From f43e9f311f8386074ecfe687b778d0c4eb5b13e5 Mon Sep 17 00:00:00 2001 From: Sai Date: Tue, 10 Sep 2024 12:13:33 -0500 Subject: [PATCH] modify script --- .github/executables/decrypt_secret.sh | 19 ++++++++++++++++--- .github/workflows/firebase_deploy_preview.yml | 5 ++++- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/.github/executables/decrypt_secret.sh b/.github/executables/decrypt_secret.sh index 10b00b69b2..4450862403 100755 --- a/.github/executables/decrypt_secret.sh +++ b/.github/executables/decrypt_secret.sh @@ -1,9 +1,22 @@ #!/bin/sh +# Get arguments +while getopts passphrase:input:output: flag +do + case "${flag}" in + passphrase) passphrase=${OPTARG};; + input) input=${OPTARG};; + output) output=${OPTARG};; + esac +done +echo "Passphrase: $passphrase"; +echo "Input: $input"; +echo "Output: $output"; + # Decrypt the file mkdir $HOME/secrets # --batch to prevent interactive command # --yes to assume "yes" for questions -gpg --quiet --batch --yes --decrypt --passphrase="$LARGE_SECRET_PASSPHRASE" \ ---output $HOME/secrets/braintree_demo_app-eb501d54ba5f.json \ -./.github/files/braintree-demo-app-eb501d54ba5f.json.gpg +gpg --quiet --batch --yes --decrypt --passphrase="$passphrase" \ +--output "$output" "$input" \ +&& cat "$output" diff --git a/.github/workflows/firebase_deploy_preview.yml b/.github/workflows/firebase_deploy_preview.yml index 605826f688..b027417b60 100644 --- a/.github/workflows/firebase_deploy_preview.yml +++ b/.github/workflows/firebase_deploy_preview.yml @@ -16,7 +16,10 @@ jobs: - name: Assemble run: ./gradlew --stacktrace :demo:assembleRelease - name: Decrypt large secret - run: ./.github/executables/decrypt_secret.sh + run: ./.github/executables/decrypt_secret.sh \ + -passphrase $LARGE_SECRET_PASSPHRASE \ + -input ./.github/files/braintree-demo-app-eb501d54ba5f.json.gpg \ + -output $HOME/secrets/braintree_demo_app-eb501d54ba5f.json env: LARGE_SECRET_PASSPHRASE: ${{ secrets.FIREBASE_PRIVATE_KEY_GPG_PASSPHRASE }} # - name: Deploy to Firebase