Cleaning up actions (#3)

* fixing actions * removing unused marker vars
muchdogesec · Nov 5, 2024 · 11be710 · 11be710
1 parent 61aa032
commit 11be710
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 54 deletions.
diff --git a/.env.example b/.env.example
@@ -34,7 +34,6 @@ VULMATCH_HOST='http://host.docker.internal:8005'
 VULMATCH_APIKEY= #[OPTIONAL] if using https://app.vulmatch.com
 # file2txt settings
 GOOGLE_VISION_API_KEY= # [REQUIRED -- to extract text from blog images]
-MARKER_API_KEY= # [PLACEHOLDER -- marker not used to convert html in file2txt]
 # R2 storage configuration
 USE_S3_STORAGE=0 # Need to set to 1 to enable
 R2_ENDPOINT_URL= # Looks like https://ID.r2.cloudflarestorage.com

diff --git a/.env.obstracts-web b/.env.obstracts-web
@@ -26,7 +26,6 @@ VULMATCH_APIKEY=
 
 # file2txt settings
 GOOGLE_VISION_API_KEY=
-MARKER_API_KEY=
 
 # R2 storage configuration
 USE_S3_STORAGE=

diff --git a/.github/workflows/deploy-image-production.yml b/.github/workflows/deploy-image-production.yml
@@ -1,7 +1,4 @@
-
-#####
-
-name: Create and publish the Public Docker image for Obstracts Web Production
+name: Create and publish the Docker image for Obstracts Web Production
 description: This workflow builds a Docker image and pushes it to GitHub Container Registry (GHCR) when changes are pushed to the `main` branch. It uses secrets in the `obstracts_production` environment and therefore keeps the visibility as private for the image.
 
 on:
@@ -10,7 +7,7 @@ on:
 
 env:
   REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}_obstracts_production
+  IMAGE_NAME: ${{ github.repository }}_web_production
 
 jobs:
   build-and-push-image:
@@ -50,43 +47,28 @@ jobs:
             #django settings
             DJANGO_SECRET=${{ secrets.DJANGO_SECRET }}
             DJANGO_DEBUG=${{ secrets.DJANGO_DEBUG }}
-
-            #celery settings
             CELERY_BROKER_CONNECTION_RETRY_ON_STARTUP=${{ secrets.CELERY_BROKER_CONNECTION_RETRY_ON_STARTUP }}
-            # obstracts settings
             MAX_PAGE_SIZE=${{ secrets.MAX_PAGE_SIZE }}
             DEFAULT_PAGE_SIZE=${{ secrets.DEFAULT_PAGE_SIZE }}
-
-            # txt2stix settings
             BIN_LIST_API_KEY=${{ secrets.BIN_LIST_API_KEY }}
             OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
             OPENAI_MODEL=${{ secrets.OPENAI_MODEL }}
             INPUT_TOKEN_LIMIT=${{ secrets.INPUT_TOKEN_LIMIT }}
-            INPUT_TOKEN_LIMIT=${{ secrets.INPUT_TOKEN_LIMIT }}
-
-            # CTIBUTLER FOR ATT&CK, CAPEC, CWE, ATLAS, AND LOCATION LOOKUPS
-
             CTIBUTLER_HOST=${{ secrets.CTIBUTLER_HOST }}
             CTIBUTLER_APIKEY=${{ secrets.CTIBUTLER_APIKEY }}
-
-            # VULMATCH FOR CVE AND CPE LOOKUPS
             VULMATCH_HOST=${{ secrets.VULMATCH_HOST }}
             VULMATCH_APIKEY=${{ secrets.VULMATCH_APIKEY }}
-
-            # file2txt settings
             GOOGLE_VISION_API_KEY=${{ secrets.GOOGLE_VISION_API_KEY }}
-            MARKER_API_KEY=${{ secrets.MARKER_API_KEY }}
-
-            # R2 storage configuration
             USE_S3_STORAGE=${{ secrets.USE_S3_STORAGE }}1
             R2_ENDPOINT_URL=${{ secrets.R2_ENDPOINT_URL }}
             R2_BUCKET_NAME=${{ secrets.R2_BUCKET_NAME }}
             R2_ACCESS_KEY=${{ secrets.R2_ACCESS_KEY }}
             R2_SECRET_KEY=${{ secrets.R2_SECRET_KEY }} 
             R2_CUSTOM_DOMAIN=${{ secrets.R2_CUSTOM_DOMAIN }}
+            R2_CUSTOM_DOMAIN=${{ secrets.R2_CUSTOM_DOMAIN }}
       - name: Generate artifact attestation
         uses: actions/attest-build-provenance@v1
         with:
           subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
           subject-digest: ${{ steps.push.outputs.digest }}
-          push-to-registry: true
+          push-to-registry: true
diff --git a/.github/workflows/deploy-image-staging.yml b/.github/workflows/deploy-image-staging.yml
@@ -1,29 +1,23 @@
-#
-name: Create and publish the Public Docker image for Obstracts Web Staging
-description: This workflow builds a Docker image and pushes it to GitHub Container Registry (GHCR) when changes are pushed to the `main` branch. It uses secrets in the `obstracts_staging` environment and therefore keeps the visibility as private for the image.
+name: Create and publish the Docker image for Obstracts Web Staging
+description: This workflow builds a Docker image and pushes it to GitHub Container Registry (GHCR) when changes are pushed to the `staging` branch. It uses secrets in the `obstracts_staging` environment and therefore keeps the visibility as private for the image.
 
