arthurgousset
commented
10 months ago Closed arthurgousset closed 9 months ago
arthurgousset
commented
10 months ago arthurgousset
commented
10 months ago I'm not sure this is fixed @pputman-clabs, the workflow related to the PR broke:
Or am I missing something?
pputman-clabs
commented
10 months ago No this is due to the branch restriction I setup which apparently isn't working. fixed now, I'll figure out whats wrong with the subclaims.
arthurgousset
commented
10 months ago Hey @pputman-clabs the same "Akeyless Get Secrets" step is broken in the celo-org/developer-tooling repo.
For example, this workflow in this PR:
pputman-clabs
commented
10 months ago Access role was overwritten, fixed now.
pputman-clabs
commented
10 months ago To document the issues, we recently added a branch protection so only certain branches would be able to access the secret.
This adds a branch=main subclaim to the access role. This seems to have caused a problem where its not actually allowing the specified branch, so I've removed that restriction. I'll have to retest and see what subclaims the OIDC token is sending from github, to see why its not matching and running properly.
arthurgousset
commented
10 months ago Thanks for the context, very useful 💯
arthurgousset
commented
9 months ago This PR fixed the release workflow, since the subsequent workflows ran without errors.
For example:
On that basis, this ticket can be closed.
Hey @pputman12, the automatic release flow in this repo celo-org/rainbowkit-celo seems to have broken at the "Akeyless Get Secrets" step.
Probably a relatively simple permissions issue. Could you help me fix the bug?
Priority: Not urgent, I'd say in the next 1-2 weeks is fine. The only impact this has is that a demo website (at rainbowkit-with-celo.vercel.app) cannot be deployed in the mean time. I made a small patch that failed to be deployed here: