Skip to content

chore(deps): update hashicorp/vault-action action to v3.1.0 #39

chore(deps): update hashicorp/vault-action action to v3.1.0

chore(deps): update hashicorp/vault-action action to v3.1.0 #39

Workflow file for this run

---
name: Configure maintenance Pull Request
on:
pull_request:
types:
- labeled
- opened
jobs:
configure-pr:
name: Configure maintenance Pull Request
runs-on: ubuntu-latest
steps:
- name: Generate a GitHub token
id: github-token
uses: camunda/infra-global-github-actions/generate-github-app-token-from-vault-secrets@main
with:
github-app-id-vault-key: GITHUB_APP_ID
github-app-id-vault-path: secret/data/products/infra/ci/team-infrastructure
github-app-private-key-vault-key: GITHUB_APP_PRIVATE_KEY
github-app-private-key-vault-path: secret/data/products/infra/ci/team-infrastructure
vault-auth-method: approle
vault-auth-role-id: ${{ secrets.VAULT_ROLE_ID }}
vault-auth-secret-id: ${{ secrets.VAULT_SECRET_ID}}
vault-url: ${{ secrets.VAULT_ADDR }}
- name: Import Secrets
id: secrets
uses: hashicorp/[email protected]
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false # we rely on step outputs, no need for environment variables
secrets: |
secret/data/products/infra/ci/infra-core SLACK_WEBHOOK_INFRA_ALERTS;
- name: Apply maintenance parameters to the Pull Request if applicable
uses: camunda/infra-global-github-actions/teams/infra/configure-maintenance-pull-request@main
with:
github-token: ${{ steps.github-token.outputs.token }}
slack-webhook-url: ${{ steps.secrets.outputs.SLACK_WEBHOOK_INFRA_ALERTS }}