Update manual-apk-release.yml

Test secret retrieval from vault
opensrp · Feb 8, 2024 · efad53f · efad53f
1 parent 96584b9
commit efad53f
Showing 1 changed file with 17 additions and 29 deletions.
diff --git a/.github/workflows/manual-apk-release.yml b/.github/workflows/manual-apk-release.yml
@@ -2,34 +2,22 @@ name: Manual APK Release
 run-name: Generating a FHIR Core Release APK 🚀
 on: [push]
 jobs:
-   test-import-dummy-credentials:
-      runs-on: ubuntu-latest
+   build:
+      runs-on: self-hosted
+      permissions:
+         id-token: write
+         contents: read
       steps:
-        - run: echo "${{ github.actor }} is running the job.."
-        - name: Import Secrets
-          id: import-secrets
-          uses: hashicorp/vault-action@v2
-          with:
-            url: https://vault.onalabs.org
-            token: ${{ secrets.VAULT_TOKEN }}
-            caCertificate: ${{ secrets.VAULT_CA_CERT }}
-            tlsSkipVerify: true
-            secrets: |
-                    kv-v2-fhircore/data/opensrp-security-focus MY_LITTLE_SECRET | SECRET_TEST ;
-            run: echo "${{ steps.import-secrets.outputs.SECRET_TEST }}" && echo "${{ env.SECRET_TEST }} && echo "${{ env.SECRET_TEST }}" | awk '{print length}'
+         - uses: actions/checkout@v3
+         - name: Import Secrets from Vault
+           id: import-secrets
+           uses: hashicorp/vault-action@v2.8.0
+           with:
+              url: https://vault.onalabs.org
+              token: ${{ secrets.VAULT_TOKEN }}
+              # caCertificate: ${{ secrets.VAULT_CA_CERT }}
+              tlsSkipVerify: true
+              secrets: |
+                kv-v2-fhircore/data/opensrp-security-focus MY_LITTLE_SECRET | SECRET_TEST ;
+              run: echo "${{ steps.import-secrets.outputs.SECRET_TEST }}" && echo "${{ env.SECRET_TEST }} && echo "${{ env.SECRET_TEST }}" | awk '{print length}'
 
-        - name: Import Secrets
-          id: import-secrets-2
-          uses: hashicorp/vault-action@v2
-          with:
-            url: https://vault.onalabs.org
-            method: userpass
-            username: ${{ secrets.VAULT_USERNAME }}
-            password: ${{ secrets.VAULT_PASSWORD }}
-            caCertificate: ${{ secrets.VAULT_CA_CERT }}
-            secrets: |
-                    kv-v2-fhircore/data/opensrp-security-focus MY_LITTLE_SECRET | SECRET_TEST ;
-            script: echo "${{ steps.import-secrets-2.outputs.SECRET_TEST }}" && echo "${{ env.SECRET_TEST }}"&& echo "${{ env.SECRET_TEST }}" | awk '{print length}'
-
-
-