fix: replace 'source .env' with safe env loader in all scripts
All checks were successful
Deploy to Production / test (push) Successful in 34s
All checks were successful
Deploy to Production / test (push) Successful in 34s
The raw 'source .env' pattern breaks when values contain special bash characters like ) in passwords or database URLs. This caused deploy:remote to fail with 'syntax error near unexpected token )'. Changes: - Created shared/scripts/lib/load-env.sh: reads .env line-by-line with export instead of source, safely handling special characters - Updated db-backup.sh, db-restore.sh, deploy-remote.sh, remote.sh to use the shared loader - Reordered deploy-remote.sh: git pull now runs first (step 1) so the remote always has the latest scripts before running backup (step 2)
This commit is contained in:
syntaxbullet
@@ -9,14 +9,11 @@
|
|||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
# Load environment variables
|
# Load environment variables safely
|
||||||
if [ -f .env ]; then
|
|
||||||
set -a
|
|
||||||
source .env
|
|
||||||
set +a
|
|
||||||
fi
|
|
||||||
|
|
||||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||||
|
source "$SCRIPT_DIR/lib/load-env.sh"
|
||||||
|
load_env
|
||||||
|
|
||||||
PROJECT_DIR="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
PROJECT_DIR="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
||||||
BACKUP_DIR="$PROJECT_DIR/shared/db/backups"
|
BACKUP_DIR="$PROJECT_DIR/shared/db/backups"
|
||||||
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
|
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
|
||||||
|
|||||||
@@ -10,14 +10,10 @@
|
|||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
# Load environment variables
|
# Load environment variables safely
|
||||||
if [ -f .env ]; then
|
|
||||||
set -a
|
|
||||||
source .env
|
|
||||||
set +a
|
|
||||||
fi
|
|
||||||
|
|
||||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||||
|
source "$SCRIPT_DIR/lib/load-env.sh"
|
||||||
|
load_env
|
||||||
|
|
||||||
# Colors
|
# Colors
|
||||||
GREEN='\033[0;32m'
|
GREEN='\033[0;32m'
|
||||||
|
|||||||
@@ -10,12 +10,10 @@
|
|||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
# Load environment variables
|
# Load environment variables safely
|
||||||
if [ -f .env ]; then
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||||
set -a
|
source "$SCRIPT_DIR/lib/load-env.sh"
|
||||||
source .env
|
load_env
|
||||||
set +a
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Colors
|
# Colors
|
||||||
GREEN='\033[0;32m'
|
GREEN='\033[0;32m'
|
||||||
@@ -41,22 +39,22 @@ fi
|
|||||||
|
|
||||||
echo -e "${YELLOW}🚀 Deploying to $VPS_USER@$VPS_HOST:$REMOTE_DIR...${NC}"
|
echo -e "${YELLOW}🚀 Deploying to $VPS_USER@$VPS_HOST:$REMOTE_DIR...${NC}"
|
||||||
|
|
||||||
# Step 1: Database backup (unless skipped)
|
# Step 1: Pull latest code (always first, so remote has the latest scripts)
|
||||||
|
echo -e "\n${YELLOW}⬇️ Step 1/4: Pulling latest changes...${NC}"
|
||||||
|
ssh -t "$VPS_USER@$VPS_HOST" "cd $REMOTE_DIR && git pull"
|
||||||
|
|
||||||
|
# Step 2: Database backup (unless skipped)
|
||||||
if [ "$SKIP_BACKUP" = false ]; then
|
if [ "$SKIP_BACKUP" = false ]; then
|
||||||
echo -e "\n${YELLOW}💾 Step 1/4: Backing up remote database...${NC}"
|
echo -e "\n${YELLOW}💾 Step 2/4: Backing up remote database...${NC}"
|
||||||
ssh -t "$VPS_USER@$VPS_HOST" "cd $REMOTE_DIR && bash shared/scripts/db-backup.sh" || {
|
ssh -t "$VPS_USER@$VPS_HOST" "cd $REMOTE_DIR && bash shared/scripts/db-backup.sh" || {
|
||||||
echo -e "${RED}⚠️ Backup failed. Aborting deployment.${NC}"
|
echo -e "${RED}⚠️ Backup failed. Aborting deployment.${NC}"
|
||||||
echo "Use --skip-backup to deploy without backing up."
