diff options
| author | Philip Kuryloski <kuryloskip@vmware.com> | 2020-11-25 16:31:18 +0100 |
|---|---|---|
| committer | Philip Kuryloski <kuryloskip@vmware.com> | 2020-11-25 16:31:18 +0100 |
| commit | 088d0ee0c5bddb5108b16faf0cb92dbca8fa0ae4 (patch) | |
| tree | efdb406251eec86a72f6a09f54b515652bbbb954 | |
| parent | c9a5eae7c4d1df86ddae47143c3588505de6bc6b (diff) | |
| download | rabbitmq-server-git-088d0ee0c5bddb5108b16faf0cb92dbca8fa0ae4.tar.gz | |
Fixup terraform secret injection
| -rw-r--r-- | .github/workflows/test-erlang-otp-22.3.yaml | 8 | ||||
| -rw-r--r-- | .github/workflows/test-erlang-otp-23.1.yaml | 8 | ||||
| -rw-r--r-- | .github/workflows/test-erlang-otp-git.yaml | 8 | ||||
| -rw-r--r-- | workflow_sources/test/tests.lib.yml | 8 |
4 files changed, 20 insertions, 12 deletions
diff --git a/.github/workflows/test-erlang-otp-22.3.yaml b/.github/workflows/test-erlang-otp-22.3.yaml index 4868b55d94..d36ce21690 100644 --- a/.github/workflows/test-erlang-otp-22.3.yaml +++ b/.github/workflows/test-erlang-otp-22.3.yaml @@ -7964,7 +7964,9 @@ jobs: export_default_credentials: true - name: PREPARE TERRAFORM SECRETS run: | - echo "${{ secrets.TERRAFORM_SSH_KEY }}" > id_rsa_terraform + mkdir terraform && chmod 777 terraform + echo "${{ secrets.TERRAFORM_SSH_KEY }}" > terraform/id_rsa_terraform + chmod +r terraform/id_rsa_terraform - name: RUN TESTS run: | gcloud auth configure-docker @@ -7977,8 +7979,8 @@ jobs: --env STEP_START=${{ steps.buildevents.outputs.step_start }} \ --env AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ --env AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ - --env SSH_KEY=/workspace/id_rsa_terraform \ - --volume ${PWD}/id_rsa_terraform:/workspace/id_rsa_terraform \ + --env SSH_KEY=/workspace/terraform/id_rsa_terraform \ + --volume ${PWD}/terraform:/workspace/terraform \ --volume ${PWD}/ct-logs:/workspace/ct-logs \ --oom-kill-disable \ eu.gcr.io/cf-rabbitmq-core/ci:erlang-22.3-rabbitmq-${{ github.sha }} \ diff --git a/.github/workflows/test-erlang-otp-23.1.yaml b/.github/workflows/test-erlang-otp-23.1.yaml index b6111204ce..0295739823 100644 --- a/.github/workflows/test-erlang-otp-23.1.yaml +++ b/.github/workflows/test-erlang-otp-23.1.yaml @@ -4715,7 +4715,9 @@ jobs: export_default_credentials: true - name: PREPARE TERRAFORM SECRETS run: | - echo "${{ secrets.TERRAFORM_SSH_KEY }}" > id_rsa_terraform + mkdir terraform && chmod 777 terraform + echo "${{ secrets.TERRAFORM_SSH_KEY }}" > terraform/id_rsa_terraform + chmod +r terraform/id_rsa_terraform - name: RUN TESTS run: | gcloud auth configure-docker @@ -4728,8 +4730,8 @@ jobs: --env STEP_START=${{ steps.buildevents.outputs.step_start }} \ --env AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ --env AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ - --env SSH_KEY=/workspace/id_rsa_terraform \ - --volume ${PWD}/id_rsa_terraform:/workspace/id_rsa_terraform \ + --env SSH_KEY=/workspace/terraform/id_rsa_terraform \ + --volume ${PWD}/terraform:/workspace/terraform \ --volume ${PWD}/ct-logs:/workspace/ct-logs \ --oom-kill-disable \ eu.gcr.io/cf-rabbitmq-core/ci:erlang-23.1-rabbitmq-${{ github.sha }} \ diff --git a/.github/workflows/test-erlang-otp-git.yaml b/.github/workflows/test-erlang-otp-git.yaml index 57d896e2e9..85a59b5250 100644 --- a/.github/workflows/test-erlang-otp-git.yaml +++ b/.github/workflows/test-erlang-otp-git.yaml @@ -4583,7 +4583,9 @@ jobs: export_default_credentials: true - name: PREPARE TERRAFORM SECRETS run: | - echo "${{ secrets.TERRAFORM_SSH_KEY }}" > id_rsa_terraform + mkdir terraform && chmod 777 terraform + echo "${{ secrets.TERRAFORM_SSH_KEY }}" > terraform/id_rsa_terraform + chmod +r terraform/id_rsa_terraform - name: RUN TESTS run: | gcloud auth configure-docker @@ -4596,8 +4598,8 @@ jobs: --env STEP_START=${{ steps.buildevents.outputs.step_start }} \ --env AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ --env AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ - --env SSH_KEY=/workspace/id_rsa_terraform \ - --volume ${PWD}/id_rsa_terraform:/workspace/id_rsa_terraform \ + --env SSH_KEY=/workspace/terraform/id_rsa_terraform \ + --volume ${PWD}/terraform:/workspace/terraform \ --volume ${PWD}/ct-logs:/workspace/ct-logs \ --oom-kill-disable \ eu.gcr.io/cf-rabbitmq-core/ci:erlang-git-rabbitmq-${{ github.sha }} \ diff --git a/workflow_sources/test/tests.lib.yml b/workflow_sources/test/tests.lib.yml index 176a8e5411..58391839d4 100644 --- a/workflow_sources/test/tests.lib.yml +++ b/workflow_sources/test/tests.lib.yml @@ -20,7 +20,9 @@ steps: #@ if getattr(dep, 'use_terraform', False): - name: PREPARE TERRAFORM SECRETS run: | - echo "${{ secrets.TERRAFORM_SSH_KEY }}" > id_rsa_terraform + mkdir terraform && chmod 777 terraform + echo "${{ secrets.TERRAFORM_SSH_KEY }}" > terraform/id_rsa_terraform + chmod +r terraform/id_rsa_terraform #@ end - name: RUN TESTS run: | @@ -50,8 +52,8 @@ steps: #@ if getattr(dep, 'use_terraform', False): #@ args = ["--env AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}"] #@ args.append("--env AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}") -#@ args.append("--env SSH_KEY=/workspace/id_rsa_terraform") -#@ args.append("--volume ${PWD}/id_rsa_terraform:/workspace/id_rsa_terraform") +#@ args.append("--env SSH_KEY=/workspace/terraform/id_rsa_terraform") +#@ args.append("--volume ${PWD}/terraform:/workspace/terraform") #@ return " \\\n ".join(args) #@ else: #@ return "" |