[英].env files in Github Actions CI/CD workflows: how to provide these into the workflow
I use Github Actions workflows for my CI/CD processes for Node and PHP projects.我为 Node 和 PHP 项目的 CI/CD 流程使用 Github Actions 工作流。
Within a workflow I clone my repository into Github Actions runner virtual machine.在一个工作流中,我将我的存储库克隆到 Github Actions runner 虚拟机中。 Then in order to run tests within a workflow I have to have the .env
file in the cloned repository.然后为了在工作流中运行测试,我必须在克隆的存储库中有.env
文件。
The problem is my .env
file is not a part of repository (which is the ubuquitous practice).问题是我的.env
文件不是存储库的一部分(这是普遍存在的做法)。
To solve the problem I use what I consider a workaround: set up MY_PROJECT_ENV
Github Action sercret variable, manually put there the content of my .env
file and then dynamically create the .env
file within my workflow with Linux console echo "${{ secrets.MY_PROJECT_ENV}}" >.env
.为了解决这个问题,我使用了我认为的解决方法:设置MY_PROJECT_ENV
Github Action sercret 变量,手动将我的.env
文件的内容放在那里,然后使用 Linux console echo "${{ secrets.MY_PROJECT_ENV}}" >.env
在我的工作流程中动态创建.env
文件echo "${{ secrets.MY_PROJECT_ENV}}" >.env
。 This works.这行得通。
But I would like to know are there other approaches for providing .env
files to Github Actions workflows?但我想知道是否有其他方法可以将.env
文件提供给 Github Actions 工作流程?
As you know .env
doesn't mean to push to the remote repository.如您所知.env
并不意味着推送到远程存储库。
You need to somehow add the environment variables to the machine that you're running the program.您需要以某种方式将环境变量添加到运行程序的机器上。
In your case, you can add environment variables by using the .yaml
file as below在您的情况下,您可以使用.yaml
文件添加环境变量,如下所示
steps:
- name: Hello Program
run: Hello $FIRST_NAME $LAST_NAME!
env:
FIRST_NAME: Akhil
LAST_NAME: Pentamsetti
for more information please visit github official doc about using the environment variables.更多信息请访问github 官方文档关于使用环境变量。
I do the following, which is simple and effective:我做了以下操作,简单有效:
.env.example
in the repository, and run the following at the start of the CI job:将.env.example
保存在存储库中,并在 CI 作业开始时运行以下命令:# Create the .env file
cp .env.example .env
# Install dependencies so we can run artisan commands
composer install ...
# generate an APP_KEY
php artisan key:generate
An alternative to this is to commit a .env.ci
file to the repository with env vars specific to the CI environment, and run cp.env.ci.env
when running tests.另一种方法是将.env.ci
文件提交到存储库,其中包含特定于 CI 环境的环境变量,并在运行测试时运行cp.env.ci.env
。 Sensitive keys should still be set as secrets.敏感密钥仍应设置为机密。
You can technically provide all of your env vars between secrets / env's in the YAML file and have no.env file, but I like having a random APP_KEY set per test run to ensure there's nothing relying on a specific APP_KEY.从技术上讲,您可以在 YAML 文件中的 secrets/env 之间提供所有环境变量,并且没有 .env 文件,但我喜欢在每次测试运行时设置一个随机的 APP_KEY,以确保没有任何依赖于特定 APP_KEY 的东西。
As an aside, here's how environment precedence works with Laravel in phpunit tests.顺便说一句,这是环境优先级如何在 phpunit 测试中与 Laravel 一起使用。 This is laravel specific and may come at a surprise as it's not exactly how phpunit alone works outside of Laravel:这是 laravel 特定的,可能会让人感到惊讶,因为它并不是 phpunit 在 Laravel 之外单独工作的方式:
phpunit.xml
always "win" (this is true in Laravel despite what phpunit's docs say about system env vars taking precedence over phpunit.xml
file items)在phpunit.xml
中设置的环境变量总是“赢”(这在 Laravel 中是正确的,尽管 phpunit 的文档说系统环境变量优先于phpunit.xml
文件项).env
file items .env
文件项Source: I created/run Chipper CI, a CI platform for Laravel.资料来源:我创建/运行了 Chipper CI,这是一个用于 Laravel 的 CI 平台。
There are 3 ways to do this I know.我知道有 3 种方法可以做到这一点。 I put the answer to my own question a year after in the different question.一年后,我在另一个问题中回答了我自己的问题。 See there.看那边。
For the sake of SO rules and findablity I put here a summary.为了 SO 规则和可查找性,我在这里做了一个总结。
You keep your .env
file in the repository.您将.env
文件保存在存储库中。 Use dotenv actions to read your file into the workflow.使用dotenv 操作将文件读入工作流程。
You keep the file out of the repository.您将文件保留在存储库之外。 Then you have 2 ways of getting .env
variables:那么你有两种获取.env
变量的方法:
2.1. 2.1。 as I wrote in my question above manually copy the file content to the GitHub actions secret variable and then in your workflow create the .env
file from that variable.正如我在上面的问题中所写,手动将文件内容复制到 GitHub 操作秘密变量,然后在您的工作流程中从该变量创建.env
文件。
2.2. 2.2. Use the GitHub Actions API to create/update the secrets : write the NodeJS script on your machine (chances are you anyway use Webpack, Gulp or the like Node thing so you have Node installed). Use the GitHub Actions API to create/update the secrets : write the NodeJS script on your machine (chances are you anyway use Webpack, Gulp or the like Node thing so you have Node installed).
The script should read the local .env
files and write their content to the GH secrets.该脚本应读取本地.env
文件并将其内容写入 GH 机密。 Of course you can write console command to do this with any language you use in your project.当然,您可以使用您在项目中使用的任何语言编写控制台命令来执行此操作。
As easy as this:)就这么简单:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.