added new env

.gitea/workflows/docker-build-and-push.yaml

@@ -27,18 +27,23 @@ jobs:
       image: catthehacker/ubuntu:act-22.04
 
     steps:
-        
-      - name: Checkout code
-        uses: actions/checkout@v2
 
       - name: Import Secrets
         uses: hashicorp/vault-action@v2
         with:
-          url: https://vault.project-rent-dev.com
+          url: https://vault.project-quest-dev.com
           token: ${{ secrets.VAULT_TOKEN }}
           secrets: |
             cicd/data/docker password | REGISTRY_PASSWORD ;
             cicd/data/docker username | REGISTRY_USERNAME ;
+            cicd/data/submodule token | SUBMODULE_TOKEN   ;
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+          fetch-depth: 0
+          token: ${{ env.SUBMODULE_TOKEN }}
 
       - name: Set up Docker BuildX
         uses: docker/setup-buildx-action@v2
@@ -68,7 +73,7 @@ jobs:
 
       - name: Build Docker image
         run: |
-          docker build -t ${{ inputs.REGISTRY }}/${{ inputs.USER_FOR_IMAGE_STORE }}/${{ inputs.APP_NAME }}:${{ env.VERSION }} .          
+          docker build -f ${{ inputs.DOCKERFILE_PATH }} -t ${{ inputs.REGISTRY }}/${{ inputs.USER_FOR_IMAGE_STORE }}/${{ inputs.APP_NAME }}:${{ env.VERSION }} .          
 
       - name: Push Docker image
         run: |

.gitea/workflows/k8s-deploy.yml

@@ -9,7 +9,7 @@ on:
       REGISTRY:
         required: true
         type: string
-        default: registry.project-rent-dev.com
+        default: registry.project-quest-dev.com
       PROD_NAMESPACE:
         required: true
         type: string        
@@ -42,6 +42,18 @@ on:
         required: true
         type: string        
         description: Kubeconf secret path in vault for prod
+      HELM_VERSION:
+        type: string
+        default: 3.17
+        description: Last stable with our chart's
+      ENABLE_CUSTOM_SET:
+        type: string
+        default: "false"
+        description: Last stable with our chart's
+      CUSTOM_HELM_SET:
+        type: string
+        default: ""
+        description: Last stable with our chart's
     secrets:
       VAULT_TOKEN:
         required: true
@@ -69,7 +81,7 @@ jobs:
 
       - name: Export secrets for deploy
         run: |
-          if [ "${{ github.ref }}" == "refs/heads/main" ]; then
+          if [ "${{ github.ref }}" = "refs/heads/main" ]; then
             echo "NAMESPACE=${{ inputs.PROD_NAMESPACE }}" >> $GITHUB_ENV
             echo "VALUES_FILE=${{ inputs.PROD_VALUES_FILE }}" >> $GITHUB_ENV
             echo "KUBECONF=${{ inputs.PROD_KUBECONF_SECRET_PATH }}" >> $GITHUB_ENV
@@ -82,7 +94,7 @@ jobs:
       - name: Import config of k8s
         uses: hashicorp/vault-action@v2
         with:
-          url: https://vault.project-rent-dev.com
+          url: https://vault.project-quest-dev.com
           token: ${{ secrets.VAULT_TOKEN }}
           secrets: | 
             ${{ env.KUBECONF }} | KUBECONFIG;
@@ -90,17 +102,38 @@ jobs:
       - name: Install helm
         uses: azure/setup-helm@v4.2.0
         with:
-          version: latest 
+          version: ${{ inputs.HELM_VERSION }}
 
       - name: Set up Kubectl
         uses: azure/k8s-set-context@v4
         with:
           kubeconfig: ${{ env.KUBECONFIG }}
 
