From 70732bcf232df94e4f975224a3260295d48535f2 Mon Sep 17 00:00:00 2001 From: Ben Larabie Date: Thu, 28 Nov 2024 11:10:44 -0500 Subject: [PATCH] fix Vpn and gh secrets --- .github/workflows/docker.yml | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index bb378399e..0c6a5583d 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -8,8 +8,7 @@ env: AWS_REGION: ca-central-1 DOCKER_ORG: public.ecr.aws/cds-snc DOCKER_SLUG: public.ecr.aws/cds-snc/notify-documentation - WORKFLOW_PAT: ${{ secrets.WORKFLOW_GITHUB_PAT }} - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN_STAGING }} permissions: id-token: write # This is required for requesting the OIDC JWT @@ -69,16 +68,23 @@ jobs: curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb sudo dpkg -i 1pass.deb - - name: One Password Fetch + - name: Setup Terraform tools + uses: cds-snc/terraform-tools-setup@v1 + env: # In case you want to override default versions + CONFTEST_VERSION: 0.30.0 + TERRAFORM_VERSION: 1.9.5 + TERRAGRUNT_VERSION: 0.66.9 + TF_SUMMARIZE_VERSION: 0.2.3 + + - name: Fetch VPN run: | - op read op://4eyyuwddp6w4vxlabrr2i2duxm/"Staging Github Actions VPN"/notesPlain > /var/tmp/staging.ovpn + curl https://raw.githubusercontent.com/cds-snc/notification-manifests/refs/heads/main/scripts/createVPNConfig.sh | bash -s staging - name: Connect to VPN uses: "kota65535/github-openvpn-connect-action@cd2ed8a90cc7b060dc4e001143e811b5f7ea0af5" with: config_file: /var/tmp/staging.ovpn - client_key: ${{ secrets.STAGING_OVPN_CLIENT_KEY }} - echo_config: false + echo_config: false - name: Get Kubernetes configuration run: |