Skip to content

Commit

Permalink
introduce new pattern of GH PAT usage for #2641 (#22177)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Mykyta-Serbynevskyi
Mykyta-Serbynevskyi committed Feb 1, 2023
1 parent bc7ebee commit d4bfcf3
Show file tree
Hide file tree
Showing 20 changed files with 79 additions and 218 deletions.
11 changes: 1 addition & 10 deletions .github/workflows/approve-and-merge-dispatch.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,20 +6,11 @@ jobs:
approveAndMergeDispatch:
runs-on: ubuntu-latest
steps:
- name: Checkout Airbyte
uses: actions/checkout@v3
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OCTAVIA_GITHUB_RUNNER_TOKEN }} \
${{ secrets.SUPERTOPHER_PAT }}
- name: Auto Approve Slash Command Dispatch
uses: peter-evans/slash-command-dispatch@v3
id: scd
with:
token: ${{ env.PAT }}
token: ${{ secrets.GH_PAT_APPROVINGTON_OCTAVIA }}
permission: write
issue-type: pull-request
repository: airbytehq/airbyte-cloud
Expand Down
9 changes: 0 additions & 9 deletions .github/workflows/commands-for-testing-tool.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,6 @@ jobs:
comment-id: ${{ steps.comment-info.outputs.comment-id }}
command: ${{ steps.regex.outputs.first_match }}
steps:
- name: Checkout Airbyte
uses: actions/checkout@v3
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
- name: Get PR repo and ref
id: getref
run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/connector_integration_tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
- name: Launch Integration Tests
run: python ./tools/bin/ci_integration_workflow_launcher.py base-normalization source-acceptance-test source:beta source:GA destination:beta destination:GA
env:
GITHUB_TOKEN: ${{ secrets.SLASH_COMMAND_PAT }}
GITHUB_TOKEN: ${{ secrets.GH_PAT_MAINTENANCE_OSS }}
launch_integration_tests_alpha_only:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
Expand All @@ -47,4 +47,4 @@ jobs:
- name: Launch Integration Tests (Alpha connectors)
run: python ./tools/bin/ci_integration_workflow_launcher.py source:alpha destination:alpha
env:
GITHUB_TOKEN: ${{ secrets.SLASH_COMMAND_PAT }}
GITHUB_TOKEN: ${{ secrets.GH_PAT_MAINTENANCE_OSS }}
7 changes: 1 addition & 6 deletions .github/workflows/deploy-oss-catalog.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,14 +36,9 @@ jobs:
gcs_bucket_name="prod-airbyte-cloud-connector-metadata-service"
catalog_path="airbyte-config/init/src/main/resources/seed/oss_catalog.json"
gsutil -h "Cache-Control:public, max-age=10" cp "$catalog_path" "gs://$gcs_bucket_name/oss_catalog.json"
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: Trigger Cloud catalog generation
uses: peter-evans/repository-dispatch@v2
with:
token: ${{ env.PAT }}
token: ${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}
repository: airbytehq/airbyte-cloud
event-type: generate-cloud-catalog
12 changes: 4 additions & 8 deletions .github/workflows/gke-kube-test-command.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -152,10 +150,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down
81 changes: 24 additions & 57 deletions .github/workflows/gradle.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Set up CI Gradle Properties
run: |
Expand Down Expand Up @@ -191,10 +190,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -230,7 +227,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Install Pyenv
run: python3 -m pip install virtualenv==16.7.9 --user
Expand Down Expand Up @@ -345,10 +341,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -378,10 +372,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -416,7 +408,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Set up CI Gradle Properties
run: |
Expand Down Expand Up @@ -471,10 +462,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -504,10 +493,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -540,7 +527,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Delete default old docker and replace it with a new one
shell: bash
Expand Down Expand Up @@ -600,10 +586,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -633,10 +617,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -668,7 +650,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- uses: actions/setup-node@v3
with:
Expand Down Expand Up @@ -803,7 +784,6 @@ jobs:
if: always()
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Publish Platform Test Results
uses: EnricoMi/publish-unit-test-result-action@v2
Expand Down Expand Up @@ -879,10 +859,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -911,10 +889,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -949,7 +925,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Install unzip
shell: bash
Expand Down Expand Up @@ -1026,7 +1001,6 @@ jobs:
if: always()
with:
python-version: "3.9"
token: ${{ env.PAT }}

