Skip to content

chore: Use environmental secrets in GitHub Actions#3440

Merged
sfc-gh-jcieslak merged 5 commits into
devfrom
using-environmental-secrets
Mar 17, 2025
Merged

chore: Use environmental secrets in GitHub Actions#3440
sfc-gh-jcieslak merged 5 commits into
devfrom
using-environmental-secrets

Conversation

@sfc-gh-jcieslak

@sfc-gh-jcieslak sfc-gh-jcieslak commented Mar 12, 2025
edited
Loading

Copy link
Copy Markdown
Member

Changes

Introduce environmental secrets for GitHub Actions:

  • Only set environment for jira and test environments
  • release and ok-to-test require app id and app private key, which will be retrieved later

Next steps

Check if all workflows are working properly

@sfc-gh-jcieslak sfc-gh-jcieslak changed the base branch from main to dev March 12, 2025 13:50
@github-actions

github-actions Bot commented Mar 12, 2025

Copy link
Copy Markdown

Integration tests failure for 9bbe40a76e65985ba790a87653404f478c1fae73

@github-actions

github-actions Bot commented Mar 12, 2025

Copy link
Copy Markdown

Integration tests failure for 51d2b1064c0cc0e8ce424fbcba6cb4877876d278

@sfc-gh-jcieslak sfc-gh-jcieslak force-pushed the using-environmental-secrets branch from 9bbe40a to 6c024e9 Compare March 13, 2025 09:20
@github-actions

github-actions Bot commented Mar 13, 2025

Copy link
Copy Markdown

Integration tests failure for 6c024e9a32e5511c71261b14831ff7f29d373c03

@github-actions

github-actions Bot commented Mar 13, 2025

Copy link
Copy Markdown

Integration tests cancelled for 1133d2a874edbf67e2cf6f28bc45ce2ae03fd9e1

sfc-gh-jmichalak
sfc-gh-jmichalak reviewed Mar 13, 2025
View reviewed changes
Comment thread .github/workflows/ok-to-test.yml
with:
app-id: ${{ secrets.OK_TO_TEST_APP_ID }}
private-key: ${{ secrets.OK_TO_TEST_PRIVATE_KEY }}
app-id: ${{ secrets.APP_ID }}

@sfc-gh-jmichalak sfc-gh-jmichalak Mar 13, 2025

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we have this more descriptive? Like OK_TO_TEST_APP_ID, etc?

@sfc-gh-jcieslak sfc-gh-jcieslak Mar 17, 2025

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can; it's bounded by the environment anyway. I'll change it later though (right with the release pipelines).

@sfc-gh-jcieslak sfc-gh-jcieslak merged commit 8e5a262 into dev Mar 17, 2025
@sfc-gh-jcieslak sfc-gh-jcieslak deleted the using-environmental-secrets branch March 17, 2025 10:20
sfc-gh-jmichalak pushed a commit that referenced this pull request Mar 24, 2025
@sfc-gh-jcieslak @sfc-gh-jmichalak
chore: Use environmental secrets in GitHub Actions (#3440)
6048977 
## Changes
Introduce environmental secrets for GitHub Actions:
- Only set environment for `jira` and `test` environments
- `release` and `ok-to-test` require app id and app private key, which
will be retrieved later

## Next steps
Check if all workflows are working properly
@snowflake-release-please snowflake-release-please Bot mentioned this pull request Mar 24, 2025
Merged
sfc-gh-jmichalak pushed a commit that referenced this pull request Mar 25, 2025
@snowflake-release-please
chore(main): release 1.0.5 (#3463)
3f8e4a2 
🤖 I have created a release *beep* *boop*
---


