Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[release-v2.6] fix: create a GitHub token for the release process #4196

Merged
merged 3 commits into from
Oct 17, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
use proper path to get tempo secrets (#4199)
  • Loading branch information
javiermolinar committed Oct 16, 2024
commit a610f59eee45d9f6e1f6c1c45b80463c2a232f1a
5 changes: 4 additions & 1 deletion .drone/drone.jsonnet
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,9 @@ local docker_config_json_secret = secret('dockerconfigjson', 'secret/data/common

// secret needed for dep-tools
local gh_token_secret = secret('gh_token', 'infra/data/ci/github/grafanabot', 'pat');
local tempo_app_id_secret = secret('tempo_app_id_secret', 'infra/data/ci/tempo/github-app', 'app-id');
local tempo_app_installation_id_secret = secret('tempo_app_installation_id_secret', 'infra/data/ci/tempo/github-app', 'app-installation-id');
local tempo_app_private_key_secret = secret('tempo_app_private_key_secret', 'infra/data/ci/tempo/github-app', 'app-private-key');

// secret to sign linux packages
local gpg_passphrase = secret('gpg_passphrase', 'infra/data/ci/packages-publish/gpg', 'passphrase');
Expand Down Expand Up @@ -355,7 +358,7 @@ local deploy_to_dev() = {
name: 'Generate GitHub token',
image: 'us.gcr.io/kubernetes-dev/github-app-secret-writer:latest',
environment: {
GITHUB_APP_ID: { from_secret: tempo_app_id_secret.name},
GITHUB_APP_ID: { from_secret: tempo_app_id_secret.name },
GITHUB_APP_INSTALLATION_ID: { from_secret: tempo_app_installation_id_secret.name },
GITHUB_APP_PRIVATE_KEY: { from_secret: tempo_app_private_key_secret.name },
},
Expand Down
20 changes: 19 additions & 1 deletion .drone/drone.yml
Original file line number Diff line number Diff line change
Expand Up @@ -536,6 +536,24 @@ get:
kind: secret
name: gh_token
---
get:
name: app-id
path: infra/data/ci/tempo/github-app
kind: secret
name: tempo_app_id_secret
---
get:
name: app-installation-id
path: infra/data/ci/tempo/github-app
kind: secret
name: tempo_app_installation_id_secret
---
get:
name: app-private-key
path: infra/data/ci/tempo/github-app
kind: secret
name: tempo_app_private_key_secret
---
get:
name: credentials.json
path: infra/data/ci/tempo-ops-tools-function-upload
Expand Down Expand Up @@ -579,6 +597,6 @@ kind: secret
name: gpg_passphrase
---
kind: signature
hmac: 123492f41e48b294e4a5f98c3d253da393da808d6ea4193189b5308d5fabf1f6
hmac: 0265cd585d8c7fc444bebc8aa1164ec6aa7893c2aa16f3beb61503102b00a798

...