Last active
February 20, 2023 17:25
-
-
Save fgilio/2c863bf12ecae14e534b721a1181dd5c to your computer and use it in GitHub Desktop.
Override Laravel Vapor's Secrets management
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| stages: | |
| - deploy | |
| .setup_staging_env_file: &setup_staging_env_file | | |
| echo "$STAGING_SECRETS" > staging_secrets.php | |
| .setup_production_env_file: &setup_production_env_file | | |
| echo "$PRODUCTION_SECRETS" > production_secrets.php | |
| staging: | |
| script: | |
| - *setup_staging_env_file | |
| - vapor deploy staging | |
| production: | |
| script: | |
| - *setup_production_env_file | |
| - vapor deploy production |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "autoload": { | |
| "files": [ | |
| "vendor-overrides/laravel/vapor-core/src/Runtime/Secrets.php" | |
| ], | |
| "exclude-from-classmap": [ | |
| "vendor/laravel/vapor-core/src/Runtime/Secrets.php" | |
| ] | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace Laravel\Vapor\Runtime; | |
| /** | |
| * We're overriding Vapor's original class witht this one using composer. | |
| * Make sure it's located in this path: | |
| * vendor/laravel/vapor-core/src/Runtime/Secrets.php | |
| */ | |
| class Secrets | |
| { | |
| public static function addToEnvironment($path, $parameters, $file) | |
| { | |
| echo 'Overriden Secrets management'.PHP_EOL; | |
| /** | |
| * Extract the path to project root. | |
| * Vapor will automatically call this method when building | |
| * the project, and will provide the path to vaporSecrets.php | |
| * which will be located at the root. | |
| */ | |
| $path = str_replace('vaporSecrets.php', '', $file); | |
| if (file_exists($path.'staging_secrets.php')) { | |
| $parameters = require $path.'staging_secrets.php'; | |
| } | |
| if (file_exists($path.'production_secrets.php')) { | |
| $parameters = require $path.'production_secrets.php'; | |
| } | |
| return tap($parameters, function ($variables) { | |
| foreach ($variables as $key => $value) { | |
| echo "Injecting secret [{$key}] into runtime.".PHP_EOL; | |
| $_ENV[$key] = $value; | |
| $_SERVER[$key] = $value; | |
| } | |
| }); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Store this files as a regular text variable in GitLab CI | |
| return [ | |
| 'SECRET_1' => 'foo', | |
| 'SECRET_2' => 'bar', | |
| // This variable contains a double $$ to overcome interpolation in GitLab CI | |
| 'SECRET_3' => '7iryufv1gui2hj$$C&F)Jfghsajsb@a(&YFV', | |
| ]; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment