Skip to content

Commit

Permalink
chore: cycle CI secret references (#264)
Browse files Browse the repository at this point in the history
  • Loading branch information
@boilsquid
boilsquid authored Jan 14, 2025
1 parent a71df7c commit 7b17293
Show file tree
Hide file tree
Showing 6 changed files with 32 additions and 32 deletions.
12 changes: 6 additions & 6 deletions .github/workflows/deploy-control-plane-image-production.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,8 @@ jobs:
- name: Configure Production AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
Expand Down Expand Up @@ -102,8 +102,8 @@ jobs:
- name: Configure Production AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
Expand Down Expand Up @@ -140,8 +140,8 @@ jobs:
- name: Configure Production AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/deploy-control-plane-image-staging.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
shared-key: "standard-cache"
- name: Test control plane
run: cargo test -p control-plane

get-release-semver:
needs: [last_test]
runs-on: ubuntu-latest
Expand Down Expand Up @@ -78,8 +78,8 @@ jobs:
- name: Configure Staging AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY_STAGING }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
Expand Down Expand Up @@ -126,8 +126,8 @@ jobs:
- name: Configure Staging AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY_STAGING }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/deploy-data-plane-binary-production.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ jobs:
- name: Configure Production AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-1

- uses: Swatinem/rust-cache@v2
Expand Down Expand Up @@ -105,8 +105,8 @@ jobs:
- name: Configure Production AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-1

- name: Upload data-plane to S3 (${{ matrix.feature }})
Expand All @@ -130,8 +130,8 @@ jobs:
- name: Configure Production AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY }}
aws-region: us-east-1

- name: Upload version tag to latest
Expand All @@ -145,4 +145,4 @@ jobs:
- name: Cloudfront Cache Invalidation
run: |
aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION }} --paths "/runtime/latest/data-plane/*" "/runtime/latest" "/runtime/versions"
aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION }} --paths "/runtime/latest/data-plane/*" "/runtime/latest" "/runtime/versions"
4 changes: 2 additions & 2 deletions .github/workflows/deploy-data-plane-binary-staging.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,8 +56,8 @@ jobs:
- name: Configure Staging AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY_STAGING }}
aws-region: us-east-1

- uses: Swatinem/rust-cache@v2
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/deploy-runtime-installer-production.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ name: Deploy installer to production
on:
push:
tags:
- "installer/v*.*.*"
- "installer/v*.*.*"

jobs:
get-version:
runs-on: ubuntu-latest
Expand All @@ -20,9 +20,9 @@ jobs:
needs: [get-version]
uses: ./.github/workflows/deploy-runtime-installer.yml
with:
stage: 'production'
version: ${{ needs.get-version.outputs.version }}
stage: "production"
version: ${{ needs.get-version.outputs.version }}
secrets:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-cloudfront-distribution-id: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY }}
aws-cloudfront-distribution-id: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION }}
10 changes: 5 additions & 5 deletions .github/workflows/deploy-runtime-installer-staging.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@ jobs:
build-and-deploy:
uses: ./.github/workflows/deploy-runtime-installer.yml
with:
stage: 'staging'
version: 1
stage: "staging"
version: 1
secrets:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
aws-cloudfront-distribution-id: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_STAGING }}
aws-access-key-id: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.ENCLAVES_PUBLIC_AWS_ACCESS_SECRET_KEY_STAGING }}
aws-cloudfront-distribution-id: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_STAGING }}

0 comments on commit 7b17293

Please sign in to comment.