fix(ci): auto-generate CALENDAR_ENCRYPTION_KEY in prod env

Adds a step to the CD pipeline that ensures CALENDAR_ENCRYPTION_KEY exists in .env.macmini, generating one if missing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-14 20:01:09 +02:00 · 2026-03-15 09:07:52 +01:00 · 2026-03-15 09:07:52 +01:00 · 7bb4b1dd5b
commit 7bb4b1dd5b
parent 2ac05ef4aa
1 changed files with 9 additions and 0 deletions
--- a/.github/workflows/cd-macmini.yml
+++ b/.github/workflows/cd-macmini.yml
@ -152,6 +152,15 @@ jobs:
          cd "${{ env.PROJECT_DIR }}"
          git pull origin main

+      - name: Ensure env vars exist
+        run: |
+          cd "${{ env.PROJECT_DIR }}"
+          # Add CALENDAR_ENCRYPTION_KEY if not present
+          if ! grep -q "CALENDAR_ENCRYPTION_KEY" "${{ env.ENV_FILE }}" 2>/dev/null; then
+            echo "CALENDAR_ENCRYPTION_KEY=$(openssl rand -base64 32)" >> "${{ env.ENV_FILE }}"
+            echo "Added CALENDAR_ENCRYPTION_KEY to ${{ env.ENV_FILE }}"
+          fi
+
      - name: Determine services to deploy
        id: services
        run: |