-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a safe-upload-artifacts action #601
Conversation
db81573
to
4cea908
Compare
Visit the preview URL for this PR (updated for commit faa7ff1): https://golioth-firmware-sdk-doxygen-dev--pr601-szczys-action-snj6ldvf.web.app (expires Wed, 25 Sep 2024 19:11:15 GMT) 🔥 via Firebase Hosting GitHub Action 🌎 Sign: a9993e61697a3983f3479e468bcb0b616f9a0578 |
f2770b5
to
919430f
Compare
Code Coverage (Linux)
|
919430f
to
4b4eb75
Compare
c3adfc8
to
2db8622
Compare
4b4eb75
to
2ed0574
Compare
2db8622
to
beabbda
Compare
2ed0574
to
64667a9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very cool!
name: Mask secrets in files | ||
|
||
description: | | ||
Search all files in a give path(s) and replace any GitHub secrets with ***NAME_OF_SECRET*** |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Search all files in a give path(s) and replace any GitHub secrets with ***NAME_OF_SECRET*** | |
Search all files in a given path(s) and replace any GitHub secrets with ***NAME_OF_SECRET*** |
uniq __grep_search_output.txt > __files_to_mask.txt | ||
|
||
if [ -s __files_to_mask.txt ]; then | ||
cat __files_to_mask.txt | xargs -I{} sed -i "s/$ESCAPED_SECRET/***$key***/g" {} | ||
fi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can remove the need to write another file:
uniq __grep_search_output.txt > __files_to_mask.txt | |
if [ -s __files_to_mask.txt ]; then | |
cat __files_to_mask.txt | xargs -I{} sed -i "s/$ESCAPED_SECRET/***$key***/g" {} | |
fi | |
if [ -s __grep_search_output.txt ]; then | |
uniq __grep_search_output.txt | xargs -I{} sed -i "s/$ESCAPED_SECRET/***$key***/g" {} | |
fi |
|
||
- name: Upload artifacts | ||
uses: actions/upload-artifact@v4 | ||
if: steps.find-and-mask.outcome == 'success' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is implied so we don't require it. We needed this before because we were using an if: always()
directive, but now that's applied for the whole action instead of just the individual upload artifacts step.
64667a9
to
0fdda77
Compare
Add safe-upload-artifacts to combine the functionality of both the mask_secrets and upload-artifact actions. Signed-off-by: Mike Szczys <mike@golioth.io>
Use safe-upload-artifacts for twister run artifacts and summaries. Signed-off-by: Mike Szczys <mike@golioth.io>
This has been replaced with safe-upload-artifacts. Signed-off-by: Mike Szczys <mike@golioth.io>
0fdda77
to
faa7ff1
Compare
This combined the functionality of the mask_secrets and upload-artifact actions.
This action takes a
name
andpath
input in the same formatting as theupload-artifact
action, masks any GitHub actions found in the files on those paths, and then calls the upload-artifact action to upload them as expected.resolves https://github.com/golioth/firmware-issue-tracker/issues/669