apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[release-11.5.5] CI: Use docker creds from ci/common (#104883)

Browse Source 
* CI: Use docker creds from ci/common (#104827)

Use docker creds from ci/common

(cherry picked from commit fd4afdbd2c)

* CI: move `grafana-delivery-bot` path in Drone (#104886)

* move delivery bot creds to vault

* format-drone

(cherry picked from commit ec35e861e0)
pull/104904/head
Kevin Minehart 2 months ago committed by GitHub
parent e30143305f
commit e3cbeb5e1e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 21 additions and 52 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 46
      .drone.yml
  2. 8
      scripts/drone/steps/lib.star
  3. 19
      scripts/drone/vault.star

46
.drone.yml
Unescape View File

@ -726,10 +726,8 @@ steps:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_ID: "329617"
GITHUB_APP_INSTALLATION_ID: "37346161"
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
failure: ignore
@ -2138,10 +2136,8 @@ steps:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_ID: "329617"
GITHUB_APP_INSTALLATION_ID: "37346161"
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
image: google/cloud-sdk:431.0.0
@ -2442,10 +2438,8 @@ steps:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_ID: "329617"
GITHUB_APP_INSTALLATION_ID: "37346161"
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
image: google/cloud-sdk:431.0.0
@ -3431,10 +3425,8 @@ steps:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_ID: "329617"
GITHUB_APP_INSTALLATION_ID: "37346161"
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
image: google/cloud-sdk:431.0.0
@ -5379,13 +5371,13 @@ name: prerelease_bucket
---
get:
name: username
path: infra/data/ci/grafanaci-docker-hub
path: ci/data/common/dockerhub
kind: secret
name: docker_username
---
get:
name: password
path: infra/data/ci/grafanaci-docker-hub
path: ci/data/common/dockerhub
kind: secret
name: docker_password
---
@ -5504,20 +5496,8 @@ kind: secret
name: dagger_token
---
get:
name: app-id
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
kind: secret
name: delivery-bot-app-id
---
get:
name: app-installation-id
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
kind: secret
name: delivery-bot-app-installation-id
---
get:
name: app-private-key
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
name: PRIVATE_KEY
path: ci/data/repo/grafana/grafana/delivery-bot-app
kind: secret
name: delivery-bot-app-private-key
---
@ -5528,6 +5508,6 @@ kind: secret
name: gcr_credentials
---
kind: signature
hmac: be12d660296fc93a9e8d0ce3654a1572087a6e2c159cc1cc5f4991f7d7244da3
hmac: 2b752d7a02b0b111ac5871f61c5d6a694450ccf541b0de5d3f579b79c267e613
...

8
scripts/drone/steps/lib.star
Unescape View File

@ -954,8 +954,8 @@ def publish_images_step(ver_mode, docker_repo, trigger = None, depends_on = ["rg
"GCP_KEY": from_secret(gcp_grafanauploads),
"DOCKER_USER": from_secret("docker_username"),
"DOCKER_PASSWORD": from_secret("docker_password"),
"GITHUB_APP_ID": from_secret("delivery-bot-app-id"),
"GITHUB_APP_INSTALLATION_ID": from_secret("delivery-bot-app-installation-id"),
"GITHUB_APP_ID": "329617",
"GITHUB_APP_INSTALLATION_ID": "37346161",
"GITHUB_APP_PRIVATE_KEY": from_secret("delivery-bot-app-private-key"),
}
@ -972,8 +972,8 @@ def publish_images_step(ver_mode, docker_repo, trigger = None, depends_on = ["rg
environment = {
"DOCKER_USER": from_secret("docker_username"),
"DOCKER_PASSWORD": from_secret("docker_password"),
"GITHUB_APP_ID": from_secret("delivery-bot-app-id"),
"GITHUB_APP_INSTALLATION_ID": from_secret("delivery-bot-app-installation-id"),
"GITHUB_APP_ID": "329617",
"GITHUB_APP_INSTALLATION_ID": "37346161",
"GITHUB_APP_PRIVATE_KEY": from_secret("delivery-bot-app-private-key"),
}

19
scripts/drone/vault.star
Unescape View File

@ -55,8 +55,8 @@ def secrets():
vault_secret(gar_pull_secret, "secret/data/common/gar", ".dockerconfigjson"),
vault_secret(drone_token, "infra/data/ci/drone", "machine-user-token"),
vault_secret(prerelease_bucket, "infra/data/ci/grafana/prerelease", "bucket"),
vault_secret(docker_username, "infra/data/ci/grafanaci-docker-hub", "username"),
vault_secret(docker_password, "infra/data/ci/grafanaci-docker-hub", "password"),
vault_secret(docker_username, "ci/data/common/dockerhub", "username"),
vault_secret(docker_password, "ci/data/common/dockerhub", "password"),
vault_secret(
gcp_upload_artifacts_key,
"infra/data/ci/grafana/releng/artifacts-uploader-service-account",
@ -153,21 +153,10 @@ def secrets():
"infra/data/ci/grafana-release-eng/rgm",
"dagger_token",
),
# grafana-delivery-bot secrets
vault_secret(
"delivery-bot-app-id",
"infra/data/ci/grafana-release-eng/grafana-delivery-bot",
"app-id",
),
vault_secret(
"delivery-bot-app-installation-id",
"infra/data/ci/grafana-release-eng/grafana-delivery-bot",
"app-installation-id",
),
vault_secret(
"delivery-bot-app-private-key",
"infra/data/ci/grafana-release-eng/grafana-delivery-bot",
"app-private-key",
"ci/data/repo/grafana/grafana/delivery-bot-app",
"PRIVATE_KEY",
),
vault_secret(
"gcr_credentials",

Write Preview
Loading…
Cancel
Save