Skip to content

Merge pull request #51 from rancher/sec-path #5

Merge pull request #51 from rancher/sec-path

Merge pull request #51 from rancher/sec-path #5

Workflow file for this run

name: Release
on:
push:
tags:
- v*
permissions:
contents: write # Upload artefacts to release.
id-token: write # required by read-vault-secrets.
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 'stable'
- name: Load Secrets from Vault
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/testing-private-key/credentials token | TESTING_PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/testing-private-key-pass-phrase/credentials token | TESTING_PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/testing-aws-s3-bucket/credentials token | TESTING_AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/testing-aws-access-key-id/credentials token | TESTING_AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/testing-aws-secret-access-key/credentials token | TESTING_AWS_SECRET_ACCESS_KEY ;
secret/data/github/repo/${{ github.repository }}/private-key/credentials token | PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/private-key-pass-phrase/credentials token | PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/aws-s3-bucket/credentials token | PRODUCTION_AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/aws-access-key-id/credentials token | PRODUCTION_AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/aws-secret-access-key/credentials token | PRODUCTION_AWS_SECRET_ACCESS_KEY
- run: make build
env:
TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}
PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
- run: make upload
env:
TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}
TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
PRODUCTION_AWS_ACCESS_KEY_ID: ${{ env.PRODUCTION_AWS_ACCESS_KEY_ID }}
PRODUCTION_AWS_SECRET_ACCESS_KEY: ${{ env.PRODUCTION_AWS_SECRET_ACCESS_KEY }}
PRODUCTION_AWS_S3_BUCKET: ${{ env.PRODUCTION_AWS_S3_BUCKET }}
AWS_EC2_METADATA_DISABLED: true
- run: make upload-gh
env:
GH_TOKEN: ${{ github.token }}