Reputation: 1272
How to use secret key of env file in main.dart when deploying flutter web with flutter actions?
I deployed flutter web page with github actions.
I created workflow.yml in .github/workflows/workflow.yml.
name: gh-pages
on:
push:
branches: [main]
jobs:
build:
runs-on: macos-latest
steps:
- uses: actions/checkout@v2
- uses: subosito/flutter-action@v1
- uses: bluefireteam/flutter-gh-pages@v7
with:
baseHref: /onldocc_admin/
But the problem is that It deploys web site based on repository of github.
I can't ignore .env file. If so, deployment fails.
So I've found many sources and people say to use secret actions.
- Github > Settings > Secrets and variables > Actions
I set
Repository Secretsas below.
And mostly people elaborate how to use this key in workflow like below.
name: gh-pages
on:
push:
branches: [main]
jobs:
build:
runs-on: macos-latest
steps:
- uses: actions/checkout@v2
- uses: subosito/flutter-action@v1
- uses: bluefireteam/flutter-gh-pages@v7
with:
baseHref: /onldocc_admin/
- name: Create.env
shell: bash
env:
SUPABASE_URL: ${{ secrets.SUPABASE_URL }}
SUPABASE_ANONKEY: ${{ secrets.SUPABASE_ANONKEY }}
run: |
touch .env
echo SUPABASE_URL=${{ secrets.SUPABASE_URL }} > .env
echo SUPABASE_ANONKEY=${{ secrets.SUPABASE_ANONKEY }} > .env
cat .env
But my questions is I have to use these secret keys in main.dart in flutter project.
final supabaseUrlDebug = dotenv.env["SUPABASE_URL"];
final supabaseAnonKeyDebug = dotenv.env["SUPABASE_ANONKEY"];
await Supabase.initialize(
url: supabaseUrlDebug!,
anonKey: supabaseAnonKeyDebug!,
);
And I need to replace dotenv.env["SUPABASE_URL"] to something else, maybe fetching from secret keys from secret repository.
But I can't find this way anywhere!!
If I upload env file, this is too critical on security issue.
Probably there should be any way to solve this..
Please help me.
Upvotes: 0
Views: 232
Answers (1)
Reputation: 13
use env.json file instead, and while running the application with flutter run use the flag --dart-define-from-file=env.json
In your case:
replace your .env file with
- touch env.json
- echo '{
"SUPABASE_ANONKEY" : "${{ secrets.SUPABASE_URL }}",
"SUPABASE_URL" : "${{ secrets.SUPABASE_ANONKEY }}"
}' > env.json
env.json will look something like
{
"SUPABASE_ANONKEY" : "<YOUR_SUPABASE_ANONKEY>",
"SUPABASE_URL" : "<SUPABASE_URL>"
}
In code use
String.fromEnvironment('SUPABASE_ANONKEY')
String.fromEnvironment('SUPABASE_URL')
finally, add this to run the application.
flutter run --dart-define-from-file=env.json
Upvotes: 0
Related Questions
- Dynamically retrieve GitHub Actions secret
- How to access secrets when using flutter web with github actions
- Github action: [error]Process completed with exit code 1. Trying to push docker image into ecr repo
- github actions – where are the compilation results?
- how to use secrets in github actions without revealing the secret