From 16aba7daa400be4aecc03ea3fa7261a852ac7572 Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 1 Nov 2023 14:35:23 +0800 Subject: [PATCH 1/7] ci: Switch to 1password connect to avoid rate limit Signed-off-by: Xuanwo --- .github/scripts/behavior_test/plan.py | 4 ++-- .github/workflows/behavior_test_core.yml | 11 +++++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/scripts/behavior_test/plan.py b/.github/scripts/behavior_test/plan.py index c7de32140c77..aae0a2248a25 100755 --- a/.github/scripts/behavior_test/plan.py +++ b/.github/scripts/behavior_test/plan.py @@ -50,9 +50,9 @@ def provided_cases() -> list[dict[str, str]]: # Check if this workflow needs to read secrets. # - # We will check if pattern `secrets.XXX` exist in content. + # We will check if pattern `op://services` exist in content. if not os.getenv("GITHUB_HAS_SECRETS") == "true": - cases[:] = [v for v in cases if "secrets" not in v["content"]] + cases[:] = [v for v in cases if "op://services" not in v["content"]] # Remove content from cases. cases = [ diff --git a/.github/workflows/behavior_test_core.yml b/.github/workflows/behavior_test_core.yml index 03d542f26a3c..5011d2d61673 100644 --- a/.github/workflows/behavior_test_core.yml +++ b/.github/workflows/behavior_test_core.yml @@ -52,6 +52,17 @@ jobs: shell: bash run: echo "OP_SERVICE_ACCOUNT_TOKEN=${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}" >> $GITHUB_ENV + # TODO: 1password is only supported on linux + # + # Waiting for https://github.com/1Password/load-secrets-action/issues/46 + - name: Setup service account token for 1password + if: runner.os == 'Linux' + uses: 1password/load-secrets-action@v1 + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_CONNECT_HOST: op://services/1password/host + OP_CONNECT_TOKEN: op://services/1password/token + - name: Test Core uses: ./.github/actions/behavior_test_core with: From 1963fa04f8d0f8ef5615fdc9e66a3a33fd9646f3 Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 1 Nov 2023 14:39:08 +0800 Subject: [PATCH 2/7] Fix typo Signed-off-by: Xuanwo --- .github/workflows/behavior_test_core.yml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/behavior_test_core.yml b/.github/workflows/behavior_test_core.yml index 5011d2d61673..e9339a46aa12 100644 --- a/.github/workflows/behavior_test_core.yml +++ b/.github/workflows/behavior_test_core.yml @@ -44,24 +44,18 @@ jobs: need-rocksdb: true github-token: ${{ secrets.GITHUB_TOKEN }} - # TODO: 1password is only supported on linux - # - # Waiting for https://github.com/1Password/load-secrets-action/issues/46 - - name: Setup service account token for 1password - if: runner.os == 'Linux' - shell: bash - run: echo "OP_SERVICE_ACCOUNT_TOKEN=${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}" >> $GITHUB_ENV - # TODO: 1password is only supported on linux # # Waiting for https://github.com/1Password/load-secrets-action/issues/46 - name: Setup service account token for 1password if: runner.os == 'Linux' uses: 1password/load-secrets-action@v1 + with: + export-env: true env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_CONNECT_HOST: op://services/1password/host - OP_CONNECT_TOKEN: op://services/1password/token + OP_CONNECT_HOST: op://services/connect/host + OP_CONNECT_TOKEN: op://services/connect/token - name: Test Core uses: ./.github/actions/behavior_test_core From 21301b069d02d3bc3566da766d4c2334bd4e3e4f Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 1 Nov 2023 15:29:11 +0800 Subject: [PATCH 3/7] FIx typo Signed-off-by: Xuanwo --- .github/workflows/behavior_test_core.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/behavior_test_core.yml b/.github/workflows/behavior_test_core.yml index e9339a46aa12..91f455d037f6 100644 --- a/.github/workflows/behavior_test_core.yml +++ b/.github/workflows/behavior_test_core.yml @@ -47,7 +47,7 @@ jobs: # TODO: 1password is only supported on linux # # Waiting for https://github.com/1Password/load-secrets-action/issues/46 - - name: Setup service account token for 1password + - name: Setup 1Password Connect if: runner.os == 'Linux' uses: 1password/load-secrets-action@v1 with: From 2b06a90821a6fb9464b9c63bf68968f2ff3b5646 Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 1 Nov 2023 15:33:25 +0800 Subject: [PATCH 4/7] Test Signed-off-by: Xuanwo --- .github/workflows/behavior_test_core.yml | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/.github/workflows/behavior_test_core.yml b/.github/workflows/behavior_test_core.yml index 