- name: Publish Kube Test Results
id: kube-results
Expand Down Expand Up @@ -1107,10 +1081,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down Expand Up @@ -1139,10 +1111,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
Expand Down Expand Up @@ -1197,7 +1167,6 @@ jobs:
- uses: actions/setup-python@v4
with:
python-version: "3.9"
token: ${{ env.PAT }}

- uses: actions/setup-java@v1
with:
Expand Down Expand Up @@ -1342,10 +1311,8 @@ jobs:
- name: Check PAT rate limits
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.AIRBYTEIO_PAT }} \
${{ secrets.OSS_BUILD_RUNNER_GITHUB_PAT }} \
${{ secrets.SUPERTOPHER_PAT }} \
${{ secrets.DAVINCHIA_PAT }}
${{ secrets.GH_PAT_BUILD_RUNNER_OSS }} \
${{ secrets.GH_PAT_BUILD_RUNNER_BACKUP }}
- name: Stop EC2 runner
uses: supertopher/ec2-github-runner@base64v1.0.10
with:
Expand Down
12 changes: 2 additions & 10 deletions .github/workflows/label-github-issues-by-context.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,12 @@ jobs:
name: "Add Labels to Issues. Safe to Merge on fail"
runs-on: ubuntu-latest
steps:
- name: Checkout Airbyte Repo for PAT command
uses: actions/checkout@v3
- name: Check PAT rate limits
# Cannot share PAT outside of JOB context
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: Run Issue Command from workflow-actions
uses: nick-fields/private-action-loader@v3
with:
pal-repo-token: "${{ env.PAT }}"
pal-repo-token: "${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}"
pal-repo-name: airbytehq/workflow-actions@production
# the following input gets passed to the private
token: "${{ env.PAT }}"
token: "${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}"
# ref: https://github.com/airbytehq/workflow-actions/blob/main/src/bin_issue.ts
command: "issue"
10 changes: 1 addition & 9 deletions .github/workflows/label-github-issues-by-path.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,8 @@ jobs:
name: "Label PRs based on files changes"
runs-on: ubuntu-latest
steps:
- name: Checkout Airbyte Repo for PAT command
uses: actions/checkout@v2
- name: Check PAT rate limits
# Cannot share PAT outside of JOB context
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: "Label PR based on changed files"
uses: actions/labeler@v3
with:
repo-token: "${{ env.PAT }}"
repo-token: "${{ secrets.GH_PAT_MAINTENANCE_OCTAVIA }}"
sync-labels: true
12 changes: 2 additions & 10 deletions .github/workflows/label-prs-by-context.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,11 @@ jobs:
name: "Add Labels to PRs. Safe to Merge on fail"
runs-on: ubuntu-latest
steps:
- name: Checkout Airbyte Repo for PAT command
uses: actions/checkout@v3
- name: Check PAT rate limits
# Cannot share PAT outside of JOB context
run: |
./tools/bin/find_non_rate_limited_PAT \
${{ secrets.OCTAVIA_4_ROOT_ACCESS }} \
${{ secrets.OCTAVIA_PAT }}
- name: Run Issue Command from workflow-actions
uses: nick-fields/private-action-loader@v3
with:
pal-repo-token: "${{ env.PAT }}"
pal-repo-token: "${{ GH_PAT_MAINTENANCE_OCTAVIA }}"
pal-repo-name: airbytehq/workflow-actions@production
# the following input gets passed to the private action
token: "${{ env.PAT }}"
token: "${{ GH_PAT_MAINTENANCE_OCTAVIA }}"
command: "pull"

0 comments on commit d4bfcf3

Please sign in to comment.