fix: single step secrets

filipeforattini · May 11, 2022 · bdaa564 · bdaa564
1 parent 237d809
commit bdaa564
Showing 1 changed file with 8 additions and 37 deletions.
diff --git a/.github/workflows/service-push.yml b/.github/workflows/service-push.yml
@@ -524,6 +524,10 @@ jobs:
             *)     echo "::set-output name=deploy_namespace::$(echo $PIPELINE_SETUP | jq -r '.deploy.namespace')";;
           esac
 
+      - name: Config | Gives runner access to docker config file 
+        if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
+        run: sudo chown $(whoami):docker /home/$(whoami)/.docker/config.json
+
       # deploy
       - name: K8s create namespace
         if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
@@ -541,32 +545,12 @@ jobs:
             --output ./manifests/k8s-secrets.env \
             ./manifests/secrets/dev.gpg
 
-      - name: K8s delete secrets
-        if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
-        uses: actions-hub/kubectl@master
-        env:
-          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          args: delete secret svc -n ${{steps.deploy_setup.outputs.deploy_namespace}} --ignore-not-found
-
-      - name: K8s delete versioned secrets 
-        if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
-        uses: actions-hub/kubectl@master
-        env:
-          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          args: delete secret svc-${{needs.Release-Node.outputs.Version}} -n ${{steps.deploy_setup.outputs.deploy_namespace}} --ignore-not-found
-
       - name: K8s create secrets
         if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
         uses: actions-hub/kubectl@master
-        env:
-          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
-          args: create secret generic --from-env-file=./manifests/k8s-secrets.env -n ${{steps.deploy_setup.outputs.deploy_namespace}} svc
+          config: ${{ secrets.KUBE_CONFIG }}
+          command: create secret generic --from-env-file=./manifests/k8s-secrets.env -n ${{steps.deploy_setup.outputs.deploy_namespace}} svc --dry-run=client --validate=false --output=yaml | kubectl apply -f -
 
       - name: K8s create versioned secrets
         if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
@@ -575,7 +559,7 @@ jobs:
           KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
-          args: create secret generic --from-env-file=./manifests/k8s-secrets.env -n ${{steps.deploy_setup.outputs.deploy_namespace}} svc-${{needs.Release-Node.outputs.Version}}
+          args: create secret generic --from-env-file=./manifests/k8s-secrets.env -n ${{steps.deploy_setup.outputs.deploy_namespace}} svc-${{needs.Release-Node.outputs.Version}} --dry-run=client --validate=false --output=yaml | kubectl apply -f -
 
       - name: Config | Login to GHCR
         uses: docker/login-action@v1
@@ -584,27 +568,14 @@ jobs:
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Config | Gives runner access to docker config file 
-        if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
-        run: sudo chown $(whoami):docker /home/$(whoami)/.docker/config.json
-
-      - name: K8s delete secrets
-        if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
-        uses: actions-hub/kubectl@master
-        env:
-          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          args: delete secret registry-token -n ${{steps.deploy_setup.outputs.deploy_namespace}} --ignore-not-found
-
       - name: K8s create pull secret
         if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'
         uses: actions-hub/kubectl@master
         env:
           KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
-          args: create secret generic registry-token -n ${{steps.deploy_setup.outputs.deploy_namespace}} --type=kubernetes.io/dockerconfigjson --from-file=.dockerconfigjson=$HOME/.docker/config.json
+          args: create secret generic registry-token -n ${{steps.deploy_setup.outputs.deploy_namespace}} --type=kubernetes.io/dockerconfigjson --from-file=.dockerconfigjson=$HOME/.docker/config.json --dry-run=client --validate=false --output=yaml | kubectl apply -f -
 
       - name: K8s generates YAML
         if: steps.deploy_setup.outputs.deploy_as_k8s == 'true'