Closed michalinacienciala closed 3 years ago
Test configuration (references to development branch) is now removed. Here is the link to the successfully executed workflow which used that test configuration: Dapp: https://github.com/keep-network/tbtc-dapp/actions/runs/807372082
Non-sensitive data previously accessed by using
secrets
context is now accessed by invokingkeep-network/load-env-variables
action and usingenv
context. BACKGROUND: We've been storing id of the test environment asKEEP_TEST_ETH_NETWORK_ID
organization secret in GitHub's settings to allow for easy access to that value from multiple projects. But it turned out to be problematic, as GHA in some situations redacts workflow logs and actions outputs/inputs based on the values stored in secrets. So if the secret holds small numeric value, it is quite probable that at some point in time this value will be recognized as a substring ofgithub.sha
or another variable and thegithub.sha
will be redacted with***
in place of the recognized pattern. If such redacted value is configured as input of some action, the action gets invoked by the GHA without that input, which can cause run failure or can mess up the workflow results. As a solution for this problem we decided to no longer store frequently-used, non-sensitive data such asKEEP_TEST_ETH_NETWORK_ID
in GitHub's secrets, but instead store them in a file kept inkeep-network/ci
repository and read that data toenv
context in order to be able to use it when running workflows. Akeep-network/load-env-variables
action has been implemented to allow for loading of the variables toenv
context in one step. The scope of the loaded variables is limited to the job in which they were loaded. To use the variables in other job, actionload-env-variables
needs to be executed there as well.