Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gha: update to use aws sm #18857

Merged
merged 15 commits into from
Jun 10, 2024
Merged

gha: update to use aws sm #18857

merged 15 commits into from
Jun 10, 2024

Conversation

andrewhsu
Copy link
Member

@andrewhsu andrewhsu commented Jun 7, 2024
edited
Loading

fixes https://redpandadata.atlassian.net/browse/PESDLC-1345

github secrets for this repo have been migrated to aws secretsmanager. this PR uses gha aws-actions/aws-secretsmanager-get-secrets to access the secrets.

this PR also removes unused workflows to reduce number of used secrets:

Backports Required

  • none - not a bug fix
  • none - this is a backport
  • none - issue does not exist in previous branches
  • none - papercut/not impactful enough to backport
  • v24.1.x
  • v23.3.x
  • v23.2.x

Release Notes

  • none

andrewhsu added 14 commits June 7, 2024 09:15
@andrewhsu
gha: update to actions/checkout@v4
d79b2f0 
to resolve warning:
> Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3.
@andrewhsu
gha: update backport-command to use aws sm
0be664d
@andrewhsu
gha: remove old-backports.yml
4573b58 
Looks like this worklfow is not needed because it has been disabled for over 1 year:
https://github.com/redpanda-data/redpanda/actions/workflows/old-backports.yml
@andrewhsu
gha: remove unused packages-created.yml
d548a72 
It does not look like this worklfow is used because no history of it
running:
https://github.com/redpanda-data/redpanda/actions/workflows/packages-created.yml
@andrewhsu
gha: remove unused render-draft-release-notes.yml
316d46e 
No history of workflow runs since disabled:
https://github.com/redpanda-data/redpanda/actions/workflows/render-draft-release-notes.yml
@andrewhsu
gha: remove unused slack-messages.yml
1755dda 
Disabled worklfow has no history of workflow run:
https://github.com/redpanda-data/redpanda/actions/workflows/slack-messages.yml
@andrewhsu
gha: update backport-on-merge to use aws sm
71facd4
@andrewhsu
gha: update buildkite-slash-commands to use aws sm
f588554
@andrewhsu
gha: update cloud-installpack-bk-trigger to use aws sm
f420b5f
@andrewhsu
gha: update comment_added to use aws sm
0cad174
@andrewhsu
gha: update jira_issue_manage to use aws sm
53caee3
@andrewhsu
gha: update promote to use aws sm
7fdafd8
@andrewhsu
gha: update slash-commands to use aws sm
6a3a892
@andrewhsu
gha: update transform-sdk-release to use aws sm
0ac5b2a
@andrewhsu andrewhsu requested a review from a team as a code owner June 7, 2024 15:07
@andrewhsu andrewhsu requested review from ivotron and removed request for a team June 7, 2024 15:07
@mergify Mergify
Copy link

mergify bot commented Jun 7, 2024

⚠️ The sha of the head commit of this PR conflicts with #18856. Mergify cannot evaluate rules on this PR. ⚠️

@andrewhsu andrewhsu mentioned this pull request Jun 7, 2024
Closed
7 tasks
@andrewhsu
gha: update to actions/labeler@v5
d7f2c13 
To address warning message:
> Node.js 16 actions are deprecated. Please update the following actions
to use Node.js 20: actions/labeler@v4.
@andrewhsu
Copy link
Member Author

/dt

clee
clee approved these changes Jun 10, 2024
View reviewed changes
Copy link
Contributor

@clee clee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mostly LGTM - found one thing that wasn't super clear at a glance

.github/workflows/jira_issue_manage.yml
uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/jira
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume the empty list before the leading comma means "all IDs" or something? Maybe a comment here would be useful.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that's just how the plugin is documented to be used for environmental variable naming with blank aliases:

If you set parse-json-secrets: true and enter a blank alias, followed by a comma and then the secret ID, the action names the environment variable the same as the parsed JSON keys.

@andrewhsu andrewhsu merged commit 4d08e75 into dev Jun 10, 2024
12 checks passed
@andrewhsu andrewhsu deleted the PESDLC-1345-gha-aws-sm branch June 10, 2024 21:30
@vbotbuildovich
Copy link
Collaborator

/backport v24.1.x

@vbotbuildovich
Copy link
Collaborator

/backport v23.3.x

@vbotbuildovich
Copy link
Collaborator

/backport v23.2.x

This was referenced Jun 10, 2024
Merged
Merged
This was referenced Jun 11, 2024
Merged
Closed
Merged
Merged
Closed
@jsoref jsoref mentioned this pull request Aug 16, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@clee clee clee approved these changes

@ivotron ivotron Awaiting requested review from ivotron ivotron is a code owner automatically assigned from redpanda-data/devprod

Assignees
No one assigned
Labels
area/build
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@andrewhsu @vbotbuildovich @clee