Skip to content

Move hardcoded secrets to environment variables and GitHub Actions secrets #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Move hardcoded secrets to environment variables and GitHub Actions secrets #16

Copilot wants to merge 3 commits into from

Conversation

Copy link

Copilot AI commented Dec 23, 2025
edited
Loading

The repository contained hardcoded API keys and tokens in workflow files and Firebase configuration. This exposes credentials in version control and prevents users from deploying their own instances.

Changes

Environment Variables

  • Added .env.example documenting required Firebase configuration variables
  • Updated services/firebaseService.ts to read from import.meta.env.VITE_FIREBASE_* with fallback to existing values
  • Added .env* patterns to .gitignore

GitHub Actions Secrets

  • .github/workflows/netlify-deploy.yml: Replace hardcoded NETLIFY_AUTH_TOKEN and NETLIFY_SITE_ID with ${{ secrets.* }}
  • .github/workflows/opencode.yml: Replace hardcoded OPENCODE_API_KEY with ${{ secrets.OPENCODE_API_KEY }}

Documentation

  • Updated README.md with environment setup instructions and required GitHub Actions secrets

Usage

Local development:

cp .env.example .env
# Fill in your Firebase credentials
npm run dev

Deployment requires setting these repository secrets:

  • NETLIFY_AUTH_TOKEN
  • NETLIFY_SITE_ID
  • OPENCODE_API_KEY
Original prompt

This section details on the original issue you should resolve

<issue_title>Action and Environment variables setup</issue_title>
<issue_description></issue_description>

Comments on the Issue (you are @copilot in this section)

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI and others added 2 commits December 23, 2025 05:21
@friuns
Setup environment variables and GitHub Actions secrets
3e02af8 
Co-authored-by: friuns <7095563+friuns@users.noreply.github.com>
@friuns
Remove redundant env var definitions in vite.config.ts
4d5673e 
Co-authored-by: friuns <7095563+friuns@users.noreply.github.com>
Copilot AI changed the title [WIP] Setup action and environment variables Move hardcoded secrets to environment variables and GitHub Actions secrets Dec 23, 2025
Copilot AI requested a review from friuns December 23, 2025 05:25
@github-actions github-actions bot to preview December 23, 2025 09:27 Inactive
@github-actions
Copy link

github-actions bot commented Dec 23, 2025

🚀 Netlify Deployment

Deploy URL:

Branch: copilot/setup-action-environment-variables
Commit: 4d5673e

@github-actions
Copy link

github-actions bot commented Dec 23, 2025

🚀 Netlify Deployment

Deploy URL:

Branch: copilot/setup-action-environment-variables
Commit: 3e02af8

@opencode-agent opencode-agent bot mentioned this pull request Dec 26, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@friuns friuns Awaiting requested review from friuns

Assignees

@friuns friuns

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Action and Environment variables setup

2 participants

@friuns