Remove `.env.development` file
pcaversaccio opened this issue · 4 comments
Currently we do not gitignore the .env.development file. While there is no security-critical information to date in there, we should move to gitignore this file and instead put the environment variable values as GitHub repository secrets. This would also imply, adjusting slightly the current build process in the way that the GitHub Actions load the secrets correctly.
If we remove .env.development file , How do the tool can load the api to upload to the system ? do you have any idea about this issue ? we will hardcode the api into the source code . By the way , The currently the library direct into dev enviroment when we move to the production ,it could make a complex if we hardcode the api into the source code.
@BEdaita we will use the encrypted secrets from GitHub and the values will be directly put into the build by the GitHub Actions flow.
This will look like that (in e.g. here:
...
- name: Build a binary wheel and a source tarball
run: >-
python -m
build
--sdist
--wheel
--outdir dist/
.
env:
DAITA_TOKEN: ${{ secrets.DAITA_TOKEN }}
PRESIGN_URL: ${{ secrets.PRESIGN_URL }}
CHECK_EXISTENCE_FILE: ${{ secrets.CHECK_EXISTENCE_FILE }}
CREATE_PRESIGN_SIGNLE_URL: ${{ secrets.CREATE_PRESIGN_SIGNLE_URL }}
UPLOAD_COMPRESS_FILE: ${{ secrets.UPLOAD_COMPRESS_FILE }}Does that make sense to you?
Can you please use the following syntax:
PRESIGN_URL=>PRESIGNED_URLCHECK_EXISTENCE_FILE=>CHECK_FILE_EXISTENCECREATE_PRESIGN_SIGNLE_URL=CREATE_PRESIGNED_SINGLE_URLUPLOAD_COMPRESS_FILE=>UPLOAD_COMPRESSED_FILE
Hi Pascal, sorry for bothering you . I writed the flow can generate the .env file during build github action process but I check my account don't have permission to access settings on this repo, please check help me to complete this issue . Thank you so much.
@BEdaita check again now