "admin" ]; then
|
||||||
CLERK_KEY="$ADMIN_CLERK_KEY"
|
CLERK_KEY="$ADMIN_CLERK_KEY"
|
||||||
|
docker build \
|
||||||
|
-f apps/admin/Dockerfile \
|
||||||
|
--build-arg NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY="$CLERK_KEY" \
|
||||||
|
--build-arg NEXT_PUBLIC_CONVEX_URL="$NEXT_PUBLIC_CONVEX_URL" \
|
||||||
|
--build-arg NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME="$NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME" \
|
||||||
|
-t "${IMAGE}:staging" \
|
||||||
|
-t "${IMAGE}:sha-${SHORT_SHA}" \
|
||||||
|
--push \
|
||||||
|
./out
|
||||||
else
|
else
|
||||||
CLERK_KEY="$STOREFRONT_CLERK_KEY"
|
CLERK_KEY="$STOREFRONT_CLERK_KEY"
|
||||||
|
docker build \
|
||||||
|
-f apps/storefront/Dockerfile \
|
||||||
|
--build-arg NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY="$CLERK_KEY" \
|
||||||
|
--build-arg NEXT_PUBLIC_CONVEX_URL="$NEXT_PUBLIC_CONVEX_URL" \
|
||||||
|
-t "${IMAGE}:staging" \
|
||||||
|
-t "${IMAGE}:sha-${SHORT_SHA}" \
|
||||||
|
--push \
|
||||||
|
./out
|
||||||
fi
|
fi
|
||||||
|
|
||||||
docker build \
|
|
||||||
-f apps/${{ matrix.app }}/Dockerfile \
|
|
||||||
--build-arg NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY="$CLERK_KEY" \
|
|
||||||
--build-arg NEXT_PUBLIC_CONVEX_URL="$NEXT_PUBLIC_CONVEX_URL" \
|
|
||||||
-t "${IMAGE}:staging" \
|
|
||||||
-t "${IMAGE}:sha-${SHORT_SHA}" \
|
|
||||||
--push \
|
|
||||||
./out
|
|
||||||
|
|
||||||
# ── 3. Deploy ───────────────────────────────────────────────────────────────
|
# ── 3. Deploy ───────────────────────────────────────────────────────────────
|
||||||
|
|
||||||
deploy:
|
deploy:
|
||||||
|
|||||||
@@ -28,12 +28,15 @@ COPY --from=deps /app/node_modules ./node_modules
|
|||||||
COPY full/ .
|
COPY full/ .
|
||||||
|
|
||||||
# NEXT_PUBLIC_* vars are baked into the client bundle at build time by Next.js.
|
# NEXT_PUBLIC_* vars are baked into the client bundle at build time by Next.js.
|
||||||
# They must be present here (not just at runtime) or SSG/prerender fails with
|
# They must be present here (not just at runtime) or SSG/prerender fails.
|
||||||
# "Missing publishableKey". Pass via --build-arg in CI.
|
# Passed via --build-arg in CI. Note: Gitea secrets use a STAGING_/PROD_ prefix
|
||||||
|
# which is stripped by the workflow before being forwarded here as build args.
|
||||||
ARG NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
|
ARG NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
|
||||||
ARG NEXT_PUBLIC_CONVEX_URL
|
ARG NEXT_PUBLIC_CONVEX_URL
|
||||||
|
ARG NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME
|
||||||
ENV NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=$NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY \
|
ENV NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=$NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY \
|
||||||
NEXT_PUBLIC_CONVEX_URL=$NEXT_PUBLIC_CONVEX_URL \
|
NEXT_PUBLIC_CONVEX_URL=$NEXT_PUBLIC_CONVEX_URL \
|
||||||
|
NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME=$NEXT_PUBLIC_CLOUDINARY_CLOUD_NAME \
|
||||||
NEXT_TELEMETRY_DISABLED=1
|
NEXT_TELEMETRY_DISABLED=1
|
||||||
|
|
||||||
RUN npx turbo build --filter=admin
|
RUN npx turbo build --filter=admin
|
||||||
|
|||||||
@@ -34,8 +34,9 @@ COPY --from=deps /app/node_modules ./node_modules
|
|||||||
COPY full/ .
|
COPY full/ .
|
||||||
|
|
||||||
# NEXT_PUBLIC_* vars are baked into the client bundle at build time by Next.js.
|
# NEXT_PUBLIC_* vars are baked into the client bundle at build time by Next.js.
|
||||||
# They must be present here (not just at runtime) or SSG/prerender fails with
|
# They must be present here (not just at runtime) or SSG/prerender fails.
|
||||||
# "Missing publishableKey". Pass via --build-arg in CI.
|
# Passed via --build-arg in CI. Note: Gitea secrets use a STAGING_/PROD_ prefix
|
||||||
|
# which is stripped by the workflow before being forwarded here as build args.
|
||||||
ARG NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
|
ARG NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
|
||||||
ARG NEXT_PUBLIC_CONVEX_URL
|
ARG NEXT_PUBLIC_CONVEX_URL
|
||||||
ENV NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=$NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY \
|
ENV NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=$NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY \
|
||||||
|
|||||||
Reference in New Issue
Block a user