From ad3afa9653a123bdfd63b31453b2c0db6b13919b Mon Sep 17 00:00:00 2001
From: Tracey Jaquith <tracey@archive.org>
Date: Sat, 25 Jan 2025 21:03:45 -0800
Subject: [PATCH] another key..

---
 .github/workflows/cicd.yml | 2 +-
 entrypoint.sh              | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index 514d6cb..9e47fa3 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -10,4 +10,4 @@ jobs:
       NO_TEST: true
     secrets:
       NOMAD_TOKEN_EXT: ${{ secrets.NOMAD_TOKEN_EXT }}
-      NOMAD_SECRETS: '{ "APP_ID"="${{ secrets.APP_ID }}", "RSA"="${{ secrets.RSA }}" }'
+      NOMAD_SECRETS: '{ "APP_ID"="${{ secrets.APP_ID }}", "RSA"="${{ secrets.RSA }}", "RSA_PKEY"="${{ secrets.RSA_PKEY }}" }'
diff --git a/entrypoint.sh b/entrypoint.sh
index e2648bd..16e4aca 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -2,13 +2,16 @@
 
 # create our config on-demand from our runtime-only environment variables passed in to us
 
-# the key env var needs to be base64 encoded for transport, and we'll unpack it to:
+# the key env vars need to be base64 encoded for transport, and we'll unpack it to:
 #   "-----BEGIN RSA PRIVATE KEY-----\n[..KEY..]\n-----END RSA PRIVATE KEY-----"
 
 export NODE_ENV=production
 export PORT=80
-export GITHUB_PRIVATE_KEY=$(echo "$RSA" |base64 -d|sed ':a;N;$!ba;s/\n/\\n/g')
 export GITHUB_APP_ID=$APP_ID
+# for this first one, eg: https://travistidwell.com/jsencrypt/demo/
+export RSA_PRIVATE_KEY=$(echo "$RSA_PKEY" |base64 -d|sed ':a;N;$!ba;s/\n/\\n/g')
+export GITHUB_PRIVATE_KEY=$(echo "$RSA" |base64 -d|sed ':a;N;$!ba;s/\n/\\n/g')
+
 
 # cat >| config.production.json <<EOF
 # {