Revert "Bake secrets into docker image. (#73)"

This reverts commit d6d7d8b.
toitware · Jun 28, 2024 · 52cb19e · 52cb19e
1 parent 76932de
commit 52cb19e
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 21 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -90,19 +90,12 @@ jobs:
         with:
           project_id: infrastructure-220307
 
-      - name: Create secrets
-        run: |
-          printf "%s" "${{ secrets.TOITWARE_REGISTRY_SSH_DEPLOY_KEY }}" > private_ssh_key
-          ssh-keyscan github.com > known_hosts
-          cat known_hosts
-
       - name: Build Docker Image
         run: |
           gcloud config set project infrastructure-220307
           gcloud auth configure-docker
 
           make image
-
       - name: Upload image
         if: |
           github.event_name == 'release' ||

diff --git a/Dockerfile b/Dockerfile
@@ -34,18 +34,4 @@ ENV TOITDOCS_VIEWER_PATH /web_toitdocs
 ENV SDK_PATH /sdk
 ENV TOITDOCS_VIEWER_PATH /web_toitdocs
 
-# We are baking in private data.
-# As of 2022-07-08 the deployment overrides these values:
-# https://github.com/toitware/deployment/blob/50d35c2498cb98f360c922a491c2c31e73cc403d/console/values.yaml#L437
-# However, by adding the key here, we can remove these lines from there.
-
-# When building locally, one can either get the real key from bitwarden, or use any key.
-# It should only be necessary when pushing to the registry. (Not 100% certain.)
-copy private_ssh_key /ssh_data/private_ssh_key
-ENV REGISTRY_SSH_KEY_FILE /ssh_data/private_ssh_key
-
-# Same: we are baking in the known_hosts, which is, as of 2022-07-08, overridden by the deployment.
-copy known_hosts /ssh_data/known_hosts
-ENV SSH_KNOWN_HOSTS /ssh_data/known_hosts
-
 ENTRYPOINT ["/registry_container"]