From 1f7a073dc53647b70985c691654eecea43dc2021 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Fri, 14 Jan 2022 11:28:49 -0500 Subject: [PATCH] chore(python): update release.sh to use keystore (#107) Source-Link: https://github.com/googleapis/synthtool/commit/69fda12e2994f0b595a397e8bb6e3e9f380524eb Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-python:latest@sha256:ae600f36b6bc972b368367b6f83a1d91ec2c82a4a116b383d67d547c56fe6de3 Co-authored-by: Owl Bot --- .../.github/.OwlBot.lock.yaml | 2 +- .../.kokoro/release.sh | 2 +- .../.kokoro/release/common.cfg | 12 +++++++++++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/packages/google-cloud-binary-authorization/.github/.OwlBot.lock.yaml b/packages/google-cloud-binary-authorization/.github/.OwlBot.lock.yaml index ff5126c188d0..eecb84c21b27 100644 --- a/packages/google-cloud-binary-authorization/.github/.OwlBot.lock.yaml +++ b/packages/google-cloud-binary-authorization/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/cloud-devrel-public-resources/owlbot-python:latest - digest: sha256:dfa9b663b32de8b5b327e32c1da665a80de48876558dd58091d8160c60ad7355 + digest: sha256:ae600f36b6bc972b368367b6f83a1d91ec2c82a4a116b383d67d547c56fe6de3 diff --git a/packages/google-cloud-binary-authorization/.kokoro/release.sh b/packages/google-cloud-binary-authorization/.kokoro/release.sh index 90a4f4d5b44b..8f9f29c0b17e 100755 --- a/packages/google-cloud-binary-authorization/.kokoro/release.sh +++ b/packages/google-cloud-binary-authorization/.kokoro/release.sh @@ -26,7 +26,7 @@ python3 -m pip install --upgrade twine wheel setuptools export PYTHONUNBUFFERED=1 # Move into the package, build the distribution and upload. -TWINE_PASSWORD=$(cat "${KOKORO_GFILE_DIR}/secret_manager/google-cloud-pypi-token") +TWINE_PASSWORD=$(cat "${KOKORO_KEYSTORE_DIR}/73713_google-cloud-pypi-token-keystore-1") cd github/python-binary-authorization python3 setup.py sdist bdist_wheel twine upload --username __token__ --password "${TWINE_PASSWORD}" dist/* diff --git a/packages/google-cloud-binary-authorization/.kokoro/release/common.cfg b/packages/google-cloud-binary-authorization/.kokoro/release/common.cfg index 14dad59d7e94..ecbcf0f2aea6 100644 --- a/packages/google-cloud-binary-authorization/.kokoro/release/common.cfg +++ b/packages/google-cloud-binary-authorization/.kokoro/release/common.cfg @@ -23,8 +23,18 @@ env_vars: { value: "github/python-binary-authorization/.kokoro/release.sh" } +# Fetch PyPI password +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73713 + keyname: "google-cloud-pypi-token-keystore-1" + } + } +} + # Tokens needed to report release status back to GitHub env_vars: { key: "SECRET_MANAGER_KEYS" - value: "releasetool-publish-reporter-app,releasetool-publish-reporter-googleapis-installation,releasetool-publish-reporter-pem,google-cloud-pypi-token" + value: "releasetool-publish-reporter-app,releasetool-publish-reporter-googleapis-installation,releasetool-publish-reporter-pem" }