From 7c16f064a7aff663e1b0c5bc41c7948fa5ab05c4 Mon Sep 17 00:00:00 2001 From: Clemence Kyara Date: Thu, 3 Oct 2024 11:14:28 +0300 Subject: [PATCH] Use secrets in workflows --- .github/workflows/charterafrica-deploy-dev.yml | 5 +++-- .github/workflows/charterafrica-deploy-prod.yml | 5 +++-- .github/workflows/civicsignalblog-deploy-prod.yml | 5 +++-- .github/workflows/codeforafrica-deploy-dev.yml | 5 +++-- .github/workflows/codeforafrica-deploy-prod.yml | 5 +++-- .github/workflows/pesayetu-deploy-dev.yml | 3 +-- .github/workflows/roboshield-deploy-dev.yml | 6 +++--- .github/workflows/roboshield-deploy-prod.yml | 6 +++--- .github/workflows/techlabblog-deploy-dev.yml | 2 +- .github/workflows/vpnmanager-deploy-dev.yml | 5 +++-- 10 files changed, 26 insertions(+), 21 deletions(-) diff --git a/.github/workflows/charterafrica-deploy-dev.yml b/.github/workflows/charterafrica-deploy-dev.yml index 4af714f53..6d100778c 100644 --- a/.github/workflows/charterafrica-deploy-dev.yml +++ b/.github/workflows/charterafrica-deploy-dev.yml @@ -57,16 +57,17 @@ jobs: NEXT_PUBLIC_APP_URL=${{ env.NEXT_PUBLIC_APP_URL }} NEXT_PUBLIC_SENTRY_DSN=${{ secrets.CHARTERAFRICA_SENTRY_DSN }} PAYLOAD_SECRET_KEY=${{ secrets.CHARTERAFRICA_PAYLOAD_SECRET_KEY }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.CHARTERAFRICA_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: charterafrica-runner push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ github.sha }}" + target: charterafrica-runner # Temp fix # https://github.com/docker/build-push-action/issues/252 diff --git a/.github/workflows/charterafrica-deploy-prod.yml b/.github/workflows/charterafrica-deploy-prod.yml index 9b63b3b67..03fa6cb15 100644 --- a/.github/workflows/charterafrica-deploy-prod.yml +++ b/.github/workflows/charterafrica-deploy-prod.yml @@ -86,16 +86,17 @@ jobs: NEXT_PUBLIC_SENTRY_DSN=${{ secrets.CHARTERAFRICA_SENTRY_DSN }} NEXT_PUBLIC_SEO_DISABLED=${{ env.NEXT_PUBLIC_SEO_DISABLED }} PAYLOAD_SECRET_KEY=${{ secrets.CHARTERAFRICA_PAYLOAD_SECRET_KEY }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.CHARTERAFRICA_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: charterafrica-runner push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ steps.version-check.outputs.version }}" + target: charterafrica-runner # Temp fix # https://github.com/docker/build-push-action/issues/252 diff --git a/.github/workflows/civicsignalblog-deploy-prod.yml b/.github/workflows/civicsignalblog-deploy-prod.yml index 1371f544e..8ae44bbdb 100644 --- a/.github/workflows/civicsignalblog-deploy-prod.yml +++ b/.github/workflows/civicsignalblog-deploy-prod.yml @@ -79,15 +79,16 @@ jobs: NEXT_PUBLIC_APP_URL=${{ env.NEXT_PUBLIC_APP_URL }} PAYLOAD_SECRET=${{ secrets.CIVICSIGNALBLOG_PAYLOAD_SECRET }} SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} - SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.CIVICSIGNALBLOG_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: civicsignalblog-runner push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ steps.version-check.outputs.version }}" + target: civicsignalblog-runner - name: Move cache if: steps.version-check.outputs.changed == 'true' diff --git a/.github/workflows/codeforafrica-deploy-dev.yml b/.github/workflows/codeforafrica-deploy-dev.yml index 1afda0469..44b7d919b 100644 --- a/.github/workflows/codeforafrica-deploy-dev.yml +++ b/.github/workflows/codeforafrica-deploy-dev.yml @@ -60,16 +60,17 @@ jobs: PAYLOAD_SECRET=${{ secrets.CODEFORAFRICA_PAYLOAD_SECRET }} NEXT_PUBLIC_APP_LOGO_URL=${{ secrets.NEXT_PUBLIC_CODEFORAFRICA_APP_LOGO_URL }} NEXT_PUBLIC_APP_NAME=${{ secrets.NEXT_PUBLIC_CODEFORAFRICA_APP_NAME }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.CODEFORAFRICA_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: codeforafrica-runner push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ github.sha }}" + target: codeforafrica-runner # Temp fix # https://github.com/docker/build-push-action/issues/252 diff --git a/.github/workflows/codeforafrica-deploy-prod.yml b/.github/workflows/codeforafrica-deploy-prod.yml index e445567d0..7be2dd21c 