Fix vault secrets paths (#72) #20

Workflow file for this run

.github/workflows/release.yml at 6e57e7d

	on:
	push:
	tags:
	- "v*"

	env:
	GH_TOKEN: ${{ github.token }}

	name: Release RPMs
	permissions:
	contents: write
	id-token: write
	jobs:
	release-rpm-el7:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: "Read secrets"
	uses: rancher-eio/read-vault-secrets@main
	with:
	secrets: \|
	secret/data/github/repo/${{ github.repository }}/private_key \| PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/private_key_passphrase \| PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key \| TESTING_PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase \| TESTING_PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/aws_s3_bucket \| AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/aws_access_key_id \| AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/aws_secret_access_key \| AWS_SECRET_ACCESS_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket \| TESTING_AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id \| TESTING_AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key \| TESTING_AWS_SECRET_ACCESS_KEY ;

	- name: build-rpm-el7
	run: \|
	make build-centos7

	- name: sign-rpm-el7
	run: \|
	make sign-centos7
	env:
	PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
	PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
	TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
	TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

	- name: upload-repo-el7
	run: \|
	make upload-centos7
	env:
	COMBARCH: x86_64-amd64
	AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
	TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
	TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
	TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

	- name: github-rpm-release-el7
	run: \|
	gh release upload ${{ github.ref_name }} dist/centos7/noarch/* dist/centos7/source/*
	release-rpm-el8:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: "Read secrets"
	uses: rancher-eio/read-vault-secrets@main
	with:
	secrets: \|
	secret/data/github/repo/${{ github.repository }}/private_key \| PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/private_key_passphrase \| PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key \| TESTING_PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase \| TESTING_PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/aws_s3_bucket \| AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/aws_access_key_id \| AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/aws_secret_access_key \| AWS_SECRET_ACCESS_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket \| TESTING_AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id \| TESTING_AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key \| TESTING_AWS_SECRET_ACCESS_KEY ;

	- name: build-rpm-el8
	run: \|
	make build-centos8

	- name: sign-rpm-el8
	run: \|
	make sign-centos8
	env:
	PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
	PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
	TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
	TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

	- name: upload-repo-el8
	run: \|
	make upload-centos8
	env:
	COMBARCH: x86_64-amd64
	AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
	TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
	TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
	TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

	- name: github-rpm-release-el8
	run: \|
	gh release upload ${{ github.ref_name }} dist/centos8/noarch/* dist/centos8/source/*
	release-rpm-el9:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: "Read secrets"
	uses: rancher-eio/read-vault-secrets@main
	with:
	secrets: \|
	secret/data/github/repo/${{ github.repository }}/private_key \| PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/private_key_passphrase \| PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key \| TESTING_PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase \| TESTING_PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/aws_s3_bucket \| AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/aws_access_key_id \| AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/aws_secret_access_key \| AWS_SECRET_ACCESS_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket \| TESTING_AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id \| TESTING_AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key \| TESTING_AWS_SECRET_ACCESS_KEY ;

	- name: build-rpm-el9
	run: \|
	make build-centos9

	- name: sign-rpm-el9
	run: \|
	make sign-centos9
	env:
	PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
	PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
	TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
	TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

	- name: upload-repo-el9
	run: \|
	make upload-centos9
	env:
	COMBARCH: x86_64-amd64
	AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
	TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
	TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
	TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

	- name: github-rpm-release-el9
	run: \|
	gh release upload ${{ github.ref_name }} dist/centos9/noarch/* dist/centos9/source/*
	release-rpm-microos:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: "Read secrets"
	uses: rancher-eio/read-vault-secrets@main
	with:
	secrets: \|
	secret/data/github/repo/${{ github.repository }}/private_key \| PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/private_key_passphrase \| PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key \| TESTING_PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase \| TESTING_PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/aws_s3_bucket \| AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/aws_access_key_id \| AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/aws_secret_access_key \| AWS_SECRET_ACCESS_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket \| TESTING_AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id \| TESTING_AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key \| TESTING_AWS_SECRET_ACCESS_KEY ;

	- name: build-rpm-microos
	run: \|
	make build-microos

	- name: sign-rpm-microos
	run: \|
	make sign-microos
	env:
	PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
	PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
	TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
	TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

	- name: upload-repo-microos
	run: \|
	make upload-microos
	env:
	COMBARCH: x86_64-amd64
	AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
	TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
	TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
	TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

	- name: github-rpm-release-microos
	run: \|
	gh release upload ${{ github.ref_name }} dist/microos/noarch/* dist/microos/source/*
	release-rpm-slemicro:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: "Read secrets"
	uses: rancher-eio/read-vault-secrets@main
	with:
	secrets: \|
	secret/data/github/repo/${{ github.repository }}/private-key/credentials token \| PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/private-key-pass-phrase/credentials token \| PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/testing-private-key/credentials privateKey \| TESTING_PRIVATE_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing-private-key-pass-phrase/credentials token \| TESTING_PRIVATE_KEY_PASS_PHRASE ;
	secret/data/github/repo/${{ github.repository }}/aws-s3-bucket/credentials token \| AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/aws-access-key-id/credentials token \| AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/aws-secret-access-key/credentials token \| AWS_SECRET_ACCESS_KEY ;
	secret/data/github/repo/${{ github.repository }}/testing-aws-s3-bucket/credentials token \| TESTING_AWS_S3_BUCKET ;
	secret/data/github/repo/${{ github.repository }}/testing-aws-access-key-id/credentials token \| TESTING_AWS_ACCESS_KEY_ID ;
	secret/data/github/repo/${{ github.repository }}/testing-aws-secret-access-key/credentials token \| TESTING_AWS_SECRET_ACCESS_KEY ;

	- name: build-rpm-slemicro
	run: \|
	make build-slemicro

	- name: sign-rpm-slemicro
	run: \|
	make sign-slemicro
	env:
	PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
	PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
	TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
	TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

	- name: upload-repo-slemicro
	run: \|
	make upload-slemicro
	env:
	COMBARCH: x86_64-amd64
	AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
	AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
	TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
	TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
	TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

	- name: github-rpm-release-slemicro
	run: \|
	gh release upload ${{ github.ref_name }} dist/slemicro/noarch/* dist/slemicro/source/*

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix vault secrets paths (#72) #20

Workflow file

Fix vault secrets paths (#72) #20

Jobs

Run details

Workflow file for this run