Add Your Real GitHub Actions Secrets 🔐

Let's add Secrets for staging and production.

Adding Secrets

Use the exact names as provided. The values are hidden since they're secret, but I'll guide you on where to obtain them. Note that our CDK code generates values for each secret.

Common Variables (Yellow):

• AWS_OIDC_DEPLOY_ROLE: The role used for OIDC deployments.

  Value: githubOIDCDeployRole

• DB_PORT: The port on which the database is running. From CDK .env.

  Value: 5432

• PORT: Application port number. From CDK .env.

  Value: 4000

Production Variables (Green):

• PROD_AWS_ACCOUNT_ID: Get this from AWS_ACCOUNT_ID in the Production section of your CDK .env file.

• PROD_DB_HOST: Hostname for the production database.

• PROD_DB_NAME: The name of the production database.

• PROD_DB_PWD: The password for the production database.

• PROD_DB_SECRET_NAME: The name of the secret storing production database credentials.

• PROD_DB_USERNAME: The username for the production database.

  1. To grab the values for DB, Log in to your production account, go to Secrets Manager in the AWS Management Console, and select the secret name.

  

  2. Click on the Retrieve secret value.

  

  3. Copy paste each value.

  

  4. Copy the value for PROD_DB_SECRET_NAME.

  

• PROD_EC2_INSTANCE_ID: The EC2 instance ID to connect to the Database.

  1. Go to EC2 in the AWS Management Console.

  2. Select Instances (running)

  

  3. Copy the Instance ID

  

Staging Variables (Blue):

Switch to your staging account and repeat the process.

• STAGING_AWS_ACCOUNT_ID: Get this from AWS_ACCOUNT_ID in the Staging section of your CDK .env file.
• STAGING_DB_HOST: Hostname for the staging database.
• STAGING_DB_NAME: The name of the staging database.
• STAGING_DB_PWD: The password for the staging database.
• STAGING_DB_SECRET_NAME: The name of the secret storing staging database credentials.
• STAGING_DB_USERNAME: The username for the staging database.
• STAGING_EC2_INSTANCE_ID: The EC2 instance ID for the staging environment.