Skip to content

Commit

Permalink
use a base64 encoded private key env variable
Browse files Browse the repository at this point in the history
  • Loading branch information
@helaili
helaili committed May 16, 2024
1 parent caf8f1b commit b2c891e
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 6 deletions.
26 changes: 21 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,33 @@ Create a GitHub App with the following settings:
### Where can this GitHub App be installed?
- Choose `Any account` to use this app for multiple organizations.

After creating the app, note the App ID and download the private key. The private key will be used as the environment variable `PRIVATE_KEY`.
After creating the app, note the App ID and download the private key.

## Environment Variables
## Environment Variables for local development
- `WEBHOOK_SECRET` - The secret used to sign the webhook payload.
- `APP_ID` - The GitHub App ID.
- `PRIVATE_KEY` - The GitHub App private key.

## Local Development
- `AZURE_FUNCTIONS_ENVIRONMENT` - Set to `Development` when running locally to bypass the need for a Webhook Secret.
- `PRIVATE_KEY_FILE` - The path to the private key file for the GitHub App when running locally. Use this instead of `PRIVATE_KEY` when developping locally.

## GitHub Actions Variables and Secrets for deployment
### Environment secrets (for `production` and `staging` environment)
- `WEBHOOK_SECRET` - The secret used to sign the webhook payload.
- `PRIVATE_KEY` - The base64 enconding of the private key file for the GitHub App. Use the output of the following command as the value.
```bash
base64 -i <your app>.private-key.pem
```
### Envionment variables (for `production` and `staging` environment)
- `APP_ID` - The GitHub App ID.
### Repository secret
- `AZURE_CLIENT_ID` - The client ID of the Azure Service Principal.
- `AZURE_TENANT_ID` - The tenant ID of the Azure Service Principal.
- `AZURE_SUBSCRIPTION_ID` - The subscription ID of the Azure Service Principal.
### Repository variables
- `AZURE_RESOURCE_GROUP` - The resource group of the Azure Function App.
- `AZURE_FUNCTION_APP_NAME` - The name of the Azure Function App.



# Test
## Test the local ping service locally
- Run from the debugger or the Azure plugin in VSCode or run `npm start` from the terminal.
Expand Down
2 changes: 1 addition & 1 deletion src/functions/webhook.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ function getPrivateKey() : string {
if (process.env.AZURE_FUNCTIONS_ENVIRONMENT && process.env.AZURE_FUNCTIONS_ENVIRONMENT === 'Development') {
return fs.readFileSync(process.env.PRIVATE_KEY_FILE, 'utf8');
} else {
return process.env.PRIVATE_KEY
return Buffer.from(process.env.PRIVATE_KEY, 'base64').toString('utf8');
}
}

Expand Down

0 comments on commit b2c891e

Please sign in to comment.