91f455d037f6..64c37dc3f09d 100644 --- a/.github/workflows/behavior_test_core.yml +++ b/.github/workflows/behavior_test_core.yml @@ -44,18 +44,26 @@ jobs: need-rocksdb: true github-token: ${{ secrets.GITHUB_TOKEN }} - # TODO: 1password is only supported on linux - # - # Waiting for https://github.com/1Password/load-secrets-action/issues/46 - - name: Setup 1Password Connect + # REMOVE ME after OP_CONNECT_HOST and OP_CONNECT_TOKEN has been added. + - name: Setup 1Password Connect Trick if: runner.os == 'Linux' uses: 1password/load-secrets-action@v1 with: export-env: true env: OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_CONNECT_HOST: op://services/connect/host - OP_CONNECT_TOKEN: op://services/connect/token + OP_CONNECT_HOST_TMP: op://services/connect/host + OP_CONNECT_TOKEN_TMP: op://services/connect/token + + # TODO: 1password is only supported on linux + # + # Waiting for https://github.com/1Password/load-secrets-action/issues/46 + - name: Setup 1Password Connect + if: runner.os == 'Linux' + uses: 1password/load-secrets-action/configure@v1 + with: + connect-host: ${{ secrets.OP_CONNECT_HOST_TMP }} + connect-token: ${{ secrets.OP_CONNECT_TOKEN_TMP }} - name: Test Core uses: ./.github/actions/behavior_test_core From d4e558bad27528fbbd112a21491c0ce3cb99fbef Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 1 Nov 2023 15:35:13 +0800 Subject: [PATCH 5/7] Fix typo Signed-off-by: Xuanwo --- .github/workflows/behavior_test_core.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/behavior_test_core.yml b/.github/workflows/behavior_test_core.yml index 64c37dc3f09d..cd4bd42f7ee9 100644 --- a/.github/workflows/behavior_test_core.yml +++ b/.github/workflows/behavior_test_core.yml @@ -62,8 +62,8 @@ jobs: if: runner.os == 'Linux' uses: 1password/load-secrets-action/configure@v1 with: - connect-host: ${{ secrets.OP_CONNECT_HOST_TMP }} - connect-token: ${{ secrets.OP_CONNECT_TOKEN_TMP }} + connect-host: ${{ env.OP_CONNECT_HOST_TMP }} + connect-token: ${{ env.OP_CONNECT_TOKEN_TMP }} - name: Test Core uses: ./.github/actions/behavior_test_core From d69e9c216992fc35f4032759051958ca465d6639 Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 1 Nov 2023 15:43:44 +0800 Subject: [PATCH 6/7] Migrate all Signed-off-by: Xuanwo --- .../workflows/behavior_test_binding_java.yml | 19 +++++++++++++++--- .../behavior_test_binding_python.yml | 20 ++++++++++++++++--- 2 files changed, 33 insertions(+), 6 deletions(-) diff --git a/.github/workflows/behavior_test_binding_java.yml b/.github/workflows/behavior_test_binding_java.yml index 3a780d46889e..1d8b652ca7a3 100644 --- a/.github/workflows/behavior_test_binding_java.yml +++ b/.github/workflows/behavior_test_binding_java.yml @@ -44,13 +44,26 @@ jobs: need-rocksdb: true github-token: ${{ secrets.GITHUB_TOKEN }} + # REMOVE ME after OP_CONNECT_HOST and OP_CONNECT_TOKEN has been added. + - name: Setup 1Password Connect Trick + if: runner.os == 'Linux' + uses: 1password/load-secrets-action@v1 + with: + export-env: true + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_CONNECT_HOST_TMP: op://services/connect/host + OP_CONNECT_TOKEN_TMP: op://services/connect/token + # TODO: 1password is only supported on linux # # Waiting for https://github.com/1Password/load-secrets-action/issues/46 - - name: Setup service account token for 1password + - name: Setup 1Password Connect if: runner.os == 'Linux' - shell: bash - run: echo "OP_SERVICE_ACCOUNT_TOKEN=${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}" >> $GITHUB_ENV + uses: 1password/load-secrets-action/configure@v1 + with: + connect-host: ${{ env.OP_CONNECT_HOST_TMP }} + connect-token: ${{ env.OP_CONNECT_TOKEN_TMP }} - name: Test Core uses: ./.github/actions/behavior_test_binding_java diff --git a/.github/workflows/behavior_test_binding_python.yml b/.github/workflows/behavior_test_binding_python.yml index ed6b099d20f2..33b555ac3911 100644 --- a/.github/workflows/behavior_test_binding_python.yml +++ b/.github/workflows/behavior_test_binding_python.yml @@ -44,13 +44,27 @@ jobs: need-rocksdb: true github-token: ${{ secrets.GITHUB_TOKEN }} + # REMOVE ME after OP_CONNECT_HOST and OP_CONNECT_TOKEN has been added. + - name: Setup 1Password Connect Trick + if: runner.os == 'Linux' + uses: 1password/load-secrets-action@v1 + with: + export-env: true + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + OP_CONNECT_HOST_TMP: op://services/connect/host + OP_CONNECT_TOKEN_TMP: op://services/connect/token + # TODO: 1password is only supported on linux # # Waiting for https://github.com/1Password/load-secrets-action/issues/46 - - name: Setup service account token for 1password + - name: Setup 1Password Connect if: runner.os == 'Linux' - shell: bash - run: echo "OP_SERVICE_ACCOUNT_TOKEN=${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}" >> $GITHUB_ENV + uses: 1password/load-secrets-action/configure@v1 + with: + connect-host: ${{ env.OP_CONNECT_HOST_TMP }} + connect-token: ${{ env.OP_CONNECT_TOKEN_TMP }} + - uses: actions/setup-python@v4 with: python-version: '3.11' From 2c37f952360d1e3efc4a3d651ffe78586a129059 Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 1 Nov 2023 16:51:14 +0800 Subject: [PATCH 7/7] Test Signed-off-by: Xuanwo --- .github/workflows/behavior_test_binding_java.yml | 15 ++------------- .../workflows/behavior_test_binding_python.yml | 15 ++------------- .github/workflows/behavior_test_core.yml | 15 ++------------- 3 files changed, 6 insertions(+), 39 deletions(-) diff --git a/.github/workflows/behavior_test_binding_java.yml b/.github/workflows/behavior_test_binding_java.yml index 1d8b652ca7a3..de70104227e0 100644 --- a/.github/workflows/behavior_test_binding_java.yml +++ b/.github/workflows/behavior_test_binding_java.yml @@ -44,17 +44,6 @@ jobs: need-rocksdb: true github-token: ${{ secrets.GITHUB_TOKEN }} - # REMOVE ME after OP_CONNECT_HOST and OP_CONNECT_TOKEN has been added. - - name: Setup 1Password Connect Trick - if: runner.os == 'Linux' - uses: 1password/load-secrets-action@v1 - with: - export-env: true - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_CONNECT_HOST_TMP: op://services/connect/host - OP_CONNECT_TOKEN_TMP: op://services/connect/token - # TODO: 1password is only supported on linux # # Waiting for https://github.com/1Password/load-secrets-action/issues/46 @@ -62,8 +51,8 @@ jobs: if: runner.os == 'Linux' uses: 1password/load-secrets-action/configure@v1 with: - connect-host: ${{ env.OP_CONNECT_HOST_TMP }} - connect-token: ${{ env.OP_CONNECT_TOKEN_TMP }} + connect-host: ${{ secrets.OP_CONNECT_HOST }} + connect-token: ${{ secrets.OP_CONNECT_TOKEN }} - name: Test Core uses: ./.github/actions/behavior_test_binding_java diff --git a/.github/workflows/behavior_test_binding_python.yml b/.github/workflows/behavior_test_binding_python.yml index 33b555ac3911..6c5c09bebbe1 100644 --- a/.github/workflows/behavior_test_binding_python.yml +++ b/.github/workflows/behavior_test_binding_python.yml @@ -44,17 +44,6 @@ jobs: need-rocksdb: true github-token: ${{ secrets.GITHUB_TOKEN }} - # REMOVE ME after OP_CONNECT_HOST and OP_CONNECT_TOKEN has been added. - - name: Setup 1Password Connect Trick - if: runner.os == 'Linux' - uses: 1password/load-secrets-action@v1 - with: - export-env: true - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_CONNECT_HOST_TMP: op://services/connect/host - OP_CONNECT_TOKEN_TMP: op://services/connect/token - # TODO: 1password is only supported on linux # # Waiting for https://github.com/1Password/load-secrets-action/issues/46 @@ -62,8 +51,8 @@ jobs: if: runner.os == 'Linux' uses: 1password/load-secrets-action/configure@v1 with: - connect-host: ${{ env.OP_CONNECT_HOST_TMP }} - connect-token: ${{ env.OP_CONNECT_TOKEN_TMP }} + connect-host: ${{ secrets.OP_CONNECT_HOST }} + connect-token: ${{ secrets.OP_CONNECT_TOKEN }} - uses: actions/setup-python@v4 with: diff --git a/.github/workflows/behavior_test_core.yml b/.github/workflows/behavior_test_core.yml index cd4bd42f7ee9..4f7fdff62718 100644 --- a/.github/workflows/behavior_test_core.yml +++ b/.github/workflows/behavior_test_core.yml @@ -44,17 +44,6 @@ jobs: need-rocksdb: true github-token: ${{ secrets.GITHUB_TOKEN }} - # REMOVE ME after OP_CONNECT_HOST and OP_CONNECT_TOKEN has been added. - - name: Setup 1Password Connect Trick - if: runner.os == 'Linux' - uses: 1password/load-secrets-action@v1 - with: - export-env: true - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - OP_CONNECT_HOST_TMP: op://services/connect/host - OP_CONNECT_TOKEN_TMP: op://services/connect/token - # TODO: 1password is only supported on linux # # Waiting for https://github.com/1Password/load-secrets-action/issues/46 @@ -62,8 +51,8 @@ jobs: if: runner.os == 'Linux' uses: 1password/load-secrets-action/configure@v1 with: - connect-host: ${{ env.OP_CONNECT_HOST_TMP }} - connect-token: ${{ env.OP_CONNECT_TOKEN_TMP }} + connect-host: ${{ secrets.OP_CONNECT_HOST }} + connect-token: ${{ secrets.OP_CONNECT_TOKEN }} - name: Test Core uses: ./.github/actions/behavior_test_core