Skip to content

Commit d4b0b6d

Browse files
authored
adding in secret env vars and scoping existing env vars more specifically (#513)
1 parent c1f5424 commit d4b0b6d

File tree

1 file changed

+11
-3
lines changed

1 file changed

+11
-3
lines changed

.github/workflows/hugo.yaml

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,7 @@ env:
2020
COMPONENTS_BUILD: true
2121
CACHE_LOCATION: ./.htmltest/refcache.json
2222
DOCKER_RUN_FLAGS: "--rm"
23-
S3_BUCKET_NAME: docs.prod.cloudposse.org
24-
ALGOLIA_INDEX_NAME: prod
2523
HUGO_URL: https://docs.cloudposse.com/
26-
CF_API_EMAIL: ops@cloudposse.com
2724

2825
jobs:
2926
hugo-build:
@@ -52,10 +49,21 @@ jobs:
5249
run: make real-clean smoketest
5350
- name: "Push Site to S3"
5451
if: github.event_name == 'release' && github.event.action == 'published'
52+
env:
53+
S3_BUCKET_NAME: docs.prod.cloudposse.org
54+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
55+
AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }}
5556
run: make deploy
5657
- name: "Push New Index to Algolia"
5758
if: github.event_name == 'release' && github.event.action == 'published'
59+
env:
60+
ALGOLIA_INDEX_NAME: prod
61+
ALGOLIA_APP_ID: ${{ secrets.ALGOLIA_APP_ID }}
62+
ALGOLIA_ADMIN_KEY: ${{ secrets.ALGOLIA_ADMIN_KEY }}
5863
run: make reindex
5964
- name: "Update Cloudflare Cache"
6065
if: github.event_name == 'release' && github.event.action == 'published'
66+
env:
67+
CF_API_EMAIL: ops@cloudposse.com
68+
CF_API_KEY: ${{ secrets.CF_API_KEY }}
6169
run: make invalidate-cache

0 commit comments

Comments
 (0)