From 04e52f54752763f99956a865e61d43ed611b82a0 Mon Sep 17 00:00:00 2001 From: Yihau Chen Date: Fri, 10 Mar 2023 14:52:47 +0800 Subject: [PATCH] ci: remove ejson (#30653) --- .buildkite/env/.gitignore | 1 - .buildkite/env/README.md | 31 ------------------------------- .buildkite/env/secrets.ejson | 7 ------- .buildkite/hooks/pre-command | 2 -- 4 files changed, 41 deletions(-) delete mode 100644 .buildkite/env/.gitignore delete mode 100644 .buildkite/env/README.md delete mode 100644 .buildkite/env/secrets.ejson diff --git a/.buildkite/env/.gitignore b/.buildkite/env/.gitignore deleted file mode 100644 index 613fca1f525aa3..00000000000000 --- a/.buildkite/env/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/secrets_unencrypted.ejson diff --git a/.buildkite/env/README.md b/.buildkite/env/README.md deleted file mode 100644 index bf8d3226553bc9..00000000000000 --- a/.buildkite/env/README.md +++ /dev/null @@ -1,31 +0,0 @@ - -[ejson](https://github.com/Shopify/ejson) and -[ejson2env](https://github.com/Shopify/ejson2env) are used to manage access -tokens and other secrets required for CI. - -#### Setup -```bash -$ sudo gem install ejson ejson2env -``` - -then obtain the necessary keypair and place it in `/opt/ejson/keys/`. - -#### Usage -Run the following command to decrypt the secrets into the environment: -```bash -eval $(ejson2env secrets.ejson) -``` - -#### Managing secrets.ejson -To decrypt `secrets.ejson` for modification, run: -```bash -$ ejson decrypt secrets.ejson -o secrets_unencrypted.ejson -``` - -Edit, then run the following to re-encrypt the file **BEFORE COMMITING YOUR -CHANGES**: -```bash -$ ejson encrypt secrets_unencrypted.ejson -$ mv secrets_unencrypted.ejson secrets.ejson -``` - diff --git a/.buildkite/env/secrets.ejson b/.buildkite/env/secrets.ejson deleted file mode 100644 index 9831aad9fb1dc5..00000000000000 --- a/.buildkite/env/secrets.ejson +++ /dev/null @@ -1,7 +0,0 @@ -{ - "_public_key": "ae29f4f7ad2fc92de70d470e411c8426d5d48db8817c9e3dae574b122192335f", - "_comment": "These credentials are encrypted and pose no risk", - "environment": { - "CODECOV_TOKEN": "EJ[1:KToenD1Sr3w82lHGxz1n+j3hwNlLk/1pYrjZHlvY6kE=:hN1Q25omtJ+4yYVn+qzIsPLKT3O6J9XN:DMLNLXi/pkWgvwF6gNIcNF222sgsRR9LnwLZYj0P0wGj7q6w8YQnd1Rskj+sRroI/z5pQg==]" - } -} diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command index 35fa25265a9809..31a3abea4bddb4 100644 --- a/.buildkite/hooks/pre-command +++ b/.buildkite/hooks/pre-command @@ -1,8 +1,6 @@ #!/usr/bin/env bash set -e -# eval "$(ejson2env .buildkite/env/secrets.ejson)" - # Ensure the pattern "+++ ..." never occurs when |set -x| is set, as buildkite # interprets this as the start of a log group. # Ref: https://buildkite.com/docs/pipelines/managing-log-output