From f0040ef795d9325812e4bd9c499a69be800f057f Mon Sep 17 00:00:00 2001
From: Victor Martinez <VictorMartinezRubio@gmail.com>
Date: Wed, 12 Jun 2024 16:00:38 +0200
Subject: [PATCH] github-actions: use buildkite and slack bot GH secrets

---
 .github/workflows/release-step-3.yml | 33 +++++++++++--------------
 .github/workflows/snapshot.yml       | 36 +++++++++++++---------------
 2 files changed, 30 insertions(+), 39 deletions(-)

diff --git a/.github/workflows/release-step-3.yml b/.github/workflows/release-step-3.yml
index 6e671d1b56..0c5c4c7848 100644
--- a/.github/workflows/release-step-3.yml
+++ b/.github/workflows/release-step-3.yml
@@ -81,26 +81,23 @@ jobs:
     env:
       TARBALL_FILE: artifacts.tar
     steps:
-      - id: buildkite
+      - id: buildkite-run
         continue-on-error: true
-        name: Run Deploy
-        uses: elastic/apm-pipeline-library/.github/actions/buildkite@current
+        uses: elastic/oblt-actions/buildkite/run@v1
         with:
-          vaultUrl: ${{ secrets.VAULT_ADDR }}
-          vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
-          vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
-          pipeline: apm-agent-java-release
-          waitFor: true
-          printBuildLogs: false
-          artifactName: releases
-          artifactPath: ${{ env.TARBALL_FILE }}
-          buildEnvVars: |
+          pipeline: "apm-agent-java-release"
+          token: ${{ secrets.BUILDKITE_TOKEN }}
+          wait-for: true
+          env-vars: |
             dry_run=${{ inputs.dry_run || 'false' }}
             TARBALL_FILE=${{ env.TARBALL_FILE }}
 
-      - uses: actions/download-artifact@v3
+      - uses: elastic/oblt-actions/buildkite/download-artifact@v1
         with:
-          name: releases
+          build-number: ${{ steps.buildkite-run.outputs.build }}
+          path: "${{ env.TARBALL_FILE }}"
+          pipeline: ${{ steps.buildkite-run.outputs.pipeline }}
+          token: ${{ secrets.BUILDKITE_TOKEN }}
 
       - name: untar the buildkite tarball
         run: tar xvf ${{ env.TARBALL_FILE }}
@@ -287,10 +284,8 @@ jobs:
         uses: elastic/apm-pipeline-library/.github/actions/check-dependent-jobs@current
         with:
           needs: ${{ toJSON(needs) }}
-      - uses: elastic/apm-pipeline-library/.github/actions/notify-build-status@current
+      - uses: elastic/oblt-actions/slack/notify-result@v1
         with:
+          bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
+          channel-id: "#apm-agent-java"
           status: ${{ steps.check.outputs.status }}
-          vaultUrl: ${{ secrets.VAULT_ADDR }}
-          vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
-          vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
-          slackChannel: "#apm-agent-java"
diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml
index 0b67429b9f..3e84224e51 100644
--- a/.github/workflows/snapshot.yml
+++ b/.github/workflows/snapshot.yml
@@ -46,26 +46,24 @@ jobs:
       TARBALL_FILE: artifacts.tar
     if: ${{ contains(needs.validate.outputs.is-snapshot, 'true') }}
     steps:
-      - id: buildkite
-        name: Run Deploy
-        uses: elastic/apm-pipeline-library/.github/actions/buildkite@current
+      - id: buildkite-run
+        continue-on-error: true
+        uses: elastic/oblt-actions/buildkite/run@v1
         with:
-          vaultUrl: ${{ secrets.VAULT_ADDR }}
-          vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
-          vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
-          pipeline: apm-agent-java-snapshot
-          pipelineBranch: ${{ github.ref_name }}
-          artifactName: snapshots
-          artifactPath: ${{ env.TARBALL_FILE }}
-          waitFor: true
-          printBuildLogs: false
-          buildEnvVars: |
+          branch: ${{ github.ref_name }}
+          pipeline: "apm-agent-java-snapshot"
+          token: ${{ secrets.BUILDKITE_TOKEN }}
+          wait-for: true
+          env-vars: |
             dry_run=${{ inputs.dry_run || 'false' }}
             TARBALL_FILE=${{ env.TARBALL_FILE }}
 
-      - uses: actions/download-artifact@v3
+      - uses: elastic/oblt-actions/buildkite/download-artifact@v1
         with:
-          name: snapshots
+          build-number: ${{ steps.buildkite-run.outputs.build }}
+          path: "${{ env.TARBALL_FILE }}"
+          pipeline: ${{ steps.buildkite-run.outputs.pipeline }}
+          token: ${{ secrets.BUILDKITE_TOKEN }}
 
       - name: untar the buildkite tarball
         run: tar xvf ${{ env.TARBALL_FILE }}
@@ -108,12 +106,10 @@ jobs:
         with:
           needs: ${{ toJSON(needs) }}
       - if: ${{ failure() && ! inputs.dry_run }}
-        uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+        uses: elastic/oblt-actions/slack/send@v1
         with:
-          url: ${{ secrets.VAULT_ADDR }}
-          roleId: ${{ secrets.VAULT_ROLE_ID }}
-          secretId: ${{ secrets.VAULT_SECRET_ID }}
-          channel: "#apm-agent-java"
+          bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
+          channel-id: "#apm-agent-java"
           message: |
             :ghost: [${{ github.repository }}] Snapshot *${{ github.ref_name }}* didn't get triggered in Buildkite.
             Build: (<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>)