diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 774fad7b7..131e3b99a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -287,7 +287,17 @@ jobs: - name: 🎈 Setup Fly uses: superfly/flyctl-actions/setup-flyctl@1.5 + - name: 🔐 Set Production Secrets + if: ${{ env.FLY_API_TOKEN }} + run: | + flyctl secrets --app ${{ steps.app_name.outputs.value }} set \ + SESSION_SECRET=${{ secrets.SESSION_SECRET }} \ + HONEYPOT_SECRET=${{ secrets.HONEYPOT_SECRET }} \ + SENTRY_DSN=${{ secrets.SENTRY_DSN }} \ + RESEND_API_KEY=${{ secrets.RESEND_API_KEY }} + - name: 🚀 Deploy Production + if: ${{ env.FLY_API_TOKEN }} run: | flyctl deploy \ --image "registry.fly.io/${{ steps.app_name.outputs.value }}:${{ github.sha }}" diff --git a/docs/deployment.md b/docs/deployment.md index 2cec5a64e..746168dbe 100644 --- a/docs/deployment.md +++ b/docs/deployment.md @@ -67,11 +67,21 @@ Prior to your first deployment, you'll need to do a few things: gh secret set FLY_API_TOKEN --body "" ``` -- Add a `SESSION_SECRET` and `HONEYPOT_SECRET` to your fly app secrets for - production: +- Add `SESSION_SECRET` and `HONEYPOT_SECRET` to GitHub secrets for production + and staging: ```sh - fly secrets set SESSION_SECRET=$(openssl rand -hex 32) HONEYPOT_SECRET=$(openssl rand -hex 32) + # Generate random secrets + SESSION_SECRET=$(openssl rand -hex 32) + HONEYPOT_SECRET=$(openssl rand -hex 32) + + # Set GitHub secrets for production environment + gh secret set SESSION_SECRET -e production --body "$SESSION_SECRET" + gh secret set HONEYPOT_SECRET -e production --body "$HONEYPOT_SECRET" + + # Set GitHub secrets for staging environment + gh secret set SESSION_SECRET -e staging --body "$SESSION_SECRET" + gh secret set HONEYPOT_SECRET -e staging --body "$HONEYPOT_SECRET" ``` > **Note**: If you don't have openssl installed, you can also use diff --git a/docs/email.md b/docs/email.md index e39525d38..a2b403e87 100644 --- a/docs/email.md +++ b/docs/email.md @@ -9,14 +9,18 @@ email provider) setup. > variables. Create [an API Key](https://resend.com/api-keys) and set `RESEND_API_KEY` in -both prod and staging: +GitHub secrets for both production and staging: ```sh -fly secrets set RESEND_API_KEY="re_blAh_blaHBlaHblahBLAhBlAh" --app [YOUR_APP_NAME] -# See how to install gh: https://cli.github.com/ +# Set GitHub secret for production environment +gh secret set RESEND_API_KEY -e production --body "re_blAh_blaHBlaHblahBLAhBlAh" + +# Set GitHub secret for staging environment gh secret set RESEND_API_KEY -e staging --body "re_blAh_blaHBlaHblahBLAhBlAh" ``` +> **Note**: See how to install gh: https://cli.github.com/ + Setup a [custom sending domain](https://resend.com/domains) and then make sure to update the `from` email address in `app/utils/email.server.ts` and the `expect(email.from).toBe` in `tests/e2e/onboarding.test.ts` to the one you want diff --git a/docs/monitoring.md b/docs/monitoring.md index 2c5f95a39..e2a453beb 100644 --- a/docs/monitoring.md +++ b/docs/monitoring.md @@ -23,15 +23,19 @@ filling out the signup form. ## Setting up the sentry-vite plugin Once you see the onboarding page which has the DSN, copy that somewhere (this -becomes `SENTRY_DSN`). Now, set the sentry dsn secret for production and -staging: +becomes `SENTRY_DSN`). Now, set the sentry dsn secret in GitHub secrets for both +production and staging: ```sh -fly secrets set SENTRY_DSN= --app [YOUR_APP_NAME] -# See how to install gh: https://cli.github.com/ +# Set GitHub secret for production environment +gh secret set SENTRY_DSN -e production --body "" + +# Set GitHub secret for staging environment gh secret set SENTRY_DSN -e staging --body "" ``` +> **Note**: See how to install gh: https://cli.github.com/ + See the guides for React Router v7 [here(library)](https://docs.sentry.io/platforms/javascript/guides/react/features/react-router/v7/) and