diff --git a/.drone.yml b/.drone.yml index 59f88baab41..45f60cd31c0 100644 --- a/.drone.yml +++ b/.drone.yml @@ -520,10 +520,8 @@ steps: from_secret: docker_password DOCKER_USER: from_secret: docker_username - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key failure: ignore @@ -1808,10 +1806,8 @@ steps: from_secret: docker_username GCP_KEY: from_secret: gcp_grafanauploads - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key image: google/cloud-sdk:431.0.0 @@ -2112,10 +2108,8 @@ steps: from_secret: docker_username GCP_KEY: from_secret: gcp_grafanauploads - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key image: google/cloud-sdk:431.0.0 @@ -3110,10 +3104,8 @@ steps: from_secret: docker_username GCP_KEY: from_secret: gcp_grafanauploads - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key image: google/cloud-sdk:431.0.0 @@ -5061,13 +5053,13 @@ name: prerelease_bucket --- get: name: username - path: infra/data/ci/grafanaci-docker-hub + path: ci/data/common/dockerhub kind: secret name: docker_username --- get: name: password - path: infra/data/ci/grafanaci-docker-hub + path: ci/data/common/dockerhub kind: secret name: docker_password --- @@ -5186,20 +5178,8 @@ kind: secret name: dagger_token --- get: - name: app-id - path: infra/data/ci/grafana-release-eng/grafana-delivery-bot -kind: secret -name: delivery-bot-app-id ---- -get: - name: app-installation-id - path: infra/data/ci/grafana-release-eng/grafana-delivery-bot -kind: secret -name: delivery-bot-app-installation-id ---- -get: - name: app-private-key - path: infra/data/ci/grafana-release-eng/grafana-delivery-bot + name: PRIVATE_KEY + path: ci/data/repo/grafana/grafana/delivery-bot-app kind: secret name: delivery-bot-app-private-key --- @@ -5210,6 +5190,6 @@ kind: secret name: gcr_credentials --- kind: signature -hmac: 8e25f1f786b8de4eb21dfbeca8c5fcb9701b1e62ecf98287d9225ecc6e8c29e8 +hmac: 4fd4d156c0e04e2332ac83ea168ce5c0237e3906e032c362cd2a62bee94ba9be ... diff --git a/scripts/drone/steps/lib.star b/scripts/drone/steps/lib.star index 949a6fc9242..26463480c81 100644 --- a/scripts/drone/steps/lib.star +++ b/scripts/drone/steps/lib.star @@ -976,8 +976,8 @@ def publish_images_step(ver_mode, docker_repo, trigger = None, depends_on = ["rg "GCP_KEY": from_secret(gcp_grafanauploads), "DOCKER_USER": from_secret("docker_username"), "DOCKER_PASSWORD": from_secret("docker_password"), - "GITHUB_APP_ID": from_secret("delivery-bot-app-id"), - "GITHUB_APP_INSTALLATION_ID": from_secret("delivery-bot-app-installation-id"), + "GITHUB_APP_ID": "329617", + "GITHUB_APP_INSTALLATION_ID": "37346161", "GITHUB_APP_PRIVATE_KEY": from_secret("delivery-bot-app-private-key"), } @@ -994,8 +994,8 @@ def publish_images_step(ver_mode, docker_repo, trigger = None, depends_on = ["rg environment = { "DOCKER_USER": from_secret("docker_username"), "DOCKER_PASSWORD": from_secret("docker_password"), - "GITHUB_APP_ID": from_secret("delivery-bot-app-id"), - "GITHUB_APP_INSTALLATION_ID": from_secret("delivery-bot-app-installation-id"), + "GITHUB_APP_ID": "329617", + "GITHUB_APP_INSTALLATION_ID": "37346161", "GITHUB_APP_PRIVATE_KEY": from_secret("delivery-bot-app-private-key"), } diff --git a/scripts/drone/vault.star b/scripts/drone/vault.star index aa77f81be39..05f3617d01f 100644 --- a/scripts/drone/vault.star +++ b/scripts/drone/vault.star @@ -55,8 +55,8 @@ def secrets(): vault_secret(gar_pull_secret, "secret/data/common/gar", ".dockerconfigjson"), vault_secret(drone_token, "infra/data/ci/drone", "machine-user-token"), vault_secret(prerelease_bucket, "infra/data/ci/grafana/prerelease", "bucket"), - vault_secret(docker_username, "infra/data/ci/grafanaci-docker-hub", "username"), - vault_secret(docker_password, "infra/data/ci/grafanaci-docker-hub", "password"), + vault_secret(docker_username, "ci/data/common/dockerhub", "username"), + vault_secret(docker_password, "ci/data/common/dockerhub", "password"), vault_secret( gcp_upload_artifacts_key, "infra/data/ci/grafana/releng/artifacts-uploader-service-account", @@ -153,21 +153,10 @@ def secrets(): "infra/data/ci/grafana-release-eng/rgm", "dagger_token", ), - # grafana-delivery-bot secrets - vault_secret( - "delivery-bot-app-id", - "infra/data/ci/grafana-release-eng/grafana-delivery-bot", - "app-id", - ), - vault_secret( - "delivery-bot-app-installation-id", - "infra/data/ci/grafana-release-eng/grafana-delivery-bot", - "app-installation-id", - ), vault_secret( "delivery-bot-app-private-key", - "infra/data/ci/grafana-release-eng/grafana-delivery-bot", - "app-private-key", + "ci/data/repo/grafana/grafana/delivery-bot-app", + "PRIVATE_KEY", ), vault_secret( "gcr_credentials",