Change some security things

Author: Jouca

.github/scripts/check_realtime_feeds.py

@@ -7,6 +7,7 @@
 import json
 import sys
 import time
+import os
 from pathlib import Path
 from typing import Dict, List, Tuple
 from urllib.parse import urlparse
@@ -35,7 +36,16 @@ def load_realtime_data(file_path: str = "realtime.json") -> Dict:
     """Load and parse the realtime.json file"""
     try:
         with open(file_path, 'r', encoding='utf-8') as f:
-            return json.load(f)
+            content = f.read()
+            
+        # Replace API key placeholders with environment variables
+        jp_api_key = os.environ.get('JP_API_KEY', '')
+        jp_challenge_api_key = os.environ.get('JP_CHALLENGE_API_KEY', '')
+        
+        content = content.replace('{{{JP_API_KEY}}}', jp_api_key)
+        content = content.replace('{{{JP_CHALLENGE_API_KEY}}}', jp_challenge_api_key)
+        
+        return json.loads(content)
     except FileNotFoundError:
         print(f"{Colors.RED}Error: {file_path} not found{Colors.RESET}")
         sys.exit(1)

.github/workflows/deploy.yml

@@ -27,6 +27,9 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Check Realtime feeds
+        env:
+          JP_API_KEY: ${{ secrets.JP_API_KEY }}
+          JP_CHALLENGE_API_KEY: ${{ secrets.JP_CHALLENGE_API_KEY }}
         run: python .github/scripts/check_realtime_feeds.py
 
   deploy:
@@ -37,6 +40,14 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v6
 
+      - name: Replace API keys in realtime.json
+        env:
+          JP_API_KEY: ${{ secrets.JP_API_KEY }}
+          JP_CHALLENGE_API_KEY: ${{ secrets.JP_CHALLENGE_API_KEY }}
+        run: |
+          sed -i "s/{{{JP_API_KEY}}}/$JP_API_KEY/g" realtime.json
+          sed -i "s/{{{JP_CHALLENGE_API_KEY}}}/$JP_CHALLENGE_API_KEY/g" realtime.json
+
       - name: Set up SSH key
         uses: webfactory/ssh-agent@v0.9.0
         with: