diff --git a/.expeditor/buildkite/verify.sh b/.expeditor/buildkite/verify.sh index e1710b68f..ff498b53f 100755 --- a/.expeditor/buildkite/verify.sh +++ b/.expeditor/buildkite/verify.sh @@ -7,6 +7,16 @@ uname -a ruby -v bundle --version + echo "--- installing vault" + export VAULT_VERSION=1.9.3 + export VAULT_HOME=$HOME/vault + curl --create-dirs -sSLo $VAULT_HOME/vault.zip https://releases.hashicorp.com/vault/$VAULT_VERSION/vault_${VAULT_VERSION}_linux_amd64.zip + unzip -o $VAULT_HOME/vault.zip -d $VAULT_HOME + + echo "--- fetching Sonar token from vault" + export SONAR_TOKEN=$($VAULT_HOME/vault kv get -field token secret/inspec/sonar) + + echo "--- bundle install" bundle config set --local without tools maintenance deploy bundle install --jobs=7 --retry=3 @@ -28,14 +38,7 @@ if [ -n "${CI_ENABLE_COVERAGE:-}" ]; then export PATH=$SONAR_SCANNER_HOME/bin:$PATH export SONAR_SCANNER_OPTS="-server" - echo "--- installing vault" - export VAULT_VERSION=1.9.3 - export VAULT_HOME=$HOME/vault - curl --create-dirs -sSLo $VAULT_HOME/vault.zip https://releases.hashicorp.com/vault/$VAULT_VERSION/vault_${VAULT_VERSION}_linux_amd64.zip - unzip -o $VAULT_HOME/vault.zip -d $VAULT_HOME - echo "--- fetching Sonar token from vault" - export SONAR_TOKEN=$($VAULT_HOME/vault kv get -field token secrets/secret/inspec-sonar-token) echo "--- running sonarscanner" sonar-scanner \