From 9cfde6e2731b0abed3c1f33341682b2630f435a2 Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Wed, 27 Sep 2023 11:12:54 +0800 Subject: [PATCH 1/8] Revert "Revert "Use installation token for OS Botify"" This reverts commit d2f02a3258c1110a4f5d09fdbe2e59b53ef09fc9. --- .../composite/setupGitForOSBotify/action.yml | 20 +++++++++++++--- .github/workflows/createNewVersion.yml | 18 ++++++++++----- .github/workflows/deploy.yml | 22 +++++++++++------- .github/workflows/finishReleaseCycle.yml | 23 ++++++++++++++----- 4 files changed, 60 insertions(+), 23 deletions(-) diff --git a/.github/actions/composite/setupGitForOSBotify/action.yml b/.github/actions/composite/setupGitForOSBotify/action.yml index 0c06e2f4e16..2a3bb50cfb0 100644 --- a/.github/actions/composite/setupGitForOSBotify/action.yml +++ b/.github/actions/composite/setupGitForOSBotify/action.yml @@ -1,11 +1,17 @@ -name: 'Setup Git for OSBotify' -description: 'Setup Git for OSBotify' +name: "Setup Git for OSBotify" +description: "Setup Git for OSBotify" inputs: GPG_PASSPHRASE: - description: 'Passphrase used to decrypt GPG key' + description: "Passphrase used to decrypt GPG key" required: true +outputs: + # Do not try to use this for committing code. Use `secrets.OS_BOTIFY_COMMIT_TOKEN` instead + OS_BOTIFY_API_TOKEN: + description: Token to use for GitHub API interactions. + value: ${{ steps.generateToken.outputs.token }} + runs: using: composite steps: @@ -29,3 +35,11 @@ runs: shell: bash if: runner.debug == '1' run: echo "GIT_TRACE=true" >> "$GITHUB_ENV" + + - name: Generate a token + id: generateToken + uses: tibdex/github-app-token@021a2405c7f990db57f5eae5397423dcc554159c + with: + app_id: ${{ secrets.OS_BOTIFY_APP_ID }} + private_key: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + installation_id: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml index b2703731df7..298d9d2f7eb 100644 --- a/.github/workflows/createNewVersion.yml +++ b/.github/workflows/createNewVersion.yml @@ -26,12 +26,15 @@ on: LARGE_SECRET_PASSPHRASE: description: Passphrase used to decrypt GPG key required: true - OS_BOTIFY_TOKEN: - description: Token for the OSBotify user - required: true SLACK_WEBHOOK: description: Webhook used to comment in slack required: true + OS_BOTIFY_INSTALLATION_ID: + description: Installation ID for OS Botify App + required: true + OS_BOTIFY_COMMIT_TOKEN: + description: OSBotify personal access token, used to workaround committing to protected branch + required: true jobs: validateActor: @@ -43,7 +46,7 @@ jobs: id: getUserPermissions run: echo "PERMISSION=$(gh api /repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission | jq -r '.permission')" >> "$GITHUB_OUTPUT" env: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }} createNewVersion: runs-on: macos-latest @@ -63,9 +66,12 @@ jobs: - uses: actions/checkout@v3 with: ref: main - token: ${{ secrets.OS_BOTIFY_TOKEN }} + # The OS_BOTIFY_COMMIT_TOKEN is a personal access token tied to osbotify + # This is a workaround to allow pushes to a protected branch + token: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }} - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main + id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} @@ -73,7 +79,7 @@ jobs: id: bumpVersion uses: Expensify/App/.github/actions/javascript/bumpVersion@main with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} SEMVER_LEVEL: ${{ inputs.SEMVER_LEVEL }} - name: Commit new version diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b3105ee05c2..1ccb1d2ccdf 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -9,15 +9,16 @@ jobs: runs-on: ubuntu-latest if: github.ref == 'refs/heads/staging' steps: + - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main + id: setupGitForOSBotify + with: + GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + - name: Checkout staging branch uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 with: ref: staging - token: ${{ secrets.OS_BOTIFY_TOKEN }} - - - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main - with: - GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + token: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} - name: Tag version run: git tag "$(npm run print-version --silent)" @@ -29,10 +30,15 @@ jobs: runs-on: ubuntu-latest if: github.ref == 'refs/heads/production' steps: + - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main + id: setupGitForOSBotify + with: + GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + - uses: actions/checkout@v3 with: ref: production - token: ${{ secrets.OS_BOTIFY_TOKEN }} + token: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main with: @@ -46,7 +52,7 @@ jobs: uses: Expensify/App/.github/actions/javascript/getDeployPullRequestList@main with: TAG: ${{ env.PRODUCTION_VERSION }} - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} IS_PRODUCTION_DEPLOY: true - name: Generate Release Body @@ -61,4 +67,4 @@ jobs: tag_name: ${{ env.PRODUCTION_VERSION }} body: ${{ steps.getReleaseBody.outputs.RELEASE_BODY }} env: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} diff --git a/.github/workflows/finishReleaseCycle.yml b/.github/workflows/finishReleaseCycle.yml index b78a5fac4b6..c80b235277a 100644 --- a/.github/workflows/finishReleaseCycle.yml +++ b/.github/workflows/finishReleaseCycle.yml @@ -12,6 +12,11 @@ jobs: outputs: isValid: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && !fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }} steps: + - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main + id: setupGitForOSBotify + with: + GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + - name: Validate actor is deployer id: isDeployer run: | @@ -21,13 +26,13 @@ jobs: echo "IS_DEPLOYER=false" >> "$GITHUB_OUTPUT" fi env: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} - name: Reopen and comment on issue if: ${{ !fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }} uses: Expensify/App/.github/actions/javascript/reopenIssueWithComment@main with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} ISSUE_NUMBER: ${{ github.event.issue.number }} COMMENT: | Sorry, only members of @Expensify/Mobile-Deployers can close deploy checklists. @@ -38,14 +43,14 @@ jobs: id: checkDeployBlockers uses: Expensify/App/.github/actions/javascript/checkDeployBlockers@main with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} ISSUE_NUMBER: ${{ github.event.issue.number }} - name: Reopen and comment on issue if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }} uses: Expensify/App/.github/actions/javascript/reopenIssueWithComment@main with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} ISSUE_NUMBER: ${{ github.event.issue.number }} COMMENT: | This issue either has unchecked items or has not yet been marked with the `:shipit:` emoji of approval. @@ -68,6 +73,7 @@ jobs: token: ${{ secrets.OS_BOTIFY_TOKEN }} - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main + id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} @@ -125,10 +131,15 @@ jobs: runs-on: ubuntu-latest needs: [updateStaging, createNewPatchVersion] steps: + - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main + id: setupGitForOSBotify + with: + GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + - uses: actions/checkout@v3 with: ref: staging - token: ${{ secrets.OS_BOTIFY_TOKEN }} + token: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} # Create a local git tag so that GitUtils.getPullRequestsMergedBetween can use `git log` to generate a # list of pull requests that were merged between this version tag and another. @@ -140,7 +151,7 @@ jobs: - name: Create new StagingDeployCash uses: Expensify/App/.github/actions/javascript/createOrUpdateStagingDeploy@main with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} NPM_VERSION: ${{ needs.createNewPatchVersion.outputs.NEW_VERSION }} - if: ${{ failure() }} From 82677b2acced829a3c1bff54e8be9e3120f3d213 Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Thu, 28 Sep 2023 09:05:39 +0800 Subject: [PATCH 2/8] switch action secrets to input --- .github/actions/composite/setupGitForOSBotify/action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/composite/setupGitForOSBotify/action.yml b/.github/actions/composite/setupGitForOSBotify/action.yml index 2a3bb50cfb0..3685df3445d 100644 --- a/.github/actions/composite/setupGitForOSBotify/action.yml +++ b/.github/actions/composite/setupGitForOSBotify/action.yml @@ -40,6 +40,6 @@ runs: id: generateToken uses: tibdex/github-app-token@021a2405c7f990db57f5eae5397423dcc554159c with: - app_id: ${{ secrets.OS_BOTIFY_APP_ID }} - private_key: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - installation_id: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} + app_id: ${{ inputs.OS_BOTIFY_APP_ID }} + private_key: ${{ inputs.OS_BOTIFY_PRIVATE_KEY }} + installation_id: ${{ inputs.OS_BOTIFY_INSTALLATION_ID }} From 5fb342c13c630a970bcaa2e7dd5b2ede407f75c7 Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Thu, 28 Sep 2023 09:28:04 +0800 Subject: [PATCH 3/8] update secrets for osbotify --- .github/workflows/cherryPick.yml | 7 +++++-- .github/workflows/createNewVersion.yml | 3 +++ .github/workflows/deploy.yml | 6 ++++++ .github/workflows/finishReleaseCycle.yml | 9 +++++++++ .github/workflows/preDeploy.yml | 3 +++ 5 files changed, 26 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cherryPick.yml b/.github/workflows/cherryPick.yml index b6558b04964..ca758acc278 100644 --- a/.github/workflows/cherryPick.yml +++ b/.github/workflows/cherryPick.yml @@ -44,12 +44,15 @@ jobs: uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Get previous app version id: getPreviousVersion uses: Expensify/App/.github/actions/javascript/getPreviousVersion@main with: - SEMVER_LEVEL: 'PATCH' + SEMVER_LEVEL: "PATCH" - name: Fetch history of relevant refs run: | @@ -119,7 +122,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - - name: 'Announces a CP failure in the #announce Slack room' + - name: "Announces a CP failure in the #announce Slack room" uses: 8398a7/action-slack@v3 if: ${{ failure() }} with: diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml index bb71c66a329..a29ea7cff66 100644 --- a/.github/workflows/createNewVersion.yml +++ b/.github/workflows/createNewVersion.yml @@ -77,6 +77,9 @@ jobs: id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Generate version id: bumpVersion diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 36eebee26ee..733a4bad777 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -13,6 +13,9 @@ jobs: id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Checkout staging branch uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 @@ -39,6 +42,9 @@ jobs: id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - uses: actions/checkout@v3 - name: Checkout diff --git a/.github/workflows/finishReleaseCycle.yml b/.github/workflows/finishReleaseCycle.yml index ad399466e6a..83037d93ea1 100644 --- a/.github/workflows/finishReleaseCycle.yml +++ b/.github/workflows/finishReleaseCycle.yml @@ -16,6 +16,9 @@ jobs: id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Validate actor is deployer id: isDeployer @@ -79,6 +82,9 @@ jobs: uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Update production branch run: | @@ -118,6 +124,9 @@ jobs: uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Update staging branch to trigger staging deploy run: | diff --git a/.github/workflows/preDeploy.yml b/.github/workflows/preDeploy.yml index 186490c7baa..272ddb49d85 100644 --- a/.github/workflows/preDeploy.yml +++ b/.github/workflows/preDeploy.yml @@ -95,6 +95,9 @@ jobs: uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} + OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} + OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Update staging branch from main run: | From 4f2830129a6d82a0233dd18d9fd4969c43d6fbcd Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Thu, 28 Sep 2023 09:28:49 +0800 Subject: [PATCH 4/8] remove duplicate step --- .github/workflows/deploy.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 733a4bad777..0f197278240 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -23,11 +23,6 @@ jobs: ref: staging token: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} - - name: Setup git for OSBotify - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main - with: - GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - - name: Tag version run: git tag "$(npm run print-version --silent)" From 83a35885459a5a720d2e58ec6528f16672a24917 Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Thu, 28 Sep 2023 09:43:09 +0800 Subject: [PATCH 5/8] add missing secrets to createNewVersion --- .github/workflows/createNewVersion.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml index a29ea7cff66..23dca8d1eff 100644 --- a/.github/workflows/createNewVersion.yml +++ b/.github/workflows/createNewVersion.yml @@ -35,6 +35,12 @@ on: OS_BOTIFY_COMMIT_TOKEN: description: OSBotify personal access token, used to workaround committing to protected branch required: true + OS_BOTIFY_APP_ID: + description: Application ID for OS Botify App + required: true + OS_BOTIFY_PRIVATE_KEY: + description: OSBotify private key + required: true jobs: validateActor: From fd134cdebe805213cad0ce9068f0b5718b1b175b Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Thu, 28 Sep 2023 11:27:14 +0800 Subject: [PATCH 6/8] update