From 6fcdb059253aa519177a96922a2609a10cd7e122 Mon Sep 17 00:00:00 2001
From: Joooye_34 <joooye1991@gmail.com>
Date: Tue, 31 Oct 2023 00:12:17 +0800
Subject: [PATCH] chore(server): add stripe env

---
 .github/actions/deploy/deploy.mjs                      |  4 ++++
 .../affine/charts/graphql/templates/deployment.yaml    | 10 ++++++++++
 .../helm/affine/charts/graphql/templates/payment.yml   |  8 ++++++++
 .github/helm/affine/charts/graphql/values.yaml         |  5 +++++
 .github/workflows/deploy.yml                           |  2 ++
 5 files changed, 29 insertions(+)
 create mode 100644 .github/helm/affine/charts/graphql/templates/payment.yml

diff --git a/.github/actions/deploy/deploy.mjs b/.github/actions/deploy/deploy.mjs
index b38c117e39..8cb74a05f5 100644
--- a/.github/actions/deploy/deploy.mjs
+++ b/.github/actions/deploy/deploy.mjs
@@ -25,6 +25,8 @@ const {
   GCLOUD_CLOUD_SQL_INTERNAL_ENDPOINT,
   REDIS_HOST,
   REDIS_PASSWORD,
+  STRIPE_API_KEY,
+  STRIPE_WEBHOOK_KEY,
 } = process.env;
 
 // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
@@ -96,6 +98,8 @@ const createHelmCommand = ({ isDryRun }) => {
     `--set-string graphql.app.oauth.google.enabled=true`,
     `--set-string graphql.app.oauth.google.clientId="${AFFINE_GOOGLE_CLIENT_ID}"`,
     `--set-string graphql.app.oauth.google.clientSecret="${AFFINE_GOOGLE_CLIENT_SECRET}"`,
+    `--set-string graphql.app.payment.stripe.apiKey="${STRIPE_API_KEY}"`,
+    `--set-string graphql.app.payment.stripe.webhookKey="${STRIPE_WEBHOOK_KEY}"`,
     `--set        graphql.app.experimental.enableJwstCodec=true`,
     `--set        sync.replicaCount=${syncReplicaCount}`,
     `--set-string sync.image.tag="${imageTag}"`,
diff --git a/.github/helm/affine/charts/graphql/templates/deployment.yaml b/.github/helm/affine/charts/graphql/templates/deployment.yaml
index efb6799100..295a226839 100644
--- a/.github/helm/affine/charts/graphql/templates/deployment.yaml
+++ b/.github/helm/affine/charts/graphql/templates/deployment.yaml
@@ -100,6 +100,16 @@ spec:
               secretKeyRef:
                 name: "{{ .Values.app.oauth.email.secretName }}"
                 key: password
+          - name: STRIPE_API_KEY
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.app.payment.stripe.secretName }}"
+                key: stripeAPIKey
+          - name: STRIPE_WEBHOOK_KEY
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.app.payment.stripe.secretName }}"
+                key: stripeWebhookKey
           - name: DOC_MERGE_INTERVAL
             value: "{{ .Values.app.doc.mergeInterval }}"
           {{ if .Values.app.experimental.enableJwstCodec }}
diff --git a/.github/helm/affine/charts/graphql/templates/payment.yml b/.github/helm/affine/charts/graphql/templates/payment.yml
new file mode 100644
index 0000000000..ec89e0201f
--- /dev/null
+++ b/.github/helm/affine/charts/graphql/templates/payment.yml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ .Values.app.payment.stripe.secretName }}"
+type: Opaque
+data:
+  stripeAPIKey: "{{ .Values.app.payment.stripe.apiKey | b64enc }}"
+  stripeWebhookKey: "{{ .Values.app.payment.stripe.webhookKey | b64enc }}"
diff --git a/.github/helm/affine/charts/graphql/values.yaml b/.github/helm/affine/charts/graphql/values.yaml
index 41d5448434..4aacb499fd 100644
--- a/.github/helm/affine/charts/graphql/values.yaml
+++ b/.github/helm/affine/charts/graphql/values.yaml
@@ -53,6 +53,11 @@ app:
       secretName: oauth-github
       clientId: ''
       clientSecret: ''
+  payment:
+    stripe:
+      secretName: 'stripe'
+      apiKey: ''
+      webhookKey: ''
 
 serviceAccount:
   create: true
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index ead24994cf..9e5a119d6b 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -247,3 +247,5 @@ jobs:
           REDIS_HOST: ${{ secrets.REDIS_HOST }}
           REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD }}
           CLOUD_SQL_IAM_ACCOUNT: ${{ secrets.CLOUD_SQL_IAM_ACCOUNT }}
+          STRIPE_API_KEY: ${{ secrets.STRIPE_API_KEY }}
+          STRIPE_WEBHOOK_KEY: ${{ secrets.STRIPE_WEBHOOK_KEY }}