Conversation
AdamJHall
requested review from
TheOrangePuff,
aaronmedina-dev,
aligent-lturner and
nathaniel-cruz-aligent
aligent-lturner
left a comment
aligent-lturner
left a comment
There was a problem hiding this comment.
Seems reasonable to me. Another action that might be useful is the ability to secure web actions. I would say that would be a separate action though, where we could specify a list of actions, and a secret to use.
An example is done here - https://github.com/aligent/cooldrive-autoinfo-app/blob/f311547770e15b7bfc5dba53828e549cc38812f3/.github/workflows/deploy_stage.yml#L76-L82
The example for Cooldrive secures every action (there's only 2), but it could be done for specific actions, as the paths are known based on config |
2 participants
Description of the proposed changes
I'm in the process of migrating OTR over to github and since they didn't have any deployment workflows I figured it was time to add some here.
This PR adds in adobe app and mesh deployment workflows, I've based this on the workflows @aligent-lturner has done in cooldrive and @nathaniel-cruz-aligent has done in appbuilder-apps.
Like out CDK and Serverless workflows it pulls the required secrets directly from the environment instead of using inputs.
Notes to reviewers
For the mesh I've added
AIO_MESH_ENV_VARSandAIO_MESH_SECRETSto generate the .env and secrets.yaml passed to the mesh deployment.For the app deployment I've added
EXTRA_VARSandEXTRA_SECRETSwhich get piped directly into GITHUB_ENV so they are available at runtime so that we don't need to keep updating the workflow when adding new options like in APS here: https://github.com/aligent/aps-sap-app/blob/production/.github/workflows/deploy.yml#L76ℹ️ When you've finished leaving feedback, please add a final comment to the PR tagging the author, letting them know that you have finished leaving feedback