Skip to content

Commit

Permalink
introduce new pattern of GH PAT usage for #2641
Browse files Browse the repository at this point in the history
  • Loading branch information
Mykyta-Serbynevskyi committed Jan 31, 2023
1 parent 63064d9 commit ead202a
Show file tree
Hide file tree
Showing 20 changed files with 79 additions and 214 deletions.
9 changes: 1 addition & 8 deletions .github/workflows/approve-and-merge-dispatch.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,11 @@ jobs:
steps:
- name: Checkout Airbyte
uses: actions/checkout@v3
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OCTAVIA_GITHUB_RUNNER_TOKEN }} \
${{ secrets.SUPERTOPHER_PAT }}
- name: Auto Approve Slash Command Dispatch
uses: peter-evans/slash-command-dispatch@v3
id: scd
with:
token: ${{ env.PAT }}
token: ${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}
permission: write
issue-type: pull-request
repository: airbytehq/airbyte-cloud
Expand Down
7 changes: 0 additions & 7 deletions .github/workflows/commands-for-testing-tool.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,6 @@ jobs:
steps:
- name: Checkout Airbyte
uses: actions/checkout@v3
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
- name: Get PR repo and ref
id: getref
run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/connector_integration_tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
- name: Launch Integration Tests
run: python ./tools/bin/ci_integration_workflow_launcher.py base-normalization source-acceptance-test source:beta source:GA destination:beta destination:GA
env:
GITHUB_TOKEN: ${{ secrets.SLASH_COMMAND_PAT }}
GITHUB_TOKEN: ${{ secrets.GH_PAT_MAINTENANCE_OSS }}
launch_integration_tests_alpha_only:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
Expand All @@ -47,4 +47,4 @@ jobs:
- name: Launch Integration Tests (Alpha connectors)
run: python ./tools/bin/ci_integration_workflow_launcher.py source:alpha destination:alpha
env:
GITHUB_TOKEN: ${{ secrets.SLASH_COMMAND_PAT }}
GITHUB_TOKEN: ${{ secrets.GH_PAT_MAINTENANCE_OSS }}
7 changes: 1 addition & 6 deletions .github/workflows/deploy-oss-catalog.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,14 +36,9 @@ jobs:
gcs_bucket_name="prod-airbyte-cloud-connector-metadata-service"
catalog_path="airbyte-config/init/src/main/resources/seed/oss_catalog.json"
gsutil -h "Cache-Control:public, max-age=10" cp "$catalog_path" "gs://$gcs_bucket_name/oss_catalog.json"
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: Trigger Cloud catalog generation
uses: peter-evans/repository-dispatch@v2
with:
token: ${{ env.PAT }}
token: ${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}
repository: airbytehq/airbyte-cloud
event-type: generate-cloud-catalog
12 changes: 4 additions & 8 deletions .github/workflows/gke-kube-test-command.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -152,10 +150,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down
81 changes: 24 additions & 57 deletions .github/workflows/gradle.yml
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Set up CI Gradle Properties
run: |
Expand Down Expand Up @@ -191,10 +190,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -230,7 +227,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Install Pyenv
run: python3 -m pip install virtualenv==16.7.9 --user
Expand Down Expand Up @@ -345,10 +341,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -378,10 +372,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -414,7 +406,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Set up CI Gradle Properties
run: |
Expand Down Expand Up @@ -469,10 +460,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -502,10 +491,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -538,7 +525,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Delete default old docker and replace it with a new one
shell: bash
Expand Down Expand Up @@ -602,10 +588,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -635,10 +619,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -670,7 +652,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- uses: actions/setup-node@v3
with:
Expand Down Expand Up @@ -805,7 +786,6 @@ jobs:
if: always()
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Publish Platform Test Results
uses: EnricoMi/publish-unit-test-result-action@v2
Expand Down Expand Up @@ -881,10 +861,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -913,10 +891,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -951,7 +927,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Install unzip
shell: bash
Expand Down Expand Up @@ -1028,7 +1003,6 @@ jobs:
if: always()
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Publish Kube Test Results
id: kube-results
Expand Down Expand Up @@ -1109,10 +1083,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -1141,10 +1113,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -1199,7 +1169,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- uses: actions/setup-java@v1
with:
Expand Down Expand Up @@ -1344,10 +1313,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down
12 changes: 2 additions & 10 deletions .github/workflows/label-github-issues-by-context.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,12 @@ jobs:
name: "Add Labels to Issues. Safe to Merge on fail"
runs-on: ubuntu-latest
steps:
- name: Checkout Airbyte Repo for PAT command
uses: actions/checkout@v3
- name: Check PAT rate limits
# Cannot share PAT outside of JOB context
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: Run Issue Command from workflow-actions
uses: nick-fields/private-action-loader@v3
with:
pal-repo-token: "${{ env.PAT }}"
pal-repo-token: "${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}"
pal-repo-name: airbytehq/workflow-actions@production
# the following input gets passed to the private
token: "${{ env.PAT }}"
token: "${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}"
# ref: https://github.com/airbytehq/workflow-actions/blob/main/src/bin_issue.ts
command: "issue"
10 changes: 1 addition & 9 deletions .github/workflows/label-github-issues-by-path.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,8 @@ jobs:
name: "Label PRs based on files changes"
runs-on: ubuntu-latest
steps:
- name: Checkout Airbyte Repo for PAT command
uses: actions/checkout@v2
- name: Check PAT rate limits
# Cannot share PAT outside of JOB context
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: "Label PR based on changed files"
uses: actions/labeler@v3
with:
repo-token: "${{ env.PAT }}"
repo-token: "${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}"
sync-labels: true
12 changes: 2 additions & 10 deletions .github/workflows/label-prs-by-context.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,11 @@ jobs:
name: "Add Labels to PRs. Safe to Merge on fail"
runs-on: ubuntu-latest
steps:
- name: Checkout Airbyte Repo for PAT command
uses: actions/checkout@v3
- name: Check PAT rate limits
# Cannot share PAT outside of JOB context
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: Run Issue Command from workflow-actions
uses: nick-fields/private-action-loader@v3
with:
pal-repo-token: "${{ env.PAT }}"
pal-repo-token: "${{ GH_PAT_MAINTENANCE_OCTAVIA }}"
pal-repo-name: airbytehq/workflow-actions@production
# the following input gets passed to the private action
token: "${{ env.PAT }}"
token: "${{ GH_PAT_MAINTENANCE_OCTAVIA }}"
command: "pull"
Loading

0 comments on commit ead202a

Please sign in to comment.