Skip to content

Commit 6baec72

Browse files
andrasbacsaiandrasbacsai
committed
fix: decrypt secrets
1 parent d43554d commit 6baec72

File tree

1 file changed

+76
-65
lines changed

1 file changed

+76
-65
lines changed

apps/api/src/jobs/deployApplication.ts

Lines changed: 76 additions & 65 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ import fs from 'fs/promises';
44
import yaml from 'js-yaml';
55

66
import { copyBaseConfigurationFiles, makeLabelForStandaloneApplication, saveBuildLog, setDefaultConfiguration } from '../lib/buildPacks/common';
7-
import { createDirectories, decrypt, defaultComposeConfiguration, executeDockerCmd, getDomain, prisma } from '../lib/common';
7+
import { createDirectories, decrypt, defaultComposeConfiguration, executeDockerCmd, getDomain, prisma, decryptApplication } from '../lib/common';
88
import * as importers from '../lib/importers';
99
import * as buildpacks from '../lib/buildPacks';
1010

@@ -27,7 +27,7 @@ import * as buildpacks from '../lib/buildPacks';
2727

2828
const th = throttle(async () => {
2929
try {
30-
const queuedBuilds = await prisma.build.findMany({ where: { status: 'queued' }, orderBy: { createdAt: 'asc' } });
30+
const queuedBuilds = await prisma.build.findMany({ where: { status: { in: ['queued', 'running'] } }, orderBy: { createdAt: 'asc' } });
3131
const { concurrentBuilds } = await prisma.setting.findFirst({})
3232
if (queuedBuilds.length > 0) {
3333
parentPort.postMessage({ deploying: true });
@@ -37,68 +37,76 @@ import * as buildpacks from '../lib/buildPacks';
3737

3838
for (const queueBuild of queuedBuilds) {
3939
actions.push(async () => {
40-
const application = await prisma.application.findUnique({ where: { id: queueBuild.applicationId }, include: { destinationDocker: true, gitSource: { include: { githubApp: true, gitlabApp: true } }, persistentStorage: true, secrets: true, settings: true, teams: true } })
41-
const { id: buildId, type, sourceBranch = null, pullmergeRequestId = null, forceRebuild } = queueBuild
42-
const {
43-
id: applicationId,
44-
repository,
45-
name,
46-
destinationDocker,
47-
destinationDockerId,
48-
gitSource,
49-
configHash,
50-
fqdn,
51-
projectId,
52-
secrets,
53-
phpModules,
54-
settings,
55-
persistentStorage,
56-
pythonWSGI,
57-
pythonModule,
58-
pythonVariable,
59-
denoOptions,
60-
exposePort,
61-
baseImage,
62-
baseBuildImage,
63-
deploymentType,
64-
} = application
65-
let {
66-
branch,
67-
buildPack,
68-
port,
69-
installCommand,
70-
buildCommand,
71-
startCommand,
72-
baseDirectory,
73-
publishDirectory,
74-
dockerFileLocation,
75-
denoMainFile
76-
} = application
77-
const currentHash = crypto
78-
.createHash('sha256')
79-
.update(
80-
JSON.stringify({
81-
pythonWSGI,
82-
pythonModule,
83-
pythonVariable,
84-
deploymentType,
85-
denoOptions,
86-
baseImage,
87-
baseBuildImage,
88-
buildPack,
89-
port,
90-
exposePort,
91-
installCommand,
92-
buildCommand,
93-
startCommand,
94-
secrets,
95-
branch,
96-
repository,
97-
fqdn
98-
})
99-
)
100-
.digest('hex');
40+
let application = await prisma.application.findUnique({ where: { id: queueBuild.applicationId }, include: { destinationDocker: true, gitSource: { include: { githubApp: true, gitlabApp: true } }, persistentStorage: true, secrets: true, settings: true, teams: true } })
41+
let { id: buildId, type, sourceBranch = null, pullmergeRequestId = null, forceRebuild } = queueBuild
42+
application = decryptApplication(application)
10143
try {
44+
if (queueBuild.status === 'running') {
45+
await saveBuildLog({ line: 'Building halted, restarting...', buildId, applicationId: application.id });
46+
}
47+
// if (pullmergeRequestId) {
48+
// pullmergeRequestId = pullmergeRequestId.toString()
49+
// }
50+
51+
const {
52+
id: applicationId,
53+
repository,
54+
name,
55+
destinationDocker,
56+
destinationDockerId,
57+
gitSource,
58+
configHash,
59+
fqdn,
60+
projectId,
61+
secrets,
62+
phpModules,
63+
settings,
64+
persistentStorage,
65+
pythonWSGI,
66+
pythonModule,
67+
pythonVariable,
68+
denoOptions,
69+
exposePort,
70+
baseImage,
71+
baseBuildImage,
72+
deploymentType,
73+
} = application
74+
let {
75+
branch,
76+
buildPack,
77+
port,
78+
installCommand,
79+
buildCommand,
80+
startCommand,
81+
baseDirectory,
82+
publishDirectory,
83+
dockerFileLocation,
84+
denoMainFile
85+
} = application
86+
const currentHash = crypto
87+
.createHash('sha256')
88+
.update(
89+
JSON.stringify({
90+
pythonWSGI,
91+
pythonModule,
92+
pythonVariable,
93+
deploymentType,
94+
denoOptions,
95+
baseImage,
96+
baseBuildImage,
97+
buildPack,
98+
port,
99+
exposePort,
100+
installCommand,
101+
buildCommand,
102+
startCommand,
103+
secrets,
104+
branch,
105+
repository,
106+
fqdn
107+
})
108+
)
109+
.digest('hex');
102110
const { debug } = settings;
103111
if (concurrency === 1) {
104112
await prisma.build.updateMany({
@@ -256,9 +264,9 @@ import * as buildpacks from '../lib/buildPacks';
256264
const envs = [
257265
`PORT=${port}`
258266
];
267+
console.log({secrets})
259268
if (secrets.length > 0) {
260269
secrets.forEach((secret) => {
261-
secret.value = decrypt(secret.value)
262270
if (pullmergeRequestId) {
263271
if (secret.isPRMRSecret) {
264272
envs.push(`${secret.name}=${secret.value}`);
@@ -353,13 +361,16 @@ import * as buildpacks from '../lib/buildPacks';
353361
where: { id: buildId, status: { in: ['queued', 'running'] } },
354362
data: { status: 'failed' }
355363
});
356-
await saveBuildLog({ line: error, buildId, applicationId });
364+
await saveBuildLog({ line: error, buildId, applicationId: application.id });
357365
}
358366
});
367+
359368
}
369+
360370
await pAll.default(actions, { concurrency })
361371
}
362372
} catch (error) {
373+
console.log(error)
363374
} finally {
364375
}
365376
})

0 commit comments

Comments
 (0)