Avoid { and } getting redacted in logs (#406)

carlcsaposs-canonical · web-flow · commit e4625c252484 · 2024-04-16T08:44:43.000Z
canonical/data-platform-workflows#166
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -64,12 +64,12 @@ jobs:
       libjuju-version-constraint: ${{ matrix.juju.libjuju }}
       _beta_allure_report: ${{ matrix.juju.allure }}
     secrets:
+      # GitHub appears to redact each line of a multi-line secret
+      # Avoid putting `{` or `}` on a line by itself so that it doesn't get redacted in logs
       integration-test: |
-        {
-          "AWS_ACCESS_KEY": "${{ secrets.AWS_ACCESS_KEY }}",
+        { "AWS_ACCESS_KEY": "${{ secrets.AWS_ACCESS_KEY }}",
           "AWS_SECRET_KEY": "${{ secrets.AWS_SECRET_KEY }}",
           "GCP_ACCESS_KEY": "${{ secrets.GCP_ACCESS_KEY }}",
-          "GCP_SECRET_KEY": "${{ secrets.GCP_SECRET_KEY }}",
-        }
+          "GCP_SECRET_KEY": "${{ secrets.GCP_SECRET_KEY }}", }
     permissions:
       contents: write  # Needed for Allure Report beta
