From 3c0d372bc37781b992b61770cd16489e7c646705 Mon Sep 17 00:00:00 2001 From: Sk Niyaj Ali Date: Tue, 17 Dec 2024 23:05:18 +0530 Subject: [PATCH] Fix: Explicitly pass secrets to reusable workflows This commit explicitly passes secrets to reusable workflows, rather than relying on inheritance. This addresses an issue with reusable workflows not inheriting secrets as expected. - The `secrets: inherit` statement has been removed from the `multi-platform-build-and-publish` and `promote-to-production` workflows. - Instead, secrets are explicitly defined in the `secrets` section of each workflow, ensuring that the reusable workflows have access to the necessary secrets. --- .../multi-platform-build-and-publish.yml | 32 ++++++++++++++++++- .github/workflows/promote-to-production.yml | 3 +- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/.github/workflows/multi-platform-build-and-publish.yml b/.github/workflows/multi-platform-build-and-publish.yml index 3285ab1d3..eae1b3de9 100644 --- a/.github/workflows/multi-platform-build-and-publish.yml +++ b/.github/workflows/multi-platform-build-and-publish.yml @@ -114,7 +114,6 @@ jobs: multi_platform_build_and_publish: name: Multi-Platform Build and Publish uses: openMF/mifos-mobile-github-actions/.github/workflows/multi-platform-build-and-publish.yaml@main - secrets: inherit with: release_type: ${{ inputs.release_type }} target_branch: ${{ inputs.target_branch }} @@ -127,3 +126,34 @@ jobs: publish_ios: ${{ inputs.publish_ios }} publish_desktop: ${{ inputs.publish_desktop }} publish_web: ${{ inputs.publish_web }} + secrets: + original_keystore_file: ${{ secrets.ORIGINAL_KEYSTORE_FILE }} + original_keystore_file_password: ${{ secrets.ORIGINAL_KEYSTORE_FILE_PASSWORD }} + original_keystore_alias: ${{ secrets.ORIGINAL_KEYSTORE_ALIAS }} + original_keystore_alias_password: ${{ secrets.ORIGINAL_KEYSTORE_ALIAS_PASSWORD }} + + upload_keystore_file: ${{ secrets.UPLOAD_KEYSTORE_FILE }} + upload_keystore_file_password: ${{ secrets.UPLOAD_KEYSTORE_FILE_PASSWORD }} + upload_keystore_alias: ${{ secrets.UPLOAD_KEYSTORE_ALIAS }} + upload_keystore_alias_password: ${{ secrets.UPLOAD_KEYSTORE_ALIAS_PASSWORD }} + + notarization_apple_id: ${{ secrets.NOTARIZATION_APPLE_ID }} + notarization_password: ${{ secrets.NOTARIZATION_PASSWORD }} + notarization_team_id: ${{ secrets.NOTARIZATION_TEAM_ID }} + + windows_signing_key: ${{ secrets.WINDOWS_SIGNING_KEY }} + windows_signing_password: ${{ secrets.WINDOWS_SIGNING_PASSWORD }} + windows_signing_certificate: ${{ secrets.WINDOWS_SIGNING_CERTIFICATE }} + + macos_signing_key: ${{ secrets.MACOS_SIGNING_KEY }} + macos_signing_password: ${{ secrets.MACOS_SIGNING_PASSWORD }} + macos_signing_certificate: ${{ secrets.MACOS_SIGNING_CERTIFICATE }} + + linux_signing_key: ${{ secrets.LINUX_SIGNING_KEY }} + linux_signing_password: ${{ secrets.LINUX_SIGNING_PASSWORD }} + linux_signing_certificate: ${{ secrets.LINUX_SIGNING_CERTIFICATE }} + + google_services: ${{ secrets.GOOGLESERVICES }} + firebase_creds: ${{ secrets.FIREBASECREDS }} + playstore_creds: ${{ secrets.PLAYSTORECREDS }} + token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/promote-to-production.yml b/.github/workflows/promote-to-production.yml index 116f489c9..18a195e95 100644 --- a/.github/workflows/promote-to-production.yml +++ b/.github/workflows/promote-to-production.yml @@ -78,6 +78,7 @@ jobs: name: Promote Beta to Production Play Store uses: openMF/mifos-mobile-github-actions/.github/workflows/promote-to-production.yaml@main if: ${{ inputs.publish_to_play_store == true }} - secrets: inherit + secrets: + playstore_creds: ${{ secrets.PLAYSTORECREDS }} with: android_package_name: 'mifospay-android'