|
echo "Use --skip-backup to deploy without backing up."
|
||||||
exit 1
|
exit 1
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
echo -e "\n${YELLOW}⏭️ Step 1/4: Skipping database backup (--skip-backup)${NC}"
|
echo -e "\n${YELLOW}⏭️ Step 2/4: Skipping database backup (--skip-backup)${NC}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Step 2: Pull latest code
|
|
||||||
echo -e "\n${YELLOW}⬇️ Step 2/4: Pulling latest changes...${NC}"
|
|
||||||
ssh -t "$VPS_USER@$VPS_HOST" "cd $REMOTE_DIR && git pull"
|
|
||||||
|
|
||||||
# Step 3: Build production containers
|
# Step 3: Build production containers
|
||||||
echo -e "\n${YELLOW}🏗️ Step 3/4: Building production containers...${NC}"
|
echo -e "\n${YELLOW}🏗️ Step 3/4: Building production containers...${NC}"
|
||||||
ssh -t "$VPS_USER@$VPS_HOST" "cd $REMOTE_DIR && docker compose -f docker-compose.prod.yml build"
|
ssh -t "$VPS_USER@$VPS_HOST" "cd $REMOTE_DIR && docker compose -f docker-compose.prod.yml build"
|
||||||
|
|||||||
38
shared/scripts/lib/load-env.sh
Normal file
38
shared/scripts/lib/load-env.sh
Normal file
@@ -0,0 +1,38 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# =============================================================================
|
||||||
|
# Shared .env loader for Aurora scripts
|
||||||
|
# =============================================================================
|
||||||
|
# Safely loads .env files without using `source`, which breaks on values
|
||||||
|
# containing special bash characters like ), (, !, etc.
|
||||||
|
#
|
||||||
|
# Usage: source shared/scripts/lib/load-env.sh
|
||||||
|
# load_env # loads .env from current directory
|
||||||
|
# load_env .env.test # loads a specific file
|
||||||
|
# =============================================================================
|
||||||
|
|
||||||
|
load_env() {
|
||||||
|
local env_file="${1:-.env}"
|
||||||
|
|
||||||
|
if [ ! -f "$env_file" ]; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
while IFS= read -r line || [ -n "$line" ]; do
|
||||||
|
# Skip comments and empty lines
|
||||||
|
[[ -z "$line" || "$line" =~ ^[[:space:]]*# ]] && continue
|
||||||
|
|
||||||
|
# Skip lines without an = sign
|
||||||
|
[[ "$line" != *"="* ]] && continue
|
||||||
|
|
||||||
|
# Strip leading/trailing whitespace
|
||||||
|
line="${line#"${line%%[![:space:]]*}"}"
|
||||||
|
|
||||||
|
# Remove surrounding quotes from the value (KEY="value" → KEY=value)
|
||||||
|
local key="${line%%=*}"
|
||||||
|
local value="${line#*=}"
|
||||||
|
value="${value#\"}" ; value="${value%\"}"
|
||||||
|
value="${value#\'}" ; value="${value%\'}"
|
||||||
|
|
||||||
|
export "$key=$value"
|
||||||
|
done < "$env_file"
|
||||||
|
}
|
||||||
@@ -9,12 +9,10 @@
|
|||||||
# Usage: ./remote.sh
|
# Usage: ./remote.sh
|
||||||
# =============================================================================
|
# =============================================================================
|
||||||
|
|
||||||
# Load environment variables
|
# Load environment variables safely
|
||||||
if [ -f .env ]; then
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||||
set -a
|
source "$SCRIPT_DIR/lib/load-env.sh"
|
||||||
source .env
|
load_env
|
||||||
set +a
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "$VPS_HOST" ] || [ -z "$VPS_USER" ]; then
|
if [ -z "$VPS_HOST" ] || [ -z "$VPS_USER" ]; then
|
||||||
echo "Error: VPS_HOST and VPS_USER must be set in .env"
|
echo "Error: VPS_HOST and VPS_USER must be set in .env"
|
||||||
|
|||||||
Reference in New Issue
Block a user