From 956045b588cb7143f20c201e52c5c37ead0d89aa Mon Sep 17 00:00:00 2001
From: Aarnav Tale <aarnavtale@icloud.com>
Date: Mon, 22 Jul 2024 11:44:26 -0400
Subject: [PATCH] fix: update rust and use hashicorp vault

---
 .github/workflows/deploy.yaml | 15 +++++++++++++++
 Dockerfile                    |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 325a181..7ee39ef 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -8,10 +8,24 @@ jobs:
   build:
     name: Build
     runs-on: self-hosted
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - name: Check out the repo
         uses: actions/checkout@v4
 
+      - name: Import secrets
+        id: secrets
+        uses: hashicorp/vault-action@v2
+        with:
+          method: 'jwt'
+          url: ${{ vars.HASHICORP_VAULT_URL }}
+          role: ${{ vars.HASHICORP_VAULT_ROLE }}
+          jwtGithubAudience: ${{ vars.HASHICORP_VAULT_AUD }}
+          secrets: |
+            /kv/data/canister/api API_CONFIG
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
@@ -42,6 +56,7 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           platforms: linux/arm64
+          secret-envs: ${{ steps.secrets.outputs.API_CONFIG }}
           cache-to: type=registry,ref=ghcr.io/cnstr/api-cache,compression=zstd
           cache-from: type=registry,ref=ghcr.io/cnstr/api-cache
 
diff --git a/Dockerfile b/Dockerfile
index 72b4143..4c8e4ff 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM rust:1.66 as builder
+FROM rust:1.79 as builder
 ENV UPLOAD_OPENAPI=true
 WORKDIR /app