From 42d799684dd7c9bad9e06bd14a19999234863969 Mon Sep 17 00:00:00 2001 From: Zefek <32429493+Zefek@users.noreply.github.com> Date: Sun, 3 May 2026 21:12:22 +0200 Subject: [PATCH 1/5] Enhance Windows config step with secrets handling Updated Windows configuration step to include secret management and deployment script execution. --- .github/workflows/deployment.yml | 43 +++++++++++++++++++++++++++++--- 1 file changed, 40 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index b304553..77ef325 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -28,10 +28,47 @@ jobs: - name: Set configs (Windows) shell: powershell - run: | - $env:CONFIG_H | Out-File -Encoding ascii config.h env: - CONFIG_H: ${{ secrets.CONFIG_H }} + SECRETS_SHARE_PATH: ${{ secrets.SECRETS_SHARE_PATH }} + SECRETS_SHARE_USER: ${{ secrets.SECRETS_SHARE_USER }} + SECRETS_SHARE_PASS: ${{ secrets.SECRETS_SHARE_PASS }} + SECRETS_REPO_NAME: ${{ secrets.SECRETS_REPO_NAME }} + DEVICE_NAME: LSSensor + run: | + $ErrorActionPreference = 'Stop' + $secretsDir = Join-Path $env:RUNNER_TEMP 'secrets' + $mounted = $false + + try { + # Mount SMB share with read-only credentials + & net.exe use 'Z:' $env:SECRETS_SHARE_PATH /user:$env:SECRETS_SHARE_USER $env:SECRETS_SHARE_PASS | Out-Null + if ($LASTEXITCODE -ne 0) { throw "Failed to mount SMB share (exit $LASTEXITCODE)" } + $mounted = $true + + # Clone Configuration repo from the share + if (Test-Path $secretsDir) { Remove-Item $secretsDir -Recurse -Force } + $repoSource = if ($env:SECRETS_REPO_NAME) { "Z:\$env:SECRETS_REPO_NAME" } else { 'Z:\' } + git clone --depth=1 $repoSource $secretsDir + if ($LASTEXITCODE -ne 0) { throw "git clone failed (exit $LASTEXITCODE)" } + + # Run per-device deploy script + $deployScript = Join-Path $secretsDir "$env:DEVICE_NAME\deploy.ps1" + if (-not (Test-Path $deployScript)) { throw "deploy.ps1 not found at $deployScript" } + + & $deployScript -OutputDir $env:GITHUB_WORKSPACE + if ($LASTEXITCODE -ne 0) { throw "deploy.ps1 failed (exit $LASTEXITCODE)" } + } + finally { + # Always clean up - whether the try block succeeded, threw, or was interrupted + if (Test-Path $secretsDir) { + Remove-Item $secretsDir -Recurse -Force -ErrorAction SilentlyContinue + } + if ($mounted) { + & net.exe use 'Z:' /delete /yes | Out-Null + } + # cleanup is best-effort; do not fail the step on a stale exit code + $global:LASTEXITCODE = 0 + } - name: Compile Arduino project run: | From 71938ae178629b31d594e681f59aefddccc7123d Mon Sep 17 00:00:00 2001 From: Zefek <32429493+Zefek@users.noreply.github.com> Date: Sun, 3 May 2026 21:18:26 +0200 Subject: [PATCH 2/5] Remove default WiFi and MQTT credentials Removed default WiFi and MQTT configuration defines. --- config_default.h | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/config_default.h b/config_default.h index c9885e9..48c4703 100644 --- a/config_default.h +++ b/config_default.h @@ -1,9 +1 @@ -#define WifiSSID "WifiSSID" -#define WifiPassword "WifiPassword" -#define MQTTUsername "MQTTUsername" - -#define MQTTPassword "MQTTPassword" - -#define MQTTHost "MQTTHost" - -#define ELCONSUMPTION "ELCONSUMPTION" \ No newline at end of file +#define ELCONSUMPTION "ELCONSUMPTION" From 136a63423d918d4f5c677d5bf174808d28b2f394 Mon Sep 17 00:00:00 2001 From: Zefek <32429493+Zefek@users.noreply.github.com> Date: Sun, 3 May 2026 21:18:48 +0200 Subject: [PATCH 3/5] Add default configuration for WiFi and MQTT --- secret_default.h | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 secret_default.h diff --git a/secret_default.h b/secret_default.h new file mode 100644 index 0000000..95b1378 --- /dev/null +++ b/secret_default.h @@ -0,0 +1,5 @@ +#define WifiSSID "WifiSSID" +#define WifiPassword "WifiPassword" +#define MQTTUsername "MQTTUsername" +#define MQTTPassword "MQTTPassword" +#define MQTTHost "MQTTHost" From 83283383133da15b44c608f067d4d31350011f4b Mon Sep 17 00:00:00 2001 From: Zefek <32429493+Zefek@users.noreply.github.com> Date: Sun, 3 May 2026 21:19:06 +0200 Subject: [PATCH 4/5] Update LSSensor.ino --- LSSensor.ino | 1 + 1 file changed, 1 insertion(+) diff --git a/LSSensor.ino b/LSSensor.ino index f88a088..92f0395 100644 --- a/LSSensor.ino +++ b/LSSensor.ino @@ -2,6 +2,7 @@ #include #include #include "config.h" +#include "secret.h" #include #define LSSensorPIN1 2 From 87dfcba1e3f6bb55091d8493f077cd389a9720ee Mon Sep 17 00:00:00 2001 From: Zefek <32429493+Zefek@users.noreply.github.com> Date: Sun, 3 May 2026 21:19:45 +0200 Subject: [PATCH 5/5] Add step to copy secret_default.h to secret.h --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 258232f..17fb98b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -32,6 +32,7 @@ jobs: - name: Set configs run: | cp config_default.h config.h + cp secret_default.h secret.h - name: Compile Arduino project run: |