[CI] Get rid of KEYCHAIN_PASSWORD GitHub secret
ClosedPublic
Actions

Authored by ashoat on Oct 25 2023, 11:37 AM.

Details

Reviewers

atul
varun

Commits

rCOMM552072b8bdba: [CI] Get rid of KEYCHAIN_PASSWORD GitHub secret

Summary

Based on this doc, this value doesn't matter. We have it set to a random string via GitHub secrets, but we might as well just use some hardcoded string.

The benefit here is simplifying the set of secrets we need somebody to configure to get a fork of the Comm repo working with our CI workflows (so they can be debugged).

Test Plan

CI will test after landing

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

ashoat created this revision.Oct 25 2023, 11:37 AM

Herald added subscribers: will, tomek. · View Herald TranscriptOct 25 2023, 11:37 AM

Harbormaster completed remote builds in B23497: Diff 32412.Oct 25 2023, 11:56 AM

ashoat requested review of this revision.Oct 25 2023, 11:56 AM

Upon further research, it looks like this is only relevant for runners that are reused for multiple runs of workflows OR for machines that are being used for unrelated workflows that shouldn't have access to these certificates.

Because these macOS runners are ephemeral, providing a KEYCHAIN_PASSWORD isn't necessary. The "Clean up keychain" step is also unnecessary and could be removed.

This revision is now accepted and ready to land.Oct 25 2023, 2:58 PM

Remove "Clean up keychain" step

This revision was landed with ongoing or failed builds.Oct 25 2023, 3:03 PM

Closed by commit rCOMM552072b8bdba: [CI] Get rid of KEYCHAIN_PASSWORD GitHub secret (authored by ashoat). · Explain Why

This revision was automatically updated to reflect the committed changes.

ashoat added a commit: rCOMM552072b8bdba: [CI] Get rid of KEYCHAIN_PASSWORD GitHub secret.

Harbormaster completed remote builds in B23498: Diff 32413.Oct 25 2023, 3:21 PM