##
[1.0.5](v1.0.4...v1.0.5)
(2025-03-25)


### 🔧 **Misc**

* Bump tracking version to v1.0.5
([#3460](#3460))
([2af79e6](2af79e6))
* Bump tracking version to v1.0.5
([#3460](#3460))
([3aaf555](3aaf555))
* Document godebug flag usage
([#3429](#3429))
([5f04947](5f04947))
* Document godebug flag usage
([#3429](#3429))
([2dce172](2dce172))
* fix failing tests
([#3428](#3428))
([884ca54](884ca54))
* fix failing tests
([#3428](#3428))
([245fd86](245fd86))
* Fix migration guide
([#3468](#3468))
([6540841](6540841))
* GitHub actions cleanup
([#3431](#3431))
([1cc6d80](1cc6d80))
* GitHub actions cleanup
([#3431](#3431))
([a6e7429](a6e7429))
* Protect pentesting user and role from sweepers
([#3426](#3426))
([1478c5e](1478c5e))
* Protect pentesting user and role from sweepers
([#3426](#3426))
([6354dba](6354dba))
* Remove driver instrumentation
([#3439](#3439))
([61802a8](61802a8))
* Remove driver instrumentation
([#3439](#3439))
([e9fc6ed](e9fc6ed))
* Remove SF_TF_ADDITIONAL_DEBUG_LOGGING
([#3441](#3441))
([cab63e9](cab63e9))
* Remove SF_TF_ADDITIONAL_DEBUG_LOGGING
([#3441](#3441))
([b57db81](b57db81))
* Update GitHub actions
([#3455](#3455))
([3b027a8](3b027a8))
* Update GitHub actions
([#3455](#3455))
([368f090](368f090))
* Use environmental secrets in GitHub Actions
([#3440](#3440))
([6048977](6048977))
* Use environmental secrets in GitHub Actions
([#3440](#3440))
([8e5a262](8e5a262))


### 🐛 **Bug fixes:**

* Add boolean env validations and unit tests for TOML config validation
([#3453](#3453))
([c113928](c113928))
* Add boolean env validations and unit tests for TOML config validation
([#3453](#3453))
([408db4e](408db4e))
* Adjust docs
([#3451](#3451))
([46d071d](46d071d))
* Adjust docs
([#3451](#3451))
([29b0e4d](29b0e4d))
* Apply new assertions setup
([#3409](#3409))
([e5fdced](e5fdced))
* Apply new assertions setup
([#3409](#3409))
([af83da0](af83da0))
* Correct a typo in a tag resource example
([#3446](#3446))
([a0202d1](a0202d1))
* Correct a typo in a tag resource example
([#3446](#3446))
([afd19a2](afd19a2))
* Fix datasource acceptance tests setup part1
([#3443](#3443))
([58126ea](58126ea))
* Fix datasource acceptance tests setup part1
([#3443](#3443))
([5046654](5046654))
* Fix datasource acceptance tests setup part2
([#3445](#3445))
([6c7ceeb](6c7ceeb))
* Fix datasource acceptance tests setup part2
([#3445](#3445))
([4ba2bb6](4ba2bb6))
* Fix datasource acceptance tests setup part3
([#3448](#3448))
([5475c69](5475c69))
* Fix datasource acceptance tests setup part3
([#3448](#3448))
([f6fdc17](f6fdc17))
* Fix datasource acceptance tests setup part4
([#3449](#3449))
([04e082a](04e082a))
* Fix datasource acceptance tests setup part4
([#3449](#3449))
([935d969](935d969))
* Fix tasks tests
([#3434](#3434))
([33ab740](33ab740))
* Fix tasks tests
([#3434](#3434))
([b5457f6](b5457f6))
* Handle TOML file permissions
([#3444](#3444))
([6c746b4](6c746b4))
* Handle TOML file permissions
([#3444](#3444))
([e4ed171](e4ed171))
* Limit TOML file size
([#3432](#3432))
([55fcbe3](55fcbe3))
* Limit TOML file size
([#3432](#3432))
([2e12981](2e12981))
* Quick fix assertions
([#3438](#3438))
([0e05c6f](0e05c6f))
* Quick fix assertions
([#3438](#3438))
([a430ba7](a430ba7))
* Skip file permission verification by default
([#3476](#3476))
([562173d](562173d))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: snowflake-release-please[bot] <105954990+snowflake-release-please[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sfc-gh-jmichalak sfc-gh-jmichalak sfc-gh-jmichalak approved these changes

@sfc-gh-asawicki sfc-gh-asawicki sfc-gh-asawicki approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sfc-gh-jcieslak @sfc-gh-asawicki @sfc-gh-jmichalak