openreplay/.github/composite-actions/update-keys/action.yml

name: 'Update Keys'
description: 'Updates keys'
inputs:
  domain_name:
    required: true
    description: 'Domain Name'
  license_key:
    required: true
    description: 'License Key'
  jwt_secret:
    required: true
    description: 'JWT Secret'
  jwt_spot_secret:
    required: true
    description: 'JWT spot Secret'
  minio_access_key:
    required: true
    description: 'MinIO Access Key'
  minio_secret_key:
    required: true
    description: 'MinIO Secret Key'
  pg_password:
    required: true
    description: 'PostgreSQL Password'
  registry_url:
    required: true
    description: 'Registry URL'

runs:
  using: "composite"
  steps:
    - name: Downloading yq
      run: |
        VERSION="v4.42.1"
        sudo wget https://github.com/mikefarah/yq/releases/download/${VERSION}/yq_linux_amd64 -O /usr/bin/yq
        sudo chmod +x /usr/bin/yq
      shell: bash
      
    - name: "Updating OSS secrets"
      run: |
        cd scripts/helmcharts/
        vars=(
            "ASSIST_JWT_SECRET:.global.assistJWTSecret"
            "ASSIST_KEY:.global.assistKey"
            "DOMAIN_NAME:.global.domainName"
            "JWT_REFRESH_SECRET:.chalice.env.JWT_REFRESH_SECRET"
            "JWT_SECRET:.global.jwtSecret"
            "JWT_SPOT_REFRESH_SECRET:.chalice.env.JWT_SPOT_REFRESH_SECRET"
            "JWT_SPOT_SECRET:.global.jwtSpotSecret"
            "LICENSE_KEY:.global.enterpriseEditionLicense"
            "MINIO_ACCESS_KEY:.global.s3.accessKey"
            "MINIO_SECRET_KEY:.global.s3.secretKey"
            "PG_PASSWORD:.postgresql.postgresqlPassword"
            "REGISTRY_URL:.global.openReplayContainerRegistry"
        )
        for var in "${vars[@]}"; do
            IFS=":" read -r env_var yq_path <<<"$var"
            yq e -i "${yq_path} = strenv(${env_var})" vars.yaml
        done
      shell: bash
      env:
        ASSIST_JWT_SECRET: ${{ inputs.assist_jwt_secret }}
        ASSIST_KEY: ${{ inputs.assist_key }}
        DOMAIN_NAME: ${{ inputs.domain_name }}
        JWT_REFRESH_SECRET: ${{ inputs.jwt_refresh_secret }}
        JWT_SECRET: ${{ inputs.jwt_secret }}
        JWT_SPOT_REFRESH_SECRET: ${{inputs.jwt_spot_refresh_secret}}
        JWT_SPOT_SECRET: ${{ inputs.jwt_spot_secret }}
        LICENSE_KEY: ${{ inputs.license_key }}
        MINIO_ACCESS_KEY: ${{ inputs.minio_access_key }}
        MINIO_SECRET_KEY: ${{ inputs.minio_secret_key }}
        PG_PASSWORD: ${{ inputs.pg_password }}
        REGISTRY_URL: ${{ inputs.registry_url }}