Skip to content

Commit 8085782

Browse files
tobyhedetobyhede
committed
ci(release): migrate secrets to 1Password
1 parent 0cdc643 commit 8085782

File tree

1 file changed

+24
-5
lines changed

1 file changed

+24
-5
lines changed

.github/workflows/release.yml

Lines changed: 24 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,15 @@ jobs:
2222
runs-on: ${{matrix.build.os}}
2323
steps:
2424
- uses: actions/checkout@v4
25+
26+
- name: Load secrets
27+
uses: 1password/load-secrets-action@v3
28+
with:
29+
export-env: true
30+
env:
31+
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
32+
OP_ENV_FILE: .github/secrets.env.tpl
33+
2534
- name: Setup Rust cache
2635
uses: Swatinem/rust-cache@v2
2736
if: github.event_name == 'pull_request' # only cache in pull requests
@@ -55,8 +64,8 @@ jobs:
5564
- name: Login to Docker Hub
5665
uses: docker/login-action@v3
5766
with:
58-
username: ${{ secrets.DOCKER_HUB_USERNAME }}
59-
password: ${{ secrets.DOCKER_HUB_PERSONAL_ACCESS_TOKEN }}
67+
username: ${{ env.DOCKER_HUB_USERNAME }}
68+
password: ${{ env.DOCKER_HUB_PASSWORD }}
6069

6170
- name: Set up Docker Buildx
6271
uses: docker/setup-buildx-action@v3
@@ -92,6 +101,16 @@ jobs:
92101
needs:
93102
- build
94103
steps:
104+
- uses: actions/checkout@v4
105+
106+
- name: Load secrets
107+
uses: 1password/load-secrets-action@v3
108+
with:
109+
export-env: true
110+
env:
111+
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
112+
OP_ENV_FILE: .github/secrets.env.tpl
113+
95114
- name: Download digests
96115
uses: actions/download-artifact@v4
97116
with:
@@ -102,8 +121,8 @@ jobs:
102121
- name: Login to Docker Hub
103122
uses: docker/login-action@v3
104123
with:
105-
username: ${{ secrets.DOCKER_HUB_USERNAME }}
106-
password: ${{ secrets.DOCKER_HUB_PERSONAL_ACCESS_TOKEN }}
124+
username: ${{ env.DOCKER_HUB_USERNAME }}
125+
password: ${{ env.DOCKER_HUB_PASSWORD }}
107126

108127
- name: Set up Docker Buildx
109128
uses: docker/setup-buildx-action@v3
@@ -135,5 +154,5 @@ jobs:
135154
--fail-with-body \
136155
--url "https://api.developer.multitudes.co/deployments" \
137156
--header "Content-Type: application/json" \
138-
--header "Authorization: ${{ secrets.MULTITUDES_ACCESS_TOKEN }}" \
157+
--header "Authorization: ${{ env.MULTITUDES_ACCESS_TOKEN }}" \
139158
--data '{"commitSha": "${{ github.sha }}", "environmentName":"dockerhub"}'

0 commit comments

Comments
 (0)