action to 2.1.0 --- .github/actions/composite/setupGitForOSBotify/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/composite/setupGitForOSBotify/action.yml b/.github/actions/composite/setupGitForOSBotify/action.yml index 3685df3445d..d9901038e45 100644 --- a/.github/actions/composite/setupGitForOSBotify/action.yml +++ b/.github/actions/composite/setupGitForOSBotify/action.yml @@ -38,7 +38,7 @@ runs: - name: Generate a token id: generateToken - uses: tibdex/github-app-token@021a2405c7f990db57f5eae5397423dcc554159c + uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a with: app_id: ${{ inputs.OS_BOTIFY_APP_ID }} private_key: ${{ inputs.OS_BOTIFY_PRIVATE_KEY }} From f9f5b790aba687ade1f5e8fb1ef204df371df3af Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Thu, 28 Sep 2023 11:30:21 +0800 Subject: [PATCH 7/8] add additional inputs --- .github/actions/composite/setupGitForOSBotify/action.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/actions/composite/setupGitForOSBotify/action.yml b/.github/actions/composite/setupGitForOSBotify/action.yml index d9901038e45..bacf45cf1ed 100644 --- a/.github/actions/composite/setupGitForOSBotify/action.yml +++ b/.github/actions/composite/setupGitForOSBotify/action.yml @@ -5,6 +5,12 @@ inputs: GPG_PASSPHRASE: description: "Passphrase used to decrypt GPG key" required: true + OS_BOTIFY_APP_ID: + description: "Application ID for OS Botify" + required: true + OS_BOTIFY_PRIVATE_KEY: + description: "OS Botify's private key" + required: true outputs: # Do not try to use this for committing code. Use `secrets.OS_BOTIFY_COMMIT_TOKEN` instead @@ -42,4 +48,3 @@ runs: with: app_id: ${{ inputs.OS_BOTIFY_APP_ID }} private_key: ${{ inputs.OS_BOTIFY_PRIVATE_KEY }} - installation_id: ${{ inputs.OS_BOTIFY_INSTALLATION_ID }} From 503a08dc60d3c09f2d2e5654578b40e1fb6a760a Mon Sep 17 00:00:00 2001 From: Justin Persaud Date: Thu, 28 Sep 2023 11:31:26 +0800 Subject: [PATCH 8/8] remove installation id --- .github/workflows/cherryPick.yml | 1 - .github/workflows/createNewVersion.yml | 4 ---- .github/workflows/deploy.yml | 2 -- .github/workflows/finishReleaseCycle.yml | 3 --- .github/workflows/preDeploy.yml | 1 - 5 files changed, 11 deletions(-) diff --git a/.github/workflows/cherryPick.yml b/.github/workflows/cherryPick.yml index ca758acc278..995a8f36ab5 100644 --- a/.github/workflows/cherryPick.yml +++ b/.github/workflows/cherryPick.yml @@ -46,7 +46,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Get previous app version id: getPreviousVersion diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml index 23dca8d1eff..a693095aaff 100644 --- a/.github/workflows/createNewVersion.yml +++ b/.github/workflows/createNewVersion.yml @@ -29,9 +29,6 @@ on: SLACK_WEBHOOK: description: Webhook used to comment in slack required: true - OS_BOTIFY_INSTALLATION_ID: - description: Installation ID for OS Botify App - required: true OS_BOTIFY_COMMIT_TOKEN: description: OSBotify personal access token, used to workaround committing to protected branch required: true @@ -85,7 +82,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Generate version id: bumpVersion diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 0f197278240..c42f3bee617 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -15,7 +15,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Checkout staging branch uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 @@ -39,7 +38,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - uses: actions/checkout@v3 - name: Checkout diff --git a/.github/workflows/finishReleaseCycle.yml b/.github/workflows/finishReleaseCycle.yml index 83037d93ea1..1ea940f5535 100644 --- a/.github/workflows/finishReleaseCycle.yml +++ b/.github/workflows/finishReleaseCycle.yml @@ -18,7 +18,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Validate actor is deployer id: isDeployer @@ -84,7 +83,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Update production branch run: | @@ -126,7 +124,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Update staging branch to trigger staging deploy run: | diff --git a/.github/workflows/preDeploy.yml b/.github/workflows/preDeploy.yml index 272ddb49d85..86fee0fd3de 100644 --- a/.github/workflows/preDeploy.yml +++ b/.github/workflows/preDeploy.yml @@ -97,7 +97,6 @@ jobs: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} - OS_BOTIFY_INSTALLATION_ID: ${{ secrets.OS_BOTIFY_INSTALLATION_ID }} - name: Update staging branch from main run: |