Fix secrets (#12)

- add scale count to the end to speed up deployment time - set secrets explicitly with `flyctl secrets set`
fewlinesco · Mar 7, 2023 · 96c9518 · 96c9518
1 parent d8bc963
commit 96c9518
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -58,7 +58,7 @@ jobs:
 
       - name: Deploy
         id: deploy
-        uses: fewlinesco/fly-io-review-apps@v3.0
+        uses: fewlinesco/fly-io-review-apps@v3.1
 ```
 
 ## Cleaning up GitHub environments
@@ -86,7 +86,7 @@ jobs:
 
       - name: Deploy app
         id: deploy
-        uses: fewlinesco/fly-io-review-apps@v3.0
+        uses: fewlinesco/fly-io-review-apps@v3.1
 
       - name: Clean up GitHub environment
         uses: strumwolf/delete-deployment-environment@v2
@@ -111,7 +111,7 @@ steps:
 
   - name: Deploy app
     id: deploy
-    uses: fewlinesco/fly-io-review-apps@v3.0
+    uses: fewlinesco/fly-io-review-apps@v3.1
     with:
       postgres: true
 ```
@@ -125,7 +125,7 @@ steps:
 
   - name: Deploy app
     id: deploy
-    uses: fewlinesco/fly-io-review-apps@v3.0
+    uses: fewlinesco/fly-io-review-apps@v3.1
     with:
       postgres: true
       region: cdg
@@ -146,7 +146,7 @@ steps:
   - uses: actions/checkout@v3
 
   - name: Deploy redis
-    uses: fewlinesco/fly-io-review-apps@v3.0
+    uses: fewlinesco/fly-io-review-apps@v3.1
     with:
       update: false # Don't need to re-deploy redis when the PR is updated
       path: redis # Keep fly.toml in a subdirectory to avoid confusing flyctl
@@ -155,7 +155,7 @@ steps:
 
   - name: Deploy app
     id: deploy
-    uses: fewlinesco/ffly-io-review-apps@v3.0
+    uses: fewlinesco/ffly-io-review-apps@v3.1
     with:
       name: pr-${{ github.event.number }}-myapp-app
 ```
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -42,7 +42,6 @@ fi
 # Create (using launch as create doesn't accept --region) the Fly app OR update the existing one.
 if ! flyctl status --app "$app"; then
   flyctl launch --force-machines --copy-config --name "$app" --org "$org" --image "$image" --region "$region" --no-deploy
-  flyctl scale count 2 --app "$app"
   flyctl ips allocate-v4 --app "$app" --region "$region" --shared
   flyctl ips allocate-v6 --app "$app"
 
@@ -76,12 +75,28 @@ if ! flyctl status --app "$app"; then
   else # If PostgreSQL is not requested, just deploy the application
     flyctl deploy --app "$app" --image "$image" --region "$region"
   fi
-else # If the App already exists, deploy it again and reset secrets
+
+  # Set current secrets for future deployments as they are not persisted when used with --env above
+  bash -c "flyctl secrets set --app "\""$app"\"" DATABASE_URL="\""$new_connection_string"\"" $(for secret in $(echo $INPUT_SECRETS | tr ";" "\n") ; do
+    value="${secret}"
+    echo -n " $secret='${!value}' "
+  done) || true"
+
+  # Scale the app to 2 instances
+  flyctl scale count 2 --app "$app"
+else 
+  # If the App already exists, deploy it again with secrets as they may have changed
   if [ "$INPUT_UPDATE" != "false" ]; then
     bash -c "flyctl deploy --app "\""$app"\"" --image "\""$image"\"" --region "\""$region"\"" --strategy bluegreen $(for secret in $(echo $INPUT_SECRETS | tr ";" "\n") ; do
       value="${secret}"
       echo -n "--env $secret='${!value}' "
     done)"
+
+    # Still need to re-set secrets for future deployments as they are not persisted when used with --env above
+    bash -c "flyctl secrets set --app "\""$app"\"" $(for secret in $(echo $INPUT_SECRETS | tr ";" "\n") ; do
+      value="${secret}"
+      echo -n " $secret='${!value}' "
+    done) || true"
   fi
 fi