Rename secrets

tools/benchmark-build-upload.sh

@@ -41,7 +41,7 @@ create_codesign_files() {
     echo_subtitle "Create codesign files in '$BENCHMARK_CODESIGN_DIR'"
     rm -rf "$BENCHMARK_CODESIGN_DIR"
     mkdir -p "$BENCHMARK_CODESIGN_DIR"
-    get_secret $DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH
+    get_secret $DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH
     echo_succ "▸ $P12_PATH - ready"
     get_secret $DD_IOS_SECRET__BENCHMARK_PROVISIONING_PROFILE_BASE64 | base64 --decode -o $PP_PATH
     echo_succ "▸ $PP_PATH - ready"
@@ -56,7 +56,7 @@ install_provisioning_profile $PP_PATH
 create_keychain
 keychain_import \
     --p12 $P12_PATH \
-    --p12-password $(get_secret "$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD")
+    --p12-password $(get_secret "$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD")
 
 echo_subtitle "Run 'make clean archive export upload ARTIFACTS_PATH=\"$ARTIFACTS_PATH\"' in '$BENCHMARK_DIR'"
 cd "$BENCHMARK_DIR" 
@@ -65,8 +65,8 @@ make clean archive export ARTIFACTS_PATH="$ARTIFACTS_PATH"
 if [ "$DRY_RUN" = "1" ] || [ "$DRY_RUN" = "true" ]; then
     echo_warn "Running in DRY RUN mode. Skipping 'make upload'."
 else
-    export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_API_KEY)
-    export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_APP_KEY)
+    export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_API_KEY)
+    export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_APP_KEY)
     export S8S_APPLICATION_ID=$(get_secret $DD_IOS_SECRET__BENCHMARK_S8S_APPLICATION_ID)
     make upload ARTIFACTS_PATH="$ARTIFACTS_PATH"
 fi

tools/e2e-build-upload.sh

@@ -41,7 +41,7 @@ create_codesign_files() {
     echo_subtitle "Create codesign files in '$E2E_CODESIGN_DIR'"
     rm -rf "$E2E_CODESIGN_DIR"
     mkdir -p "$E2E_CODESIGN_DIR"
-    get_secret $DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH
+    get_secret $DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH
     echo_succ "▸ $P12_PATH - ready"
     get_secret $DD_IOS_SECRET__E2E_PROVISIONING_PROFILE_BASE64 | base64 --decode -o $PP_PATH
     echo_succ "▸ $PP_PATH - ready"
@@ -56,7 +56,7 @@ install_provisioning_profile $PP_PATH
 create_keychain
 keychain_import \
     --p12 $P12_PATH \
-    --p12-password $(get_secret "$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD")
+    --p12-password $(get_secret "$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD")
 
 echo_subtitle "Run 'make clean archive export upload ARTIFACTS_PATH=\"$ARTIFACTS_PATH\"' in '$E2E_DIR'"
 cd "$E2E_DIR" 
@@ -65,8 +65,8 @@ make clean archive export ARTIFACTS_PATH="$ARTIFACTS_PATH"
 if [ "$DRY_RUN" = "1" ] || [ "$DRY_RUN" = "true" ]; then
     echo_warn "Running in DRY RUN mode. Skipping 'make upload'."
 else
-    export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_API_KEY)
-    export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_APP_KEY)
+    export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_API_KEY)
+    export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_APP_KEY)
     export S8S_APPLICATION_ID=$(get_secret $DD_IOS_SECRET__E2E_S8S_APPLICATION_ID)
     make upload ARTIFACTS_PATH="$ARTIFACTS_PATH"
 fi

tools/secrets/check-secrets.sh

@@ -3,7 +3,7 @@
 # Checks if all secret values are available in current env.
 #
 # Usage:
-# $ ./tools/secrets/set-secret.sh
+# $ ./tools/secrets/check-secrets.sh
 #
 # Note:
 # - Requires `vault` to be installed

