From c1c45cbe1a8acc6feaa5182cc0f908626e0e51e6 Mon Sep 17 00:00:00 2001 From: Gagan Trivedi Date: Wed, 6 Dec 2023 18:44:36 +0530 Subject: [PATCH] fix(api-deploy/action.yml): Write the PGP key correctly (#3099) --- .github/actions/api-deploy-ecs/action.yml | 9 +++++++-- .github/workflows/api-deploy-production-ecs.yml | 2 +- .github/workflows/api-deploy-staging-ecs.yml | 2 +- api/app/settings/common.py | 2 +- api/app_analytics/views.py | 3 +-- 5 files changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/actions/api-deploy-ecs/action.yml b/.github/actions/api-deploy-ecs/action.yml index 10b94d1d104f..4e8c59dc61c1 100644 --- a/.github/actions/api-deploy-ecs/action.yml +++ b/.github/actions/api-deploy-ecs/action.yml @@ -144,6 +144,13 @@ runs: id: login-ecr uses: aws-actions/amazon-ecr-login@v1 + - name: Write PGP key to a file + run: | + cat << EOF > sse_pgp_pkey + ${{ inputs.sse_pgp_private_key }} + EOF + shell: bash + - name: Build, tag, and push image to Amazon ECR id: build-image env: @@ -151,8 +158,6 @@ runs: ECR_REPOSITORY: ${{ inputs.aws_ecr_repository_arn }} DOCKER_BUILDKIT: '1' run: | - echo "Load pgp private key" - cat <<< ${{ input.sse_pgp_private_key }} > sse_pgp_pkey echo "Building docker image with URL: " echo $ECR_REPOSITORY:$IMAGE_TAG docker build --secret id=sse_pgp_pkey,src=./sse_pgp_pkey -t $ECR_REPOSITORY:$IMAGE_TAG -f api/Dockerfile --build-arg SAML_INSTALLED=1 --build-arg POETRY_OPTS="--with saml,auth-controller" . diff --git a/.github/workflows/api-deploy-production-ecs.yml b/.github/workflows/api-deploy-production-ecs.yml index 2a86d51d349f..1340568b1323 100644 --- a/.github/workflows/api-deploy-production-ecs.yml +++ b/.github/workflows/api-deploy-production-ecs.yml @@ -40,6 +40,7 @@ jobs: flagsmith_workflows_revision: v1.2.5 flagsmith_auth_controller_revision: v0.0.1 flagsmith_rbac_revision: v0.4.1 + sse_pgp_private_key: ${{ secrets.SSE_PGP_PRIVATE_KEY }} - name: Deploy task processor to Production uses: ./.github/actions/task-processor-deploy-ecs @@ -50,7 +51,6 @@ jobs: aws_ecs_service_name: flagsmith-task-processor-svc-eu-west-2-bf77140 aws_task_definitions_directory_path: infrastructure/aws/production api_ecr_image_url: ${{ steps.deploy-api.outputs.api_ecr_image_url }} - sse_pgp_private_key: ${{ secrets.SSE_PGP_PRIVATE_KEY }} run-tests: runs-on: ubuntu-latest diff --git a/.github/workflows/api-deploy-staging-ecs.yml b/.github/workflows/api-deploy-staging-ecs.yml index 193b01d721c0..b0d680f7a303 100644 --- a/.github/workflows/api-deploy-staging-ecs.yml +++ b/.github/workflows/api-deploy-staging-ecs.yml @@ -41,6 +41,7 @@ jobs: flagsmith_workflows_revision: v1.2.5 flagsmith_auth_controller_revision: v0.0.1 flagsmith_rbac_revision: v0.4.1 + sse_pgp_private_key: ${{ secrets.SSE_PGP_PRIVATE_KEY }} - name: Deploy task processor to Staging uses: ./.github/actions/task-processor-deploy-ecs @@ -51,7 +52,6 @@ jobs: aws_ecs_service_name: flagsmith-task-processor-svc-eu-west-2-792c644 aws_task_definitions_directory_path: infrastructure/aws/staging api_ecr_image_url: ${{ steps.deploy-api.outputs.api_ecr_image_url }} - sse_pgp_private_key: ${{ secrets.SSE_PGP_PRIVATE_KEY }} run-tests: runs-on: ubuntu-latest diff --git a/api/app/settings/common.py b/api/app/settings/common.py index 865d66b3aef6..2fffa90ec2f2 100644 --- a/api/app/settings/common.py +++ b/api/app/settings/common.py @@ -294,7 +294,7 @@ MIDDLEWARE.append("app_analytics.middleware.InfluxDBMiddleware") if USE_POSTGRES_FOR_ANALYTICS: - if INFLUXDB_TOKEN: + if INFLUXDB_BUCKET: raise RuntimeError("Cannot use both InfluxDB and Postgres for analytics") MIDDLEWARE.append("app_analytics.middleware.APIUsageMiddleware") diff --git a/api/app_analytics/views.py b/api/app_analytics/views.py index 4ae82b640e80..5ce7246213b4 100644 --- a/api/app_analytics/views.py +++ b/api/app_analytics/views.py @@ -75,8 +75,7 @@ def post(self, request, *args, **kwargs): ) if settings.USE_POSTGRES_FOR_ANALYTICS: track_feature_evaluation.delay(args=(request.environment.id, request.data)) - - if settings.INFLUXDB_TOKEN: + elif settings.INFLUXDB_TOKEN: track_feature_evaluation_influxdb(request.environment.id, request.data) return Response(status=status.HTTP_200_OK)