100644 --- a/.github/workflows/codeforafrica-deploy-prod.yml +++ b/.github/workflows/codeforafrica-deploy-prod.yml @@ -81,16 +81,17 @@ jobs: NEXT_PUBLIC_APP_NAME=${{ secrets.NEXT_PUBLIC_CODEFORAFRICA_APP_NAME }} NEXT_PUBLIC_APP_URL=${{ env.NEXT_PUBLIC_APP_URL }} PAYLOAD_SECRET=${{ secrets.CODEFORAFRICA_PAYLOAD_SECRET }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.CODEFORAFRICA_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: codeforafrica-runner push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ steps.version-check.outputs.version }}" + target: codeforafrica-runner - name: Move cache if: steps.version-check.outputs.changed == 'true' diff --git a/.github/workflows/pesayetu-deploy-dev.yml b/.github/workflows/pesayetu-deploy-dev.yml index 1b3cb4847..a9a268c18 100644 --- a/.github/workflows/pesayetu-deploy-dev.yml +++ b/.github/workflows/pesayetu-deploy-dev.yml @@ -62,16 +62,15 @@ jobs: WORDPRESS_APPLICATION_PASSWORD=${{ secrets.PESAYETU_WORDPRESS_APPLICATION_PASSWORD }} JWT_SECRET_KEY=${{ secrets.PESAYETU_JWT_SECRET_KEY }} HURUMAP_API_URL=${{ secrets.PESAYETU_HURUMAP_API_URL }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.PESAYETU_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: pesayetu-runner push: true tags: "${{ env.IMAGE_NAME }}:${{ github.sha }}" + target: pesayetu-runner # Temp fix # https://github.com/docker/build-push-action/issues/252 diff --git a/.github/workflows/roboshield-deploy-dev.yml b/.github/workflows/roboshield-deploy-dev.yml index 5b28730a7..104f05e56 100644 --- a/.github/workflows/roboshield-deploy-dev.yml +++ b/.github/workflows/roboshield-deploy-dev.yml @@ -59,17 +59,17 @@ jobs: NEXT_PUBLIC_APP_URL=${{ env.NEXT_PUBLIC_APP_URL }} NEXT_PUBLIC_SENTRY_DSN=${{ secrets.ROBOSHIELD_SENTRY_DSN }} PAYLOAD_SECRET=${{ secrets.ROBOSHIELD_PAYLOAD_SECRET }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.ROBOSHIELD_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: roboshield-runner - file: Dockerfile push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ github.sha }}" + target: roboshield-runner # Temp fix # https://github.com/docker/build-push-action/issues/252 diff --git a/.github/workflows/roboshield-deploy-prod.yml b/.github/workflows/roboshield-deploy-prod.yml index 00af29f41..1a96f8bd7 100644 --- a/.github/workflows/roboshield-deploy-prod.yml +++ b/.github/workflows/roboshield-deploy-prod.yml @@ -71,17 +71,17 @@ jobs: NEXT_PUBLIC_APP_URL=${{ env.NEXT_PUBLIC_APP_URL }} NEXT_PUBLIC_SENTRY_DSN=${{ secrets.ROBOSHIELD_SENTRY_DSN }} PAYLOAD_SECRET=${{ secrets.ROBOSHIELD_PAYLOAD_SECRET }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.ROBOSHIELD_SENTRY_PROJECT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: roboshield-runner - file: Dockerfile push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ steps.version-check.outputs.version }}" + target: roboshield-runner # Temp fix # https://github.com/docker/build-push-action/issues/252 diff --git a/.github/workflows/techlabblog-deploy-dev.yml b/.github/workflows/techlabblog-deploy-dev.yml index 81b273aab..d1f5d036e 100644 --- a/.github/workflows/techlabblog-deploy-dev.yml +++ b/.github/workflows/techlabblog-deploy-dev.yml @@ -1,4 +1,4 @@ -name: Techlab Blog | Dev | Deploy +name: Techlab Blog | Deploy | DEV on: push: diff --git a/.github/workflows/vpnmanager-deploy-dev.yml b/.github/workflows/vpnmanager-deploy-dev.yml index 284730212..a157f58d5 100644 --- a/.github/workflows/vpnmanager-deploy-dev.yml +++ b/.github/workflows/vpnmanager-deploy-dev.yml @@ -53,7 +53,6 @@ jobs: with: build-args: | SENTRY_DSN=${{ secrets.VPNMANAGER_SENTRY_DSN }} - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} SENTRY_ORG=${{ secrets.SENTRY_ORG }} SENTRY_PROJECT=${{ secrets.VPNMANAGER_SENTRY_PROJECT }} @@ -61,9 +60,11 @@ jobs: cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new context: . - target: vpnmanager-runner push: true + secrets: | + "sentry_auth_token=${{ secrets.SENTRY_AUTH_TOKEN }}" tags: "${{ env.IMAGE_NAME }}:${{ github.sha }}" + target: vpnmanager-runner # Temp fix # https://github.com/docker/build-push-action/issues/252