Skip to content

feat: incorporate secrets into CI/CD pipeline and runtime configuration#63

Merged
memreo merged 2 commits into
mainfrom
fix/62/migrate-secrets
Jun 15, 2026
Merged

feat: incorporate secrets into CI/CD pipeline and runtime configuration#63
memreo merged 2 commits into
mainfrom
fix/62/migrate-secrets

Conversation

@memreo

@memreo memreo commented Jun 15, 2026

Copy link
Copy Markdown
Collaborator

Summary

Injects MongoDB and Google Gemini API secrets into the CI/CD pipeline and local runtime configuration:

  1. Adds .env to .dockerignore in the Python service to prevent local secrets from being baked into the image.
  2. Updates infra/docker-compose.yml to consume secrets from the host environment at runtime.
  3. Injects workflow-level environment variables in .github/workflows/ci.yml from GitHub repository secrets (MONGODB_URI and GOOGLE_API_KEY).

Component

  • Client: client/
  • API contract: api/
  • Spring ingestion: services/spring-ingestion/
  • Spring logbook: services/spring-logbook/
  • Spring alerts: services/spring-alerts/
  • GenAI: services/py-intelligence/
  • Infrastructure: infra/
  • CI/CD: .github/workflows/
  • Documentation

API Impact

  • This does not change the API.

Testing

  • I tested this locally.
  • I added or updated tests.
  • Tests are not applicable for this change.

Checklist

  • Branch name follows (feat|fix)/(issue_id)/(name_of_issue).
  • The change is limited to the intended component(s).
  • Documentation was updated if needed.

Related Issue

Closes #62

@tahahundekari tahahundekari added ai Pull requests that update code in the GenAI component ci Pull request responsible for continuous integration cd Pull request responsible for continuous deployment infra Pull requests that update infrastructure code. labels Jun 15, 2026
sachmii
sachmii reviewed Jun 15, 2026
View reviewed changes
Comment thread infra/docker-compose.yml
tahahundekari
tahahundekari approved these changes Jun 15, 2026
View reviewed changes

@tahahundekari tahahundekari left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Sorry again for the delay on the secrets for the server-side. Thank you!

@memreo memreo merged commit 11cb601 into main Jun 15, 2026
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tahahundekari tahahundekari tahahundekari approved these changes

@sachmii sachmii sachmii approved these changes

Assignees

@memreo memreo

Labels

ai Pull requests that update code in the GenAI component cd Pull request responsible for continuous deployment ci Pull request responsible for continuous integration infra Pull requests that update infrastructure code.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Move secrets to GitHub Secrets and others.

3 participants

@memreo @tahahundekari @sachmii