diff --git a/.github/workflows/build_appstore.yml b/.github/workflows/build_appstore.yml index 7b0ccd1868..889a509b91 100644 --- a/.github/workflows/build_appstore.yml +++ b/.github/workflows/build_appstore.yml @@ -129,10 +129,10 @@ jobs: id: upload-dsyms-to-s3 if: ${{ env.upload-to == 's3' }} env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} - DSYM_S3_PATH: s3://${{ vars.DSYM_BUCKET_NAME }}/${{ vars.DSYM_BUCKET_PREFIX }}/DuckDuckGo-AppStore-${{ env.app-version }}-dSYM.zip + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} + DSYM_S3_PATH: s3://${{ vars.TEST_DSYM_BUCKET_NAME }}/${{ vars.TEST_DSYM_BUCKET_PREFIX }}/DuckDuckGo-AppStore-${{ env.app-version }}-dSYM.zip run: | echo "dsym-s3-path=${DSYM_S3_PATH}" >> $GITHUB_OUTPUT aws s3 cp ${{ env.dsym-path }} ${{ env.DSYM_S3_PATH }} diff --git a/.github/workflows/build_notarized.yml b/.github/workflows/build_notarized.yml index 48272ec0a1..7f78abdd15 100644 --- a/.github/workflows/build_notarized.yml +++ b/.github/workflows/build_notarized.yml @@ -79,13 +79,13 @@ on: required: true MM_WEBHOOK_URL: required: true - AWS_ACCESS_KEY_ID: + TEST_AWS_ACCESS_KEY_ID: required: true - AWS_ACCESS_KEY_ID_RELEASE_S3: + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: required: true - AWS_SECRET_ACCESS_KEY: + TEST_AWS_SECRET_ACCESS_KEY: required: true - AWS_SECRET_ACCESS_KEY_RELEASE_S3: + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: required: true jobs: @@ -202,10 +202,10 @@ jobs: id: upload-dsyms-to-s3 if: ${{ env.upload-to == 's3' }} env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} - DSYM_S3_PATH: s3://${{ vars.DSYM_BUCKET_NAME }}/${{ vars.DSYM_BUCKET_PREFIX }}/${{ steps.set-outputs.outputs.dsym-name }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} + DSYM_S3_PATH: s3://${{ vars.TEST_DSYM_BUCKET_NAME }}/${{ vars.TEST_DSYM_BUCKET_PREFIX }}/${{ steps.set-outputs.outputs.dsym-name }} run: | echo "dsym-s3-path=${DSYM_S3_PATH}" >> $GITHUB_OUTPUT aws s3 cp ${{ github.workspace }}/release/${{ steps.set-outputs.outputs.dsym-name }} ${{ env.DSYM_S3_PATH }} @@ -287,11 +287,11 @@ jobs: - name: Upload DMG to S3 if: ${{ env.upload-to == 's3' }} env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} - RELEASE_BUCKET_NAME: ${{ vars.RELEASE_BUCKET_NAME }} - RELEASE_BUCKET_PREFIX: ${{ vars.RELEASE_BUCKET_PREFIX }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} + RELEASE_BUCKET_NAME: ${{ vars.TEST_RELEASE_BUCKET_NAME }} + RELEASE_BUCKET_PREFIX: ${{ vars.TEST_RELEASE_BUCKET_PREFIX }} run: | aws s3 cp \ ${{ github.workspace }}/${{ steps.create-dmg.outputs.dmg }} \ @@ -300,7 +300,7 @@ jobs: - name: Report success uses: ./.github/actions/asana-log-message env: - DMG_URL: ${{ vars.DMG_URL_ROOT }}${{ steps.create-dmg.outputs.dmg }} + DMG_URL: ${{ vars.TEST_DMG_URL_ROOT }}${{ steps.create-dmg.outputs.dmg }} TAG: ${{ env.app-version }} WORKFLOW_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} with: diff --git a/.github/workflows/bump_internal_release.yml b/.github/workflows/bump_internal_release.yml index b5bc170b5b..23db56a839 100644 --- a/.github/workflows/bump_internal_release.yml +++ b/.github/workflows/bump_internal_release.yml @@ -111,8 +111,8 @@ jobs: ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} SSH_PRIVATE_KEY_FASTLANE_MATCH: ${{ secrets.SSH_PRIVATE_KEY_FASTLANE_MATCH }} diff --git a/.github/workflows/code_freeze.yml b/.github/workflows/code_freeze.yml index e51e87135f..f4eb29afba 100644 --- a/.github/workflows/code_freeze.yml +++ b/.github/workflows/code_freeze.yml @@ -150,10 +150,10 @@ jobs: ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + TEST_AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} SSH_PRIVATE_KEY_FASTLANE_MATCH: ${{ secrets.SSH_PRIVATE_KEY_FASTLANE_MATCH }} diff --git a/.github/workflows/create_variants.yml b/.github/workflows/create_variants.yml index ac303b8937..eeb721f85a 100644 --- a/.github/workflows/create_variants.yml +++ b/.github/workflows/create_variants.yml @@ -134,12 +134,12 @@ jobs: - name: Upload variant