This repository has been archived by the owner on Nov 8, 2023. It is now read-only.
generated from actions/typescript-action
-
Notifications
You must be signed in to change notification settings - Fork 11
/
main.ts
95 lines (87 loc) · 2.94 KB
/
main.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
import * as core from '@actions/core'
import jwt from 'jsonwebtoken'
import {createClient} from 'fly-admin'
import {deployInfrastructure, FlyConfig, FlyConfigSecrets} from './deploy'
const generate_jwt = (
jwt_secret: string,
ref: string
): Pick<
FlyConfigSecrets,
'admin_api_key' | 'anon_key' | 'service_role_key'
> => {
const options = {expiresIn: '10y'}
const admin_jwt = {iss: 'supabase', ref, role: 'supabase_admin'}
const admin_api_key = jwt.sign(admin_jwt, jwt_secret, options)
const anon_jwt = {iss: 'supabase', ref, role: 'anon'}
const anon_key = jwt.sign(anon_jwt, jwt_secret, options)
const service_jwt = {iss: 'supabase', ref, role: 'service_role'}
const service_role_key = jwt.sign(service_jwt, jwt_secret, options)
return {admin_api_key, anon_key, service_role_key}
}
const getProjectRef = (url?: string): string => {
if (url) {
return url.split('.')[0]
}
// Fallback to git repo and branch
const repo = process.env.GITHUB_REPOSITORY?.replace('/', '-') ?? 'fly-preview'
const branch = process.env.GITHUB_HEAD_REF || 'main'
return `${repo}-${branch}`
}
async function run(): Promise<void> {
if (!process.env.FLY_API_TOKEN) {
return core.setFailed('missing required env: FLY_API_TOKEN')
}
try {
const fly = createClient(process.env.FLY_API_TOKEN)
const ref = getProjectRef(
process.env.NEXT_PUBLIC_SUPABASE_URL
).toLowerCase()
console.log('Cleaning up existing deployments:', ref)
try {
await fly.App.deleteApp(ref)
} catch (error) {
// App not found
}
console.log('Generating JWT tokens')
const jwt_secret =
process.env.SUPABASE_AUTH_JWT_SECRET ||
'super-secret-jwt-token-with-at-least-32-characters-long'
const jwt_tokens = generate_jwt(jwt_secret, ref)
// Initialise fly config
const config: FlyConfig = {
name: ref,
region: process.env.FLY_MACHINE_REGION || 'sin',
size: process.env.FLY_MACHINE_SIZE || 'shared-cpu-4x',
image: 'supabase/postgres:aio-15.1.0.91',
project_ref: ref,
volume_size_gb: 1,
secrets: {
postgres_password: process.env.SUPABASE_DB_PASSWORD || 'postgres',
jwt_secret,
admin_api_key: jwt_tokens.admin_api_key,
anon_key: process.env.SUPABASE_AUTH_ANON_KEY ?? jwt_tokens.anon_key,
service_role_key:
process.env.SUPABASE_AUTH_SERVICE_ROLE_KEY ??
jwt_tokens.service_role_key
},
env: {
PROJECT_REF: ref
}
}
console.log('Deploying fly project')
try {
await deployInfrastructure(fly, config)
} catch (error) {
console.log(error)
await fly.App.deleteApp(ref)
throw error
}
// Dumps action output
core.setOutput('anon_key', config.secrets.anon_key)
core.setOutput('service_role_key', config.secrets.service_role_key)
core.setOutput('hostname', `${config.name}.fly.dev`)
} catch (error) {
if (error instanceof Error) core.setFailed(error.message)
}
}
run()