Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use shared setupGitForOSBotify in all workflows #3

Merged
merged 8 commits into from
Feb 12, 2025
Merged

Use shared setupGitForOSBotify in all workflows #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
6a44e06
Init test
AndrewGable Feb 6, 2025
4c541e3
Change where action is
AndrewGable Feb 6, 2025
b1e2c11
Use shared setupGitForOSBotify in all workflows
AndrewGable Feb 7, 2025
6c78f93
Delete test file
AndrewGable Feb 7, 2025
54ac660
Fix lint for workflow
AndrewGable Feb 7, 2025
7c9182e
Merge branch 'Rory-VariableOPBucket' into andrew-test-setup-osbotify
AndrewGable Feb 10, 2025
cb5266a
Merge branch 'main' into andrew-test-setup-osbotify
AndrewGable Feb 10, 2025
e2b9dea
Add `vars.OP_VAULT`
AndrewGable Feb 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion .github/actions/composite/setupGitForOSBotify/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ inputs:
OP_SERVICE_ACCOUNT_TOKEN:
description: "1Password service account token"
required: true
OP_VAULT:
description: "1Password vault to read the GPG private key from"
required: true

runs:
using: composite
Expand All @@ -16,7 +19,7 @@ runs:
shell: bash
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }}
run: op read "op://${{ vars.OP_VAULT }}/OSBotify-private-key.asc/OSBotify-private-key.asc" --force --out-file ./OSBotify-private-key.asc
run: op read "op://${{ inputs.OP_VAULT }}/OSBotify-private-key.asc/OSBotify-private-key.asc" --force --out-file ./OSBotify-private-key.asc

- name: Import OSBotify GPG Key
shell: bash
Expand Down
5 changes: 4 additions & 1 deletion .github/actions/composite/setupGitForOSBotifyApp/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ inputs:
OS_BOTIFY_PRIVATE_KEY:
description: "OS Botify's private key"
required: true
OP_VAULT:
description: "1Password vault to read the GPG private key from"
required: true

outputs:
# Do not try to use this for committing code. Use `secrets.OS_BOTIFY_COMMIT_TOKEN` instead
Expand All @@ -31,7 +34,7 @@ runs:
shell: bash
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ inputs.OP_SERVICE_ACCOUNT_TOKEN }}
run: op read "op://${{ vars.OP_VAULT }}/OSBotify-private-key.asc/OSBotify-private-key.asc" --force --out-file ./OSBotify-private-key.asc
run: op read "op://${{ inputs.OP_VAULT }}/OSBotify-private-key.asc/OSBotify-private-key.asc" --force --out-file ./OSBotify-private-key.asc

- name: Import OSBotify GPG Key
shell: bash
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/cherryPick.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,12 @@ jobs:

- name: Set up git for OSBotify
id: setupGitForOSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
uses: Expensify/GitHub-Actions/setupGitForOSBotify@main
with:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
OP_VAULT: ${{ vars.OP_VAULT }}

- name: Get previous app version
id: getPreviousVersion
Expand Down
8 changes: 7 additions & 1 deletion .github/workflows/createNewVersion.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ on:
OP_SERVICE_ACCOUNT_TOKEN:
description: 1Password service account token
required: true
OS_BOTIFY_APP_ID:
description: Application ID for OS Botify
required: true

jobs:
createNewVersion:
Expand Down Expand Up @@ -61,10 +64,13 @@ jobs:
OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }}

- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotify
uses: Expensify/GitHub-Actions/setupGitForOSBotify@main
id: setupGitForOSBotify
with:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
SETUP_AS_APP: false
OP_VAULT: ${{ vars.OP_VAULT }}
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the one I am not 100% on.. Does vars need anything special for workflow_call?

Copy link
Collaborator

@roryabraham roryabraham Feb 12, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

glad you called this out. I looked into it and found some good resources:

To reuse variables in multiple workflows, set them at the organization, repository, or environment levels and reference them using the vars context

You can create configuration variables for use across multiple workflows, and can define them at either the organization, repository, or environment level. ... When you define configuration variables, they are automatically available in the vars context. For more information, see Using the vars context to access configuration variable values.

For reusable workflows, the variables from the caller workflow's repository are used. Variables from the repository that contains the called workflow are not made available to the caller workflow

So it seems like vars should work within callable workflows 👍🏼


- name: Generate new E/App version
id: bumpVersion
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,13 @@ jobs:
OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }}

- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
uses: Expensify/GitHub-Actions/setupGitForOSBotify@main
id: setupGitForOSBotify
with:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
OP_VAULT: ${{ vars.OP_VAULT }}

- name: Get app version
id: getAppVersion
Expand Down
9 changes: 6 additions & 3 deletions .github/workflows/finishReleaseCycle.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,13 @@ jobs:
token: ${{ secrets.OS_BOTIFY_TOKEN }}

- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
uses: Expensify/GitHub-Actions/setupGitForOSBotify@main
id: setupGitForOSBotify
with:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
OP_VAULT: ${{ vars.OP_VAULT }}

- name: Validate actor is deployer
id: isDeployer
Expand Down Expand Up @@ -85,11 +86,12 @@ jobs:

- name: Setup git for OSBotify
id: setupGitForOSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
uses: Expensify/GitHub-Actions/setupGitForOSBotify@main
with:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
OP_VAULT: ${{ vars.OP_VAULT }}

- name: Update production branch
run: |
Expand Down Expand Up @@ -126,11 +128,12 @@ jobs:
token: ${{ secrets.OS_BOTIFY_TOKEN }}

- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
uses: Expensify/GitHub-Actions/setupGitForOSBotify@main
with:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
OP_VAULT: ${{ vars.OP_VAULT }}

- name: Update staging branch to trigger staging deploy
run: |
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/preDeploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,11 +102,12 @@ jobs:
token: ${{ secrets.OS_BOTIFY_TOKEN }}

- name: Setup Git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
uses: Expensify/GitHub-Actions/setupGitForOSBotify@main
with:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
OP_VAULT: ${{ vars.OP_VAULT }}

- name: Update staging branch from main
run: |
Expand Down
Loading