DMG env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} run: | aws s3 cp duckduckgo.dmg \ - s3://${{ vars.RELEASE_BUCKET_NAME }}/${{ vars.RELEASE_BUCKET_PREFIX }}/${{ matrix.variant }}/duckduckgo.dmg \ + s3://${{ vars.TEST_RELEASE_BUCKET_NAME }}/${{ vars.TEST_RELEASE_BUCKET_PREFIX }}/${{ matrix.variant }}/duckduckgo.dmg \ --acl public-read mattermost: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6fbb50597e..248a1466ed 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -56,13 +56,13 @@ on: required: true MM_WEBHOOK_URL: required: true - AWS_ACCESS_KEY_ID: + TEST_AWS_ACCESS_KEY_ID: required: true - AWS_ACCESS_KEY_ID_RELEASE_S3: + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: required: true - AWS_SECRET_ACCESS_KEY: + TEST_AWS_SECRET_ACCESS_KEY: required: true - AWS_SECRET_ACCESS_KEY_RELEASE_S3: + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: required: true MATCH_PASSWORD: required: true @@ -99,10 +99,10 @@ jobs: ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + TEST_AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} # appstore-release: # name: Prepare AppStore Release @@ -120,5 +120,5 @@ jobs: # ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} # MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} # MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/sparkle_internal.yml b/.github/workflows/sparkle_internal.yml index 856e404d82..c8afd8d542 100644 --- a/.github/workflows/sparkle_internal.yml +++ b/.github/workflows/sparkle_internal.yml @@ -56,7 +56,7 @@ jobs: env: DMG_NAME: duckduckgo-${{ steps.verify-tag.outputs.tag-in-filename }}.dmg run: | - DMG_URL="${{ vars.DMG_URL_ROOT }}${DMG_NAME}" + DMG_URL="${{ vars.TEST_DMG_URL_ROOT }}${DMG_NAME}" curl -fLSs -o "$DMG_NAME" "$DMG_URL" echo "dmg-name=$DMG_NAME" >> $GITHUB_OUTPUT echo "dmg-path=$DMG_NAME" >> $GITHUB_OUTPUT @@ -110,14 +110,14 @@ jobs: - name: Upload to S3 id: upload env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} run: | # Back up existing appcast2.xml OLD_APPCAST_NAME=appcast2_old.xml echo "OLD_APPCAST_NAME=${OLD_APPCAST_NAME}" >> $GITHUB_ENV - curl -fLSs "${{ vars.DMG_URL_ROOT }}appcast2.xml" --output "${OLD_APPCAST_NAME}" + curl -fLSs "${{ vars.TEST_DMG_URL_ROOT }}appcast2.xml" --output "${OLD_APPCAST_NAME}" # Upload files to S3 ./scripts/upload_to_s3/upload_to_s3.sh --run --force @@ -135,9 +135,9 @@ jobs: run: | echo "APPCAST_PATCH_NAME=${{ steps.appcast.outputs.appcast-patch-name }}" >> $GITHUB_ENV echo "DMG_NAME=${DMG_NAME}" >> $GITHUB_ENV - echo "DMG_URL=${{ vars.DMG_URL_ROOT }}${DMG_NAME}" >> $GITHUB_ENV - echo "RELEASE_BUCKET_NAME=${{ vars.RELEASE_BUCKET_NAME }}" >> $GITHUB_ENV - echo "RELEASE_BUCKET_PREFIX=${{ vars.RELEASE_BUCKET_PREFIX }}" >> $GITHUB_ENV + echo "DMG_URL=${{ vars.TEST_DMG_URL_ROOT }}${DMG_NAME}" >> $GITHUB_ENV + echo "RELEASE_BUCKET_NAME=${{ vars.TEST_RELEASE_BUCKET_NAME }}" >> $GITHUB_ENV + echo "RELEASE_BUCKET_PREFIX=${{ vars.TEST_RELEASE_BUCKET_PREFIX }}" >> $GITHUB_ENV echo "RELEASE_TASK_ID=${{ steps.task-id.outputs.task-id }}" >> $GITHUB_ENV echo "TAG=${{ github.event.inputs.tag }}" >> $GITHUB_ENV echo "WORKFLOW_URL=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> $GITHUB_ENV diff --git a/.github/workflows/tag_and_merge.yml b/.github/workflows/tag_and_merge.yml index 4004a55ac0..b0dc9d1ac0 100644 --- a/.github/workflows/tag_and_merge.yml +++ b/.github/workflows/tag_and_merge.yml @@ -88,7 +88,7 @@ jobs: run: | echo "TAG=$TAG" >> $GITHUB_ENV echo "WORKFLOW_URL=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> $GITHUB_ENV - echo "DMG_URL=${{ vars.DMG_URL_ROOT }}duckduckgo-${TAG//-/.}.dmg" >> $GITHUB_ENV + echo "DMG_URL=${{ vars.TEST_DMG_URL_ROOT }}duckduckgo-${TAG//-/.}.dmg" >> $GITHUB_ENV echo "RELEASE_URL=https://github.com/${{ github.repository }}/releases/tag/${{ steps.create-tag.outputs.tag }}" >> $GITHUB_ENV if [[ ${{ steps.create-tag.outputs.tag-created }} == "false" ]]; then last_release_tag=$(gh api /repos/${{ github.repository }}/releases/latest --jq '.tag_name')