tools/secrets/config.sh

@@ -16,31 +16,43 @@ DD_IOS_SECRET__GH_CLI_TOKEN="gh.cli.token"
 DD_IOS_SECRET__CARTHAGE_GH_TOKEN="carthage.gh.token"
 DD_IOS_SECRET__CP_TRUNK_TOKEN="cocoapods.trunk.token"
 DD_IOS_SECRET__SSH_KEY="ssh.key"
-DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64="e2e.certificate.p12.base64"
-DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD="e2e.certificate.p12.password"
+DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64="dev.certificate.p12.base64"
+DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD="dev.certificate.p12.password"
+DD_IOS_SECRET__MI_S8S_API_KEY="mi.s8s.api.key"
+DD_IOS_SECRET__MI_S8S_APP_KEY="mi.s8s.app.key"
 DD_IOS_SECRET__E2E_PROVISIONING_PROFILE_BASE64="e2e.provisioning.profile.base64"
 DD_IOS_SECRET__E2E_XCCONFIG_BASE64="e2e.xcconfig.base64"
-DD_IOS_SECRET__E2E_S8S_API_KEY="e2e.s8s.api.key"
-DD_IOS_SECRET__E2E_S8S_APP_KEY="e2e.s8s.app.key"
 DD_IOS_SECRET__E2E_S8S_APPLICATION_ID="e2e.s8s.app.id"
 DD_IOS_SECRET__BENCHMARK_PROVISIONING_PROFILE_BASE64="benchmark.provisioning.profile.base64"
 DD_IOS_SECRET__BENCHMARK_XCCONFIG_BASE64="benchmark.xcconfig.base64"
 DD_IOS_SECRET__BENCHMARK_S8S_APPLICATION_ID="benchmark.s8s.app.id"
 
+# To remove
+DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64="e2e.certificate.p12.base64"
+DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD="e2e.certificate.p12.passwords"
+DD_IOS_SECRET__E2E_S8S_API_KEY="e2e.s8s.api.key"
+DD_IOS_SECRET__E2E_S8S_APP_KEY="e2e.s8s.app.key"
+
 idx=0
 declare -A DD_IOS_SECRETS
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__TEST_SECRET | test secret to see if things work, free to change but not delete"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__GH_CLI_TOKEN | GitHub token to authenticate 'gh' cli (https://cli.github.com/)"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__CARTHAGE_GH_TOKEN | GitHub token to avoid rate limiting Carthage commands (https://github.com/Carthage/Carthage/pull/605)"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__CP_TRUNK_TOKEN | Cocoapods token to authenticate 'pod trunk' operations (https://guides.cocoapods.org/terminal/commands.html)"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__SSH_KEY | SSH key to authenticate 'git clone [email protected]:...' operations"
-DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | Base64-encoded '.p12' certificate file for signing E2E app"
-DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD | Password to '$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64' certificate"
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64 | Base64-encoded '.p12' developer certificate file for signing apps"
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD | Password to '$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD' certificate"
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__MI_S8S_API_KEY | DATADOG_API_KEY for uploading app to synthetics in Mobile - Integration org"
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__MI_S8S_APP_KEY | DATADOG_APP_KEY for uploading E2E app to synthetics in Mobile - Integration org"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_PROVISIONING_PROFILE_BASE64 | Base64-encoded provisioning profile file for signing E2E app"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_XCCONFIG_BASE64 | Base64-encoded xcconfig file for E2E app"
-DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_API_KEY | DATADOG_API_KEY for uploading E2E app to synthetics"
-DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_APP_KEY | DATADOG_APP_KEY for uploading E2E app to synthetics"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_APPLICATION_ID | Synthetics app ID for E2E tests"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__BENCHMARK_PROVISIONING_PROFILE_BASE64 | Base64-encoded provisioning profile file for signing Benchmark app"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__BENCHMARK_XCCONFIG_BASE64 | Base64-encoded xcconfig file for Benchmark app"
 DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__BENCHMARK_S8S_APPLICATION_ID | Synthetics app ID for Benchmark tests"
+
+# To remove
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | Base64-encoded '.p12' certificate file for signing E2E app (to be removed, use dev.certificate.p12.base64 instead)"
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD | Password to '$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64' certificate(to be removed, use dev.certificate.p12.password instead)"
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_API_KEY | DATADOG_API_KEY for uploading E2E app to synthetics"
+DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_APP_KEY | DATADOG_APP_KEY for uploading E2E app to synthetics"