From eac66a09d13dc16545b28f3282b4fe6a4a34f286 Mon Sep 17 00:00:00 2001 From: Maxime Epain Date: Thu, 1 Aug 2024 15:11:39 +0200 Subject: [PATCH] Rename secrets --- tools/benchmark-build-upload.sh | 8 ++++---- tools/e2e-build-upload.sh | 8 ++++---- tools/secrets/check-secrets.sh | 2 +- tools/secrets/config.sh | 28 ++++++++++++++++++++-------- 4 files changed, 29 insertions(+), 17 deletions(-) diff --git a/tools/benchmark-build-upload.sh b/tools/benchmark-build-upload.sh index e43bc7293a..5b44778242 100755 --- a/tools/benchmark-build-upload.sh +++ b/tools/benchmark-build-upload.sh @@ -41,7 +41,7 @@ create_codesign_files() { echo_subtitle "Create codesign files in '$BENCHMARK_CODESIGN_DIR'" rm -rf "$BENCHMARK_CODESIGN_DIR" mkdir -p "$BENCHMARK_CODESIGN_DIR" - get_secret $DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH + get_secret $DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH echo_succ "▸ $P12_PATH - ready" get_secret $DD_IOS_SECRET__BENCHMARK_PROVISIONING_PROFILE_BASE64 | base64 --decode -o $PP_PATH echo_succ "▸ $PP_PATH - ready" @@ -56,7 +56,7 @@ install_provisioning_profile $PP_PATH create_keychain keychain_import \ --p12 $P12_PATH \ - --p12-password $(get_secret "$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD") + --p12-password $(get_secret "$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD") echo_subtitle "Run 'make clean archive export upload ARTIFACTS_PATH=\"$ARTIFACTS_PATH\"' in '$BENCHMARK_DIR'" cd "$BENCHMARK_DIR" @@ -65,8 +65,8 @@ make clean archive export ARTIFACTS_PATH="$ARTIFACTS_PATH" if [ "$DRY_RUN" = "1" ] || [ "$DRY_RUN" = "true" ]; then echo_warn "Running in DRY RUN mode. Skipping 'make upload'." else - export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_API_KEY) - export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_APP_KEY) + export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_API_KEY) + export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_APP_KEY) export S8S_APPLICATION_ID=$(get_secret $DD_IOS_SECRET__BENCHMARK_S8S_APPLICATION_ID) make upload ARTIFACTS_PATH="$ARTIFACTS_PATH" fi diff --git a/tools/e2e-build-upload.sh b/tools/e2e-build-upload.sh index a17de8fc6b..fc1feca3cb 100755 --- a/tools/e2e-build-upload.sh +++ b/tools/e2e-build-upload.sh @@ -41,7 +41,7 @@ create_codesign_files() { echo_subtitle "Create codesign files in '$E2E_CODESIGN_DIR'" rm -rf "$E2E_CODESIGN_DIR" mkdir -p "$E2E_CODESIGN_DIR" - get_secret $DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH + get_secret $DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64 | base64 --decode -o $P12_PATH echo_succ "▸ $P12_PATH - ready" get_secret $DD_IOS_SECRET__E2E_PROVISIONING_PROFILE_BASE64 | base64 --decode -o $PP_PATH echo_succ "▸ $PP_PATH - ready" @@ -56,7 +56,7 @@ install_provisioning_profile $PP_PATH create_keychain keychain_import \ --p12 $P12_PATH \ - --p12-password $(get_secret "$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD") + --p12-password $(get_secret "$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD") echo_subtitle "Run 'make clean archive export upload ARTIFACTS_PATH=\"$ARTIFACTS_PATH\"' in '$E2E_DIR'" cd "$E2E_DIR" @@ -65,8 +65,8 @@ make clean archive export ARTIFACTS_PATH="$ARTIFACTS_PATH" if [ "$DRY_RUN" = "1" ] || [ "$DRY_RUN" = "true" ]; then echo_warn "Running in DRY RUN mode. Skipping 'make upload'." else - export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_API_KEY) - export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__E2E_S8S_APP_KEY) + export DATADOG_API_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_API_KEY) + export DATADOG_APP_KEY=$(get_secret $DD_IOS_SECRET__MI_S8S_APP_KEY) export S8S_APPLICATION_ID=$(get_secret $DD_IOS_SECRET__E2E_S8S_APPLICATION_ID) make upload ARTIFACTS_PATH="$ARTIFACTS_PATH" fi diff --git a/tools/secrets/check-secrets.sh b/tools/secrets/check-secrets.sh index 76e87b28df..794509b378 100755 --- a/tools/secrets/check-secrets.sh +++ b/tools/secrets/check-secrets.sh @@ -3,7 +3,7 @@ # Checks if all secret values are available in current env. # # Usage: -# $ ./tools/secrets/set-secret.sh +# $ ./tools/secrets/check-secrets.sh # # Note: # - Requires `vault` to be installed diff --git a/tools/secrets/config.sh b/tools/secrets/config.sh index 754145b643..703ad986b2 100644 --- a/tools/secrets/config.sh +++ b/tools/secrets/config.sh @@ -16,17 +16,23 @@ DD_IOS_SECRET__GH_CLI_TOKEN="gh.cli.token" DD_IOS_SECRET__CARTHAGE_GH_TOKEN="carthage.gh.token" DD_IOS_SECRET__CP_TRUNK_TOKEN="cocoapods.trunk.token" DD_IOS_SECRET__SSH_KEY="ssh.key" -DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64="e2e.certificate.p12.base64" -DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD="e2e.certificate.p12.password" +DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64="dev.certificate.p12.base64" +DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD="dev.certificate.p12.password" +DD_IOS_SECRET__MI_S8S_API_KEY="mi.s8s.api.key" +DD_IOS_SECRET__MI_S8S_APP_KEY="mi.s8s.app.key" DD_IOS_SECRET__E2E_PROVISIONING_PROFILE_BASE64="e2e.provisioning.profile.base64" DD_IOS_SECRET__E2E_XCCONFIG_BASE64="e2e.xcconfig.base64" -DD_IOS_SECRET__E2E_S8S_API_KEY="e2e.s8s.api.key" -DD_IOS_SECRET__E2E_S8S_APP_KEY="e2e.s8s.app.key" DD_IOS_SECRET__E2E_S8S_APPLICATION_ID="e2e.s8s.app.id" DD_IOS_SECRET__BENCHMARK_PROVISIONING_PROFILE_BASE64="benchmark.provisioning.profile.base64" DD_IOS_SECRET__BENCHMARK_XCCONFIG_BASE64="benchmark.xcconfig.base64" DD_IOS_SECRET__BENCHMARK_S8S_APPLICATION_ID="benchmark.s8s.app.id" +# To remove +DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64="e2e.certificate.p12.base64" +DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD="e2e.certificate.p12.passwords" +DD_IOS_SECRET__E2E_S8S_API_KEY="e2e.s8s.api.key" +DD_IOS_SECRET__E2E_S8S_APP_KEY="e2e.s8s.app.key" + idx=0 declare -A DD_IOS_SECRETS DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__TEST_SECRET | test secret to see if things work, free to change but not delete" @@ -34,13 +40,19 @@ DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__GH_CLI_TOKEN | GitHub token to authe DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__CARTHAGE_GH_TOKEN | GitHub token to avoid rate limiting Carthage commands (https://github.com/Carthage/Carthage/pull/605)" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__CP_TRUNK_TOKEN | Cocoapods token to authenticate 'pod trunk' operations (https://guides.cocoapods.org/terminal/commands.html)" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__SSH_KEY | SSH key to authenticate 'git clone git@github.com:...' operations" -DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | Base64-encoded '.p12' certificate file for signing E2E app" -DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD | Password to '$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64' certificate" +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__DEV_CERTIFICATE_P12_BASE64 | Base64-encoded '.p12' developer certificate file for signing apps" +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD | Password to '$DD_IOS_SECRET__DEV_CERTIFICATE_P12_PASSWORD' certificate" +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__MI_S8S_API_KEY | DATADOG_API_KEY for uploading app to synthetics in Mobile - Integration org" +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__MI_S8S_APP_KEY | DATADOG_APP_KEY for uploading E2E app to synthetics in Mobile - Integration org" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_PROVISIONING_PROFILE_BASE64 | Base64-encoded provisioning profile file for signing E2E app" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_XCCONFIG_BASE64 | Base64-encoded xcconfig file for E2E app" -DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_API_KEY | DATADOG_API_KEY for uploading E2E app to synthetics" -DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_APP_KEY | DATADOG_APP_KEY for uploading E2E app to synthetics" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_APPLICATION_ID | Synthetics app ID for E2E tests" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__BENCHMARK_PROVISIONING_PROFILE_BASE64 | Base64-encoded provisioning profile file for signing Benchmark app" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__BENCHMARK_XCCONFIG_BASE64 | Base64-encoded xcconfig file for Benchmark app" DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__BENCHMARK_S8S_APPLICATION_ID | Synthetics app ID for Benchmark tests" + +# To remove +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64 | Base64-encoded '.p12' certificate file for signing E2E app (to be removed, use dev.certificate.p12.base64 instead)" +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_CERTIFICATE_P12_PASSWORD | Password to '$DD_IOS_SECRET__E2E_CERTIFICATE_P12_BASE64' certificate(to be removed, use dev.certificate.p12.password instead)" +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_API_KEY | DATADOG_API_KEY for uploading E2E app to synthetics" +DD_IOS_SECRETS[$((idx++))]="$DD_IOS_SECRET__E2E_S8S_APP_KEY | DATADOG_APP_KEY for uploading E2E app to synthetics"