-# Configures this workflow to run every time a change is pushed to the branch called `release`.
 on:
   push:
-    branches: ['main']
+    branches: ['staging']
 
-# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
 env:
   REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}_staging
+  IMAGE_NAME: ${{ github.repository }}_web_staging
 
-# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu.
 jobs:
   build-and-push-image:
     runs-on: ubuntu-latest
-    environment: obstracts_web_staging # Specify the GitHub environment here
-    # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
+    environment: obstracts_web_staging
     permissions:
       contents: read
       packages: write
       attestations: write
       id-token: write
-      # 
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -53,34 +47,18 @@ jobs:
             #django settings
             DJANGO_SECRET=${{ secrets.DJANGO_SECRET }}
             DJANGO_DEBUG=${{ secrets.DJANGO_DEBUG }}
-
-            #celery settings
             CELERY_BROKER_CONNECTION_RETRY_ON_STARTUP=${{ secrets.CELERY_BROKER_CONNECTION_RETRY_ON_STARTUP }}
-            # obstracts settings
             MAX_PAGE_SIZE=${{ secrets.MAX_PAGE_SIZE }}
             DEFAULT_PAGE_SIZE=${{ secrets.DEFAULT_PAGE_SIZE }}
-
-            # txt2stix settings
             BIN_LIST_API_KEY=${{ secrets.BIN_LIST_API_KEY }}
             OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
             OPENAI_MODEL=${{ secrets.OPENAI_MODEL }}
             INPUT_TOKEN_LIMIT=${{ secrets.INPUT_TOKEN_LIMIT }}
-            INPUT_TOKEN_LIMIT=${{ secrets.INPUT_TOKEN_LIMIT }}
-
-            # CTIBUTLER FOR ATT&CK, CAPEC, CWE, ATLAS, AND LOCATION LOOKUPS
-
             CTIBUTLER_HOST=${{ secrets.CTIBUTLER_HOST }}
             CTIBUTLER_APIKEY=${{ secrets.CTIBUTLER_APIKEY }}
-
-            # VULMATCH FOR CVE AND CPE LOOKUPS
             VULMATCH_HOST=${{ secrets.VULMATCH_HOST }}
             VULMATCH_APIKEY=${{ secrets.VULMATCH_APIKEY }}
-
-            # file2txt settings
             GOOGLE_VISION_API_KEY=${{ secrets.GOOGLE_VISION_API_KEY }}
-            MARKER_API_KEY=${{ secrets.MARKER_API_KEY }}
-
-            # R2 storage configuration
             USE_S3_STORAGE=${{ secrets.USE_S3_STORAGE }}1
             R2_ENDPOINT_URL=${{ secrets.R2_ENDPOINT_URL }}
             R2_BUCKET_NAME=${{ secrets.R2_BUCKET_NAME }}
@@ -92,4 +70,4 @@ jobs:
         with:
           subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
           subject-digest: ${{ steps.push.outputs.digest }}
-          push-to-registry: true
+          push-to-registry: true
diff --git a/Dockerfile.deploy b/Dockerfile.deploy
@@ -18,7 +18,6 @@ ARG CTIBUTLER_APIKEY=
 ARG VULMATCH_HOST=
 ARG VULMATCH_APIKEY=
 ARG GOOGLE_VISION_API_KEY=
-ARG MARKER_API_KEY=
 ARG USE_S3_STORAGE=
 ARG R2_ENDPOINT_URL=
 ARG R2_BUCKET_NAME=
@@ -42,7 +41,6 @@ ENV VULMATCH_HOST=${VULMATCH_HOST}
 ENV VULMATCH_APIKEY=${VULMATCH_APIKEY}
 ENV GOOGLE_VISION_API_KEY=${GOOGLE_VISION_API_KEY}
 ENV USE_S3_STORAGE=${USE_S3_STORAGE}
-ENV MARKER_API_KEY=${MARKER_API_KEY}
 ENV R2_ENDPOINT_URL=${R2_ENDPOINT_URL}
 ENV R2_BUCKET_NAME=${R2_BUCKET_NAME}
 ENV R2_ACCESS_KEY=${R2_ACCESS_KEY}