From daa02114f49573af49210742c2047eca80c7bb8d Mon Sep 17 00:00:00 2001 From: Annibal Silva <105941480+annibalsilva@users.noreply.github.com> Date: Wed, 15 Mar 2023 15:39:40 -0300 Subject: [PATCH] ci(vault): correct secrets path (#102) --- .github/workflows/merge-main.yml | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/.github/workflows/merge-main.yml b/.github/workflows/merge-main.yml index afec799..8eafea4 100644 --- a/.github/workflows/merge-main.yml +++ b/.github/workflows/merge-main.yml @@ -206,8 +206,7 @@ jobs: - sonarcloud - release runs-on: ubuntu-latest - environment: - name: test + environment: test env: ZONE: test NR_SPAR_ORACLE_API_VERSION: ${{ needs.release.outputs.version }} @@ -220,17 +219,16 @@ jobs: provision_role_id: ${{ secrets.PROVISION_ROLE_ID }} project_name: spar app_name: app-spar - environment: test - name: Import Secrets - id: secrets + id: import-secrets uses: hashicorp/vault-action@v2.5.0 with: url: https://vault-iit.apps.silver.devops.gov.bc.ca token: ${{ steps.broker.outputs.vault_token }} exportEnv: 'false' secrets: | - apps/data/test/spar/app-spar/db_proxy_read_only db_username | VAULT_DB_USER; - apps/data/test/spar/app-spar/db_proxy_read_only db_password | VAULT_DB_PASS; + apps/test/spar/app-spar/db_proxy_read_only db_username | VAULT_DB_USER; + apps/test/spar/app-spar/db_proxy_read_only db_password | VAULT_DB_PASS; - uses: actions/checkout@v3 - name: Print NR_SPAR_ORACLE_API_VERSION env @@ -247,8 +245,8 @@ jobs: -p DATABASE_HOST=${{ secrets.DATABASE_HOST }} \ -p DATABASE_PORT=${{ secrets.DATABASE_PORT }} \ -p SERVICE_NAME=${{ secrets.SERVICE_NAME }} \ - -p DATABASE_USER=${{ steps.secrets.outputs.VAULT_DB_USER }} \ - -p DATABASE_PASSWORD=${{ steps.secrets.outputs.VAULT_DB_PASS }} \ + -p DATABASE_USER=${{ steps.import-secrets.outputs.VAULT_DB_USER }} \ + -p DATABASE_PASSWORD=${{ steps.import-secrets.outputs.VAULT_DB_PASS }} \ -p ALLOWED_ORIGINS=${{ secrets.ALLOWED_ORIGINS }} \ -p KEYCLOAK_REALM_URL=${{ secrets.KEYCLOAK_REALM_URL }} \ -p PROMOTE=${{ github.repository }}:${{ env.ZONE }}-service-api | oc apply -f - @@ -396,8 +394,7 @@ jobs: - trivy-repo - release runs-on: ubuntu-latest - environment: - name: prod + environment: prod env: ZONE: prod PREV: test @@ -421,17 +418,16 @@ jobs: provision_role_id: ${{ secrets.PROVISION_ROLE_ID }} project_name: spar app_name: app-spar - environment: prod - name: Import Secrets - id: secrets + id: import-secrets uses: hashicorp/vault-action@v2.5.0 with: url: https://vault-iit.apps.silver.devops.gov.bc.ca token: ${{ steps.broker.outputs.vault_token }} exportEnv: 'false' secrets: | - apps/data/prod/spar/app-spar/db_proxy_read_only db_username | VAULT_DB_USER; - apps/data/prod/spar/app-spar/db_proxy_read_only db_password | VAULT_DB_PASS; + apps/prod/spar/app-spar/db_proxy_read_only db_username | VAULT_DB_USER; + apps/prod/spar/app-spar/db_proxy_read_only db_password | VAULT_DB_PASS; - uses: actions/checkout@v3 - name: Print NR_SPAR_ORACLE_API_VERSION env @@ -454,8 +450,8 @@ jobs: -p DATABASE_HOST=${{ secrets.DATABASE_HOST }} \ -p DATABASE_PORT=${{ secrets.DATABASE_PORT }} \ -p SERVICE_NAME=${{ secrets.SERVICE_NAME }} \ - -p DATABASE_USER=${{ steps.secrets.outputs.VAULT_DB_USER }} \ - -p DATABASE_PASSWORD=${{ steps.secrets.outputs.VAULT_DB_PASS }} \ + -p DATABASE_USER=${{ steps.import-secrets.outputs.VAULT_DB_USER }} \ + -p DATABASE_PASSWORD=${{ steps.import-secrets.outputs.VAULT_DB_PASS }} \ -p ALLOWED_ORIGINS=${{ secrets.ALLOWED_ORIGINS }} \ -p KEYCLOAK_REALM_URL=${{ secrets.KEYCLOAK_REALM_URL }} \ -p PROMOTE=${{ github.repository }}:${{ env.PREV }}-service-api | oc apply -f -