From 37e0ad80ff82494d958389c4862123c014a0715d Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Fri, 21 Jun 2024 12:31:35 +0200 Subject: [PATCH 1/2] ci: use secrets from the source of truth --- .github/workflows/e2e.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 2928310..d7b3a62 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -25,10 +25,6 @@ concurrency: env: # (keep_serverless-staging-oblt, keep_serverless-qa-oblt or serverless-production-oblt) SERVERLESS_PROJECT: serverless-production-oblt - # Secrets managed through IasC, if you need a different environment please reach the obs robots team - ## TODO: Use Keyless - E2E__BROWSEREMAIL: ${{ secrets.OBSERVABILITY_EC_USERNAME }} - E2E__BROWSERPASSWORD: ${{ secrets.OBSERVABILITY_EC_PASSWORD }} # NOTE: if you add a new job and it's a mandatory check then # update e2e-docs.yml @@ -51,6 +47,13 @@ jobs: github-token: ${{ secrets.OBLT_CLI_GITHUB_TOKEN }} cluster-name: ${{ env.SERVERLESS_PROJECT }} + - uses: google-github-actions/get-secretmanager-secrets@dc4a1392bad0fd60aee00bb2097e30ef07a1caae # v2.1.3 + with: + export_to_environment: true + secrets: |- + E2E__BROWSEREMAIL:elastic-observability/secrets/elastic-cloud-observability-team-pro-username + E2E__BROWSERPASSWORD:elastic-observability/secrets/elastic-cloud-observability-team-pro-password + - name: End-to-end tests run: ./build.sh test --test-suite=e2e env: From 014d7c1ee84918511fc4fe9e8ed300b4c3e5dadc Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 25 Jun 2024 08:57:39 +0200 Subject: [PATCH 2/2] use the correct secret path --- .github/workflows/e2e.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index d7b3a62..3a87fe3 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -51,8 +51,8 @@ jobs: with: export_to_environment: true secrets: |- - E2E__BROWSEREMAIL:elastic-observability/secrets/elastic-cloud-observability-team-pro-username - E2E__BROWSERPASSWORD:elastic-observability/secrets/elastic-cloud-observability-team-pro-password + E2E__BROWSEREMAIL:elastic-observability/elastic-cloud-observability-team-pro-username + E2E__BROWSERPASSWORD:elastic-observability/elastic-cloud-observability-team-pro-password - name: End-to-end tests run: ./build.sh test --test-suite=e2e