-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Use a github variable containing 1password secret references #1921
feat: Use a github variable containing 1password secret references #1921
Conversation
📝 Acceptance Test Report📋 Summary✅ The rule acceptance has passed for commit 5ba4755 📊 Notices ComparisonNew Errors (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. Dropped Errors (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. New Warnings (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. Dropped Warnings (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. 🛡️ Corruption Check0 out of 1627 sources (~0 %) are corrupted. ⏱️ Performance Assessment📈 Validation TimeAssess the performance in terms of seconds taken for the validation process.
📜 Memory Consumption
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a great addition. What are your thoughts about publishing this as an independent GitHub action(not in the scope of this work), so we can reference it in other repositories?
id: onepw_secrets | ||
uses: 1password/load-secrets-action@v2.0.0 | ||
with: | ||
export-env: true # Export loaded secrets as environment variables |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
Good idea, maybe implement this when we want to use it in mobility-feed-api? |
📝 Acceptance Test Report📋 Summary✅ The rule acceptance has passed for commit d2c7bbe 📊 Notices ComparisonNew Errors (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. Dropped Errors (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. New Warnings (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. Dropped Warnings (0 out of 1627 datasets, ~0%) ✅No changes were detected due to the code change. 🛡️ Corruption Check0 out of 1627 sources (~0 %) are corrupted. ⏱️ Performance Assessment📈 Validation TimeAssess the performance in terms of seconds taken for the validation process.
📜 Memory Consumption
|
Closes #1906
Summary:
Set the proper 1password secret references that were changed at one point making the publication to Sonatype fail.
Added the use of a github repo variable
ONE_PASSWORD_SECRET_REFERENCES
containing key-value pairs for the secret references:The secret references in this variable are obtained from 1password.
So this introduced one level of indirection where the Github workflow should not contain any 1password references. Instead use the
.github/actions/extract-1password-secret/action.yml
composite action to obtain 1password secrets from an input list specifying the secret of interest.See the documentation in
.github/actions/extract-1password-secret/action.yml
Tested by creating a pre-release and making sure the proper jars are uploaded to Sonaytpe.
Please make sure these boxes are checked before submitting your pull request - thanks!
gradle test
to make sure you didn't break anything