Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backport of ci: pull secrets from Vault in nomad-enterprise into release/1.5.x #17846

Conversation

hc-github-team-nomad-core
Copy link
Contributor

Backport

This PR is auto-generated from #17841 to be assessed for backporting due to the inclusion of the label backport/1.5.x.

The below text is copied from the body of the original PR.


Now that (most) secrets-requiring workflows run on self-hosted runners in nomad-enterprise (#17775), we're able to (conditionally) pull secrets from our internal CI Vault cluster.

The approach here uses a composite action to avoid repetitive boilerplate, which also means it needs* to set secrets as env vars (also the default behavior of hashicorp/vault-action, and common practice in other projects, sans the composite action). Otherwise, it would require an odd maneuver, for GHA reasons, to have the composite output a dynamic map instead (*but it is possible, if we really want to. ask me how if you'd like).

As with the aforementioned PR, this is here in OSS Nomad repo to avoid merge conflicts with enterprise. I've pre-tested the workflows there, so hopefully no runtime surprises when we go to merge oss->ent.

@hc-github-team-nomad-core hc-github-team-nomad-core force-pushed the backport/ci-vault-secrets/nominally-apparent-goldfish branch from 3cb5931 to df1f908 Compare July 7, 2023 19:27
@hc-github-team-nomad-core hc-github-team-nomad-core merged commit 9702b8e into release/1.5.x Jul 7, 2023
@hc-github-team-nomad-core hc-github-team-nomad-core force-pushed the backport/ci-vault-secrets/nominally-apparent-goldfish branch from a463c76 to 87afcc0 Compare July 7, 2023 19:27
@hc-github-team-nomad-core hc-github-team-nomad-core deleted the backport/ci-vault-secrets/nominally-apparent-goldfish branch July 7, 2023 19:27
@vercel vercel bot temporarily deployed to Preview – nomad-storybook-and-ui July 7, 2023 19:32 Inactive
@vercel vercel bot temporarily deployed to Preview – nomad July 7, 2023 19:33 Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants