INFORMATION
Relevant information to this issue:
I have a simple .NET project that containerized and points to a postgres db and plugs into github. I have a working deployment with github actions and I’m trying to add migrations to my workflow, but am unsure how I can reference the db connection string that lives in qovery.
ISSUE
Describe your issue here
So I set up my project to deploy using github actions pretty much lock step with the tutorial here and it works pretty well.
The problem is enhancing it to run migrations. I’m able to run my migrations, but I can’t figure out how to reference my Qovery secrets in my pipeline to pull in my connection string for my DB.
For example, say I have a github actions workflow like so:
name: Migrate and Deploy on Qovery
on:
workflow_call:
inputs:
organization-id:
required: true
type: string
environment-id:
required: true
type: string
application-ids:
required: true
type: string
secrets:
api-token:
required: true
jobs:
migrate:
runs-on: ubuntu-latest
strategy:
matrix:
dotnet-version: [ '6.0.x' ]
steps:
- uses: actions/checkout@v2
- name: Setup .NET Core SDK ${{ matrix.dotnet-version }}
uses: actions/setup-dotnet@v1.7.2
with:
dotnet-version: ${{ matrix.dotnet-version }}
- name: Install EF
run: dotnet tool install --global dotnet-ef
- name: Run Migration
run: dotnet ef database update --project RecipeManagement/src/RecipeManagement
with:
DB_CONNECTION_STRING: ${{ secrets.db-connection-string }}
deploy:
needs: migrate
runs-on: ubuntu-latest
name: Deploy on Qovery
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Deploy on Qovery
uses: Qovery/qovery-action@v0.10
id: qovery
with:
qovery-organization-id: ${{ inputs.organization-id }}
qovery-environment-id: ${{ inputs.environment-id }}
qovery-application-ids: ${{ inputs.application-ids }}
qovery-api-token: ${{ secrets.api-token }}
That actually runs using a workflow like this:
name: Deploy to dev
on:
push:
branches:
- main
jobs:
migrate-and-deploy:
environment: pipeline-test-env
uses: ./.github/workflows/migrate-and-deploy.yaml
with:
organization-id: my-id
environment-id: my-id
application-ids: my-id
secrets:
api-token: ${{ secrets.QOVERY_API_TOKEN }}
db-connection-string: ${{ secrets.DB_CONNECTION_STRING }}
Ideally, I would be able to reference the qovery secrets from my actions so i have a single source of truth, but i’m guessing that might not be feasible (at least yet)
If I’m not able to reference the key directly, what would you all recommend?
I’m able to use a github REPOSITORY secret like I use for my api token, but I really need an ENVIRONMENT secret so the connection string for the db will point to the proper db and I’m not sure how to use that in this context. I suppose I could make a repo secret for each env with the env in the secret name… but that seems inelegant.
curious what your thoughts are and what others are doing.