Skip to content

Commit

Permalink
[DEVOPS-1785] Change ruby publish workflow to use api key method (#629)
Browse files Browse the repository at this point in the history 
## Type of change

<!-- (mark with an `X`) -->

```
- [x] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [x] Build/deploy pipeline (DevOps)
- [ ] Other
```

## Objective

<!--Describe what the purpose of this PR is. For example: what bug
you're fixing or what new feature you're adding-->

## Code changes

<!--Explain the changes you've made to each file or major component.
This should help the reviewer understand your changes-->
<!--Also refer to any related changes or PRs in other repositories-->

- **.github/workflows/publish-ruby.yml:** Use `gem push` with rubygem
API key instead of automated release steps.

## Before you submit

- Please add **unit tests** where it makes sense to do so
  • Loading branch information
@michalchecinski
michalchecinski authored Feb 23, 2024
1 parent 199851b commit 676069a
Showing 1 changed file with 23 additions and 16 deletions.
39 changes: 23 additions & 16 deletions .github/workflows/publish-ruby.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,26 +107,33 @@ jobs:
cp "temp/${platforms[$i]}/${files[$i]}" "languages/ruby/bitwarden_sdk_secrets/lib/${platforms[$i]}/${files[$i]}"
done
- name: Login to Azure
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}

- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "rubygem-api-key"

- name: bundle install
run: bundle install
working-directory: languages/ruby/bitwarden_sdk_secrets

- name: Set remote URL
run: |
# Attribute commits to the last committer on HEAD
git config --global user.email "106330231+bitwarden-devops-bot@users.noreply.github.com"
git config --global user.name "bitwarden-devops-bot"
git remote set-url origin "https://x-access-token:${{ github.token }}@github.com/$GITHUB_REPOSITORY"
- name: Configure trusted publishing credentials
uses: rubygems/configure-rubygems-credentials@bc6dd217f8a4f919d6835fcfefd470ef821f5c44 # v1.0.0

- name: Run release rake task
if: ${{ inputs.release_type == 'Release' }}
run: bundle exec rake release
- name: Build gem
run: gem build bitwarden-sdk-secrets.gemspec
working-directory: languages/ruby/bitwarden_sdk_secrets

- name: Wait for release to propagate
if: ${{ inputs.release_type == 'Release' }}
run: gem exec rubygems-await pkg/*.gem
- name: Push gem to Rubygems
run: |
mkdir -p $HOME/.gem
touch $HOME/.gem/credentials
chmod 0600 $HOME/.gem/credentials
printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
gem push *.gem
env:
GEM_HOST_API_KEY: ${{ steps.retrieve-secrets.outputs.rubygem-api-key }}
working-directory: languages/ruby/bitwarden_sdk_secrets

0 comments on commit 676069a

Please sign in to comment.