diff --git a/.drone.yml b/.drone.yml index edbe311eeb3..7025064d813 100644 --- a/.drone.yml +++ b/.drone.yml @@ -726,10 +726,8 @@ steps: from_secret: docker_password DOCKER_USER: from_secret: docker_username - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key failure: ignore @@ -2138,10 +2136,8 @@ steps: from_secret: docker_username GCP_KEY: from_secret: gcp_grafanauploads - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key image: google/cloud-sdk:431.0.0 @@ -2442,10 +2438,8 @@ steps: from_secret: docker_username GCP_KEY: from_secret: gcp_grafanauploads - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key image: google/cloud-sdk:431.0.0 @@ -3431,10 +3425,8 @@ steps: from_secret: docker_username GCP_KEY: from_secret: gcp_grafanauploads - GITHUB_APP_ID: - from_secret: delivery-bot-app-id - GITHUB_APP_INSTALLATION_ID: - from_secret: delivery-bot-app-installation-id + GITHUB_APP_ID: "329617" + GITHUB_APP_INSTALLATION_ID: "37346161" GITHUB_APP_PRIVATE_KEY: from_secret: delivery-bot-app-private-key image: google/cloud-sdk:431.0.0 @@ -5379,13 +5371,13 @@ name: prerelease_bucket --- get: name: username - path: infra/data/ci/grafanaci-docker-hub + path: ci/data/common/dockerhub kind: secret name: docker_username --- get: name: password - path: infra/data/ci/grafanaci-docker-hub + path: ci/data/common/dockerhub kind: secret name: docker_password --- @@ -5504,20 +5496,8 @@ kind: secret name: dagger_token --- get: - name: app-id - path: infra/data/ci/grafana-release-eng/grafana-delivery-bot -kind: secret -name: delivery-bot-app-id ---- -get: - name: app-installation-id - path: infra/data/ci/grafana-release-eng/grafana-delivery-bot -kind: secret -name: delivery-bot-app-installation-id ---- -get: - name: app-private-key - path: infra/data/ci/grafana-release-eng/grafana-delivery-bot + name: PRIVATE_KEY + path: ci/data/repo/grafana/grafana/delivery-bot-app kind: secret name: delivery-bot-app-private-key --- @@ -5528,6 +5508,6 @@ kind: secret name: gcr_credentials --- kind: signature -hmac: be12d660296fc93a9e8d0ce3654a1572087a6e2c159cc1cc5f4991f7d7244da3 +hmac: 2b752d7a02b0b111ac5871f61c5d6a694450ccf541b0de5d3f579b79c267e613 ... diff --git a/scripts/drone/steps/lib.star b/scripts/drone/steps/lib.star index 36cd3a2db86..fb3404e04b0 100644 --- a/scripts/drone/steps/lib.star +++ b/scripts/drone/steps/lib.star @@ -954,8 +954,8 @@ def publish_images_step(ver_mode, docker_repo, trigger = None, depends_on = ["rg "GCP_KEY": from_secret(gcp_grafanauploads), "DOCKER_USER": from_secret("docker_username"), "DOCKER_PASSWORD": from_secret("docker_password"), - "GITHUB_APP_ID": from_secret("delivery-bot-app-id"), - "GITHUB_APP_INSTALLATION_ID": from_secret("delivery-bot-app-installation-id"), + "GITHUB_APP_ID": "329617", + "GITHUB_APP_INSTALLATION_ID": "37346161", "GITHUB_APP_PRIVATE_KEY": from_secret("delivery-bot-app-private-key"), } @@ -972,8 +972,8 @@ def publish_images_step(ver_mode, docker_repo, trigger = None, depends_on = ["rg environment = { "DOCKER_USER": from_secret("docker_username"), "DOCKER_PASSWORD": from_secret("docker_password"), - "GITHUB_APP_ID": from_secret("delivery-bot-app-id"), - "GITHUB_APP_INSTALLATION_ID": from_secret("delivery-bot-app-installation-id"), + "GITHUB_APP_ID": "329617", + "GITHUB_APP_INSTALLATION_ID": "37346161", "GITHUB_APP_PRIVATE_KEY": from_secret("delivery-bot-app-private-key"), } diff --git a/scripts/drone/vault.star b/scripts/drone/vault.star index aa77f81be39..05f3617d01f 100644 --- a/scripts/drone/vault.star +++ b/scripts/drone/vault.star @@ -55,8 +55,8 @@ def secrets(): vault_secret(gar_pull_secret, "secret/data/common/gar", ".dockerconfigjson"), vault_secret(drone_token, "infra/data/ci/drone", "machine-user-token"), vault_secret(prerelease_bucket, "infra/data/ci/grafana/prerelease", "bucket"), - vault_secret(docker_username, "infra/data/ci/grafanaci-docker-hub", "username"), - vault_secret(docker_password, "infra/data/ci/grafanaci-docker-hub", "password"), + vault_secret(docker_username, "ci/data/common/dockerhub", "username"), + vault_secret(docker_password, "ci/data/common/dockerhub", "password"), vault_secret( gcp_upload_artifacts_key, "infra/data/ci/grafana/releng/artifacts-uploader-service-account", @@ -153,21 +153,10 @@ def secrets(): "infra/data/ci/grafana-release-eng/rgm", "dagger_token", ), - # grafana-delivery-bot secrets - vault_secret( - "delivery-bot-app-id", - "infra/data/ci/grafana-release-eng/grafana-delivery-bot", - "app-id", - ), - vault_secret( - "delivery-bot-app-installation-id", - "infra/data/ci/grafana-release-eng/grafana-delivery-bot", - "app-installation-id", - ), vault_secret( "delivery-bot-app-private-key", - "infra/data/ci/grafana-release-eng/grafana-delivery-bot", - "app-private-key", + "ci/data/repo/grafana/grafana/delivery-bot-app", + "PRIVATE_KEY", ), vault_secret( "gcr_credentials",