+      - name: Set EXTRA_ARGS if ENABLE_CUSTOM_SET is true
+        run: |
+          if [ "${{ inputs.ENABLE_CUSTOM_SET }}" = "true" ]; then
+            echo "CUSTOM_HELM_SET_TEMPLATE=${{ inputs.CUSTOM_HELM_SET }}" >> "$GITHUB_ENV"
+          else
+            echo "CUSTOM_HELM_SET_TEMPLATE=" >> "$GITHUB_ENV"
+          fi
+
+      - name: Install envsubst
+        run: |
+          sudo apt-get update && sudo apt-get install -y gettext
+
+      - name: Render and export EXTRA_ARGS
+        run: |
+          if [ -n "$CUSTOM_HELM_SET_TEMPLATE" ]; then
+            export EXTRA_ARGS=$(echo "$CUSTOM_HELM_SET_TEMPLATE" | envsubst)
+          else
+            export EXTRA_ARGS=""
+          fi
+          echo "EXTRA_ARGS=$EXTRA_ARGS" >> "$GITHUB_ENV"
+
       - name: Install chart
         run: |
           helm upgrade --install --cleanup-on-fail --atomic --timeout 2m --wait ${{ inputs.APP_NAME }} ./chart \
             --namespace ${{ env.NAMESPACE }} \
             --set image.repository=${{ inputs.REGISTRY }}/${{ inputs.REGISTRY_USER }}/${{ inputs.APP_NAME }} \
             --set image.tag=${{ env.VERSION }} \
-            -f ${{ env.VALUES_FILE }}
+            -f ${{ env.VALUES_FILE }} ${{ env.EXTRA_ARGS }}

.gitea/workflows/prisma-migrate.yaml

@@ -6,10 +6,18 @@ on:
         required: true
         type: string        
         description: Prisma db url secret path in vault for prod
+      PROD_PRISMA_SECRET_DB_DIRECT_PATH:
+        required: true
+        type: string        
+        description: Prisma db url secret path in vault for prod
       DEV_PRISMA_SECRET_DB_PATH:
         required: true
         type: string        
         description: Prisma db url secret path in vault for dev
+      DEV_PRISMA_SECRET_DB_DIRECT_PATH:
+        required: true
+        type: string        
+        description: Prisma db url_direct secret path in vault for dev
     secrets:
       VAULT_TOKEN:
         required: true
@@ -22,8 +30,20 @@ jobs:
       image: catthehacker/ubuntu:act-22.04
     steps:
 
-      - name: Checkout repo
+      - name: Import Common Secrets
-        uses: actions/checkout@v3
+        uses: hashicorp/vault-action@v2
+        with:
+          url: https://vault.project-quest-dev.com
+          token: ${{ secrets.VAULT_TOKEN }}
+          secrets: |
+            cicd/data/submodule token | SUBMODULE_TOKEN   ;
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+          fetch-depth: 0
+          token: ${{ env.SUBMODULE_TOKEN }}
 
       - name: Setup Node
         uses: actions/setup-node@v3
@@ -33,21 +53,25 @@ jobs:
 
       - name: Export secrets for prisma
         run: |
-          if [ "${{ github.ref }}" == "refs/heads/main" ]; then
+          if [ "${{ github.ref }}" = "refs/heads/main" ]; then
             echo "PRISMA_DB_SECRET_PATH=${{ inputs.PROD_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
+            echo "PRISMA_DB_DIRECT_SECRET_PATH=${{ inputs.PROD_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
           else
             echo "PRISMA_DB_SECRET_PATH=${{ inputs.DEV_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
+            echo "PRISMA_DB_DIRECT_SECRET_PATH=${{ inputs.DEV_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
           fi
 
       - name: Import prisma db url
         uses: hashicorp/vault-action@v2
         with:
-          url: https://vault.project-rent-dev.com
+          url: https://vault.project-quest-dev.com
           token: ${{ secrets.VAULT_TOKEN }}
           secrets: |
             ${{ env.PRISMA_DB_SECRET_PATH }} | PRISMA_DB_URL;
+            ${{ env.PRISMA_DB_DIRECT_SECRET_PATH }} | PRISMA_DB_DIRECT_URL;
 
       - name: Apply all pending migrations to the database
         run: npx prisma migrate deploy
         env:
-          DATABASE_URL: ${{ env.PRISMA_DB_URL }}
+          DATABASE_URL: ${{ env.PRISMA_DB_URL }}
+          DIRECT_DATABASE_URL: ${{ env.PRISMA_DB_DIRECT_URL }}