From aa48bf23820c9e2a1cdbe4c6df667ab7281b7282 Mon Sep 17 00:00:00 2001
From: jcpitre <jcpitre@mobilitydata.org>
Date: Thu, 7 Nov 2024 15:26:05 -0500
Subject: [PATCH] test 13

---
 .../extract-1password-secret/action.yml       | 19 +++++++++----------
 .github/workflows/secret_refs.yml             |  5 ++---
 2 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/.github/actions/extract-1password-secret/action.yml b/.github/actions/extract-1password-secret/action.yml
index 30b5b8192a..f28b5d2d73 100644
--- a/.github/actions/extract-1password-secret/action.yml
+++ b/.github/actions/extract-1password-secret/action.yml
@@ -1,14 +1,14 @@
 name: 'Extract Value'
 description: 'Extracts the value for a given key from a GitHub variable'
 inputs:
-  keys:
+  VARIABLES_TO_EXTRACT:
     description: 'A list of space separated keys to extract'
     required: true
     type: string
-#  ONE_PASSWORD_SECRET_REFERENCES:
-#    description: 'The contents of the ONE_PASSWORD_SECRET_REFERENCES variable'
-#    required: true
-#    type: string
+  ONE_PASSWORD_SECRET_REFERENCES:
+    description: 'The contents of the ONE_PASSWORD_SECRET_REFERENCES variable'
+    required: true
+    type: string
   OP_SERVICE_ACCOUNT_TOKEN:
     description: 'The 1Password service account token'
     required: true
@@ -21,14 +21,13 @@ runs:
       id: extract_value
       shell: bash
       continue-on-error: true
-      env:
-#        key_values: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }}
-        qaz: ${{ secrets.GCP_WEB_VALIDATOR_SA_KEY }}
+#      env:
+#        key_values: ${{ inputs.ONE_PASSWORD_SECRET_REFERENCES }}
       run: |
-        keys=$(echo "${{ inputs.keys }}" | tr ',' ' ')
+        keys=$(echo "${{ inputs.VARIABLES_TO_EXTRACT }}" | tr ',' ' ')
         for key in $keys; do
            variable_name=$(echo "$key" | sed 's/^ *//;s/ *$//')
-           value=$(echo "$key_values" | grep "^$variable_name *=" | cut -d'=' -f2- | sed 's/^ *//;s/[ \r]*$//')
+           value=$(echo "${{ inputs.ONE_PASSWORD_SECRET_REFERENCES }}" | grep "^$variable_name *=" | cut -d'=' -f2- | sed 's/^ *//;s/[ \r]*$//')
            echo "value = $value"
            echo "variable_name = $variable_name"
            echo "$variable_name=$value" >> $GITHUB_ENV
diff --git a/.github/workflows/secret_refs.yml b/.github/workflows/secret_refs.yml
index 967b9fb981..9e0116aa39 100644
--- a/.github/workflows/secret_refs.yml
+++ b/.github/workflows/secret_refs.yml
@@ -6,7 +6,6 @@ on:
 
 jobs:
   my-job2:
-    secrets: inherit
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
@@ -17,8 +16,8 @@ jobs:
         uses: ./.github/actions/extract-1password-secret
         with:
           OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} # This is required to connect to the vault in our 1Password account.
-          keys: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, GITHUB_GENERIC_ACTION_CREDENTIALS, qaz'
-#          ONE_PASSWORD_SECRET_REFERENCES: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }}
+          VARIABLES_TO_EXTRACT: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, GITHUB_GENERIC_ACTION_CREDENTIALS, qaz'
+          ONE_PASSWORD_SECRET_REFERENCES: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }}
 
       - name: Use extracted value
         run: |