LAB5_Set secrets in GitHub for CI CD
Objectives
In this step, we will:
- Set Github secrets to allow database connectivity for CI/CD actions
We will cover:
Every application should have a CI/CD (Continuous Integration, Continuous Deployment) pipeline. This allows for quick iteration of changes to production deployment by taking advantage of automation and tests to ensure everything is working properly.
After each commit a workflow is initialized to BUILD your project, EXECUTE tests and DEPLOY to Netlify. The good thing is many CI/CD tools are provided right within GitHub. Adding this capability just takes a couple steps.
In this step, we'll use the same exact environment variables we just set in our applications's .env file and copy each as a separate secret in GitHub. You can open up your .env file in an editor and copy the values exactly as you see them.
✅ 1. Within YOUR Battlestax repository in GitHub click on Settings in the top toolbar.
✅ 2. Choose Secrets from the menu on the left.
✅ 3. Finally click the New repository secret button on the top right of the page for each of the variables we used earlier.
You will need to add each variable one by one.
✅ Repeat this step for each of the variables listed below.
Don't forget to pull these from your .env file since you already have everything there.
ASTRA_DB_USERNAME=battle_user
ASTRA_DB_PASSWORD=battle_password1
ASTRA_DB_KEYSPACE=battlestax
ASTRA_DB_ID=[the value you retrieved above from YOUR database]
ASTRA_DB_REGION=[the value you retrieved above from YOUR database]
GAMES_COLLECTION=gamesBIG note: You should never commit secrets as code to your repository. Instead, use GitHub secrets as we are here to ensure your protected information is not sitting out in the open.
These values are used to connect unit and functional tests defined in your GitHub actions and application to the database when they execute. Since the database is needed for our application to fully function, our tests expect database connectivity to pass.
This should look something like:
It's easy to gloss over setting a set of GitHub secrets, and voila, a full CI/CD pipeline is just magically implemented, but what's actually going on here? While we might not be making any changes to our workflows, it's worth taking a look at the tests.yml file in .github/workflows within your battlestax project.
Take note of the highlighted sections.
Most of the variables and unit test references should look a little familiar at this point. This is the configuration that is hooking up your CI/CD pipeline to your actual code.
Now, take a look at the package.json from the project. Again, note the highlighted sections.
Do you see "test" and "test:functions" in the package.json? Now look back to tests.yml and notice the commands npm run test and npm run test:functions. The Github actions are literally executing the same commands you would locally from package.json. Neat huh?
While there is honestly a little more to it, generally it comes down to write tests, configure yml, and let Github actions do the rest. The next step in our journey is to hook up our production serverless CDN with Netlify.
