From 33184bcc5e5ed7cd5536cdb07d68a2d6b3dd3393 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 30 May 2024 11:46:05 +0200 Subject: [PATCH] buildkite: use shared secret for obltmachine (#3656) --- .buildkite/hooks/prepare-benchmark.sh | 6 ------ .buildkite/hooks/prepare-common.sh | 8 ++++++++ .buildkite/hooks/prepare-release.sh | 4 ++-- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.buildkite/hooks/prepare-benchmark.sh b/.buildkite/hooks/prepare-benchmark.sh index fb9f17b731..056042566a 100644 --- a/.buildkite/hooks/prepare-benchmark.sh +++ b/.buildkite/hooks/prepare-benchmark.sh @@ -7,12 +7,6 @@ ES_USER_SECRET=$(vault read -field=es_user secret/ci/elastic-apm-agent-java/open ES_PASS_SECRET=$(vault read -field=es_pass secret/ci/elastic-apm-agent-java/opentelemetry-benchmark) export ES_URL_SECRET ES_USER_SECRET ES_PASS_SECRET -echo "--- Prepare github secrets :vault:" -GITHUB_SECRET=$(vault kv get -field token "kv/ci-shared/observability-ci/github-bot-user") -GITHUB_USERNAME=$(vault kv get -field username "kv/ci-shared/observability-ci/github-bot-user") -GH_TOKEN=$GITHUB_SECRET -export GITHUB_SECRET GH_TOKEN GITHUB_USERNAME - echo "--- Install gh :github:" GH_URL=https://github.com/cli/cli/releases/download/v2.37.0/gh_2.37.0_linux_amd64.tar.gz GH_HOME=$(pwd)/.gh diff --git a/.buildkite/hooks/prepare-common.sh b/.buildkite/hooks/prepare-common.sh index 7697908c6f..b3d16a1aae 100644 --- a/.buildkite/hooks/prepare-common.sh +++ b/.buildkite/hooks/prepare-common.sh @@ -35,3 +35,11 @@ fi # Validate java is available in the runner. java -version + +echo "--- Prepare github secrets :vault:" +VAULT_SECRET_PATH=kv/ci-shared/observability-ci/github-bot-user +GITHUB_SECRET=$(vault kv get -field token "${VAULT_SECRET_PATH}") +GIT_USER=$(vault kv get -field username "${VAULT_SECRET_PATH}") +GIT_EMAIL=$(vault kv get -field email "${VAULT_SECRET_PATH}") +GH_TOKEN=$GITHUB_SECRET +export GITHUB_SECRET GH_TOKEN GIT_USER GIT_EMAIL diff --git a/.buildkite/hooks/prepare-release.sh b/.buildkite/hooks/prepare-release.sh index def869b9d2..70175af39c 100644 --- a/.buildkite/hooks/prepare-release.sh +++ b/.buildkite/hooks/prepare-release.sh @@ -35,5 +35,5 @@ echo "$KEYPASS_SECRET" | gpg --batch --import "$KEY_FILE" echo "--- Configure git context :git:" # Configure the committer since the maven release requires to push changes to GitHub # This will help with the SLSA requirements. -git config --global user.email "infra-root+apmmachine@elastic.co" -git config --global user.name "apmmachine" +git config --global user.email "${GIT_EMAIL}" +git config --global user.name "${GIT_USER}"