Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate sentry to new org / import sentry secrets from vault #4415

Merged
merged 1 commit into from
Jul 2, 2024
Merged

Migrate sentry to new org / import sentry secrets from vault #4415

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 27 additions & 23 deletions .github/workflows/NIGHTLY.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,21 @@ jobs:
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Import Secrets
id: secrets
uses: hashicorp/vault-action@v3.0.0
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false
secrets: |
secret/data/products/desktop-modeler/ci/sentry SENTRY_AUTH_TOKEN;
secret/data/products/desktop-modeler/ci/sentry SENTRY_DSN;
secret/data/products/desktop-modeler/ci/sentry SENTRY_ORG;
secret/data/products/desktop-modeler/ci/sentry SENTRY_PROJECT;
secret/data/common/jenkins/downloads-camunda-cloud_google_sa_key DOWNLOAD_CENTER_GCLOUD_KEY_BYTES | GCP_CREDENTIALS_NAME;

- name: Build nightly (Linux)
if: ${{ runner.os == 'Linux' }}
Expand All @@ -41,10 +56,10 @@ jobs:
MIXPANEL_TOKEN: "${{ secrets.MIXPANEL_PROJECT_TOKEN }}"
MIXPANEL_STAGE: "int"
NIGHTLY: 1
SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ secrets.SENTRY_DSN }}"
SENTRY_ORG: "${{ secrets.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ secrets.SENTRY_PROJECT }}"
SENTRY_AUTH_TOKEN: "${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ steps.secrets.outputs.SENTRY_DSN }}"
SENTRY_ORG: "${{ steps.secrets.outputs.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ steps.secrets.outputs.SENTRY_PROJECT }}"
UPDATES_SERVER_PRODUCT_NAME: "${{ secrets.UPDATES_SERVER_PRODUCT_NAME }}"
run: npm run build -- --linux

Expand All @@ -59,10 +74,10 @@ jobs:
MIXPANEL_TOKEN: "${{ secrets.MIXPANEL_PROJECT_TOKEN }}"
MIXPANEL_STAGE: "int"
NIGHTLY: 1
SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ secrets.SENTRY_DSN }}"
SENTRY_ORG: "${{ secrets.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ secrets.SENTRY_PROJECT }}"
SENTRY_AUTH_TOKEN: "${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ steps.secrets.outputs.SENTRY_DSN }}"
SENTRY_ORG: "${{ steps.secrets.outputs.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ steps.secrets.outputs.SENTRY_PROJECT }}"
UPDATES_SERVER_PRODUCT_NAME: "${{ secrets.UPDATES_SERVER_PRODUCT_NAME }}"
run: npm run build -- --mac

Expand All @@ -72,24 +87,13 @@ jobs:
MIXPANEL_TOKEN: "${{ secrets.MIXPANEL_PROJECT_TOKEN }}"
MIXPANEL_STAGE: "int"
NIGHTLY: 1
SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ secrets.SENTRY_DSN }}"
SENTRY_ORG: "${{ secrets.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ secrets.SENTRY_PROJECT }}"
SENTRY_AUTH_TOKEN: "${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ steps.secrets.outputs.SENTRY_DSN }}"
SENTRY_ORG: "${{ steps.secrets.outputs.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ steps.secrets.outputs.SENTRY_PROJECT }}"
UPDATES_SERVER_PRODUCT_NAME: "${{ secrets.UPDATES_SERVER_PRODUCT_NAME }}"
run: npm run build -- --win

- name: Import Secrets
id: secrets
uses: hashicorp/vault-action@v3.0.0
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false
secrets: |
secret/data/common/jenkins/downloads-camunda-cloud_google_sa_key DOWNLOAD_CENTER_GCLOUD_KEY_BYTES | GCP_CREDENTIALS_NAME;
- name: Upload artifact to Camunda Download Center
uses: camunda/infra-global-github-actions/download-center-upload@40a4ed3a870fa58eb5e994737c79ef690e949ea7
with:
Expand Down
38 changes: 26 additions & 12 deletions .github/workflows/RELEASE.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,20 @@ jobs:
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Import Secrets
id: secrets
uses: hashicorp/vault-action@v3.0.0
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false
secrets: |
secret/data/products/desktop-modeler/ci/sentry SENTRY_AUTH_TOKEN;
secret/data/products/desktop-modeler/ci/sentry SENTRY_DSN;
secret/data/products/desktop-modeler/ci/sentry SENTRY_ORG;
secret/data/products/desktop-modeler/ci/sentry SENTRY_PROJECT;

- name: Build release (Linux)
if: ${{ runner.OS == 'Linux' }}
Expand All @@ -48,10 +62,10 @@ jobs:
CSC_KEY_PASSWORD: "${{ secrets.CSC_KEY_PASSWORD }}"
MIXPANEL_TOKEN: "${{ secrets.MIXPANEL_PROJECT_TOKEN }}"
MIXPANEL_STAGE: "prod"
SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ secrets.SENTRY_DSN }}"
SENTRY_ORG: "${{ secrets.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ secrets.SENTRY_PROJECT }}"
SENTRY_AUTH_TOKEN: "${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ steps.secrets.outputs.SENTRY_DSN }}"
SENTRY_ORG: "${{ steps.secrets.outputs.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ steps.secrets.outputs.SENTRY_PROJECT }}"
UPDATES_SERVER_PRODUCT_NAME: "${{ secrets.UPDATES_SERVER_PRODUCT_NAME }}"
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
NODE_ENV: "production"
Expand All @@ -66,10 +80,10 @@ jobs:
CSC_KEY_PASSWORD: "${{ secrets.CSC_KEY_PASSWORD }}"
MIXPANEL_TOKEN: "${{ secrets.MIXPANEL_PROJECT_TOKEN }}"
MIXPANEL_STAGE: "prod"
SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ secrets.SENTRY_DSN }}"
SENTRY_ORG: "${{ secrets.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ secrets.SENTRY_PROJECT }}"
SENTRY_AUTH_TOKEN: "${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ steps.secrets.outputs.SENTRY_DSN }}"
SENTRY_ORG: "${{ steps.secrets.outputs.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ steps.secrets.outputs.SENTRY_PROJECT }}"
UPDATES_SERVER_PRODUCT_NAME: "${{ secrets.UPDATES_SERVER_PRODUCT_NAME }}"
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
NODE_ENV: "production"
Expand All @@ -79,10 +93,10 @@ jobs:
env:
MIXPANEL_TOKEN: "${{ secrets.MIXPANEL_PROJECT_TOKEN }}"
MIXPANEL_STAGE: "prod"
SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ secrets.SENTRY_DSN }}"
SENTRY_ORG: "${{ secrets.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ secrets.SENTRY_PROJECT }}"
SENTRY_AUTH_TOKEN: "${{ steps.secrets.outputs.SENTRY_AUTH_TOKEN }}"
SENTRY_DSN: "${{ steps.secrets.outputs.SENTRY_DSN }}"
SENTRY_ORG: "${{ steps.secrets.outputs.SENTRY_ORG }}"
SENTRY_PROJECT: "${{ steps.secrets.outputs.SENTRY_PROJECT }}"
UPDATES_SERVER_PRODUCT_NAME: "${{ secrets.UPDATES_SERVER_PRODUCT_NAME }}"
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
NODE_ENV: "production"
Expand Down
Loading