From 6e2ab102027eb7c611acbf332f13364ea8952433 Mon Sep 17 00:00:00 2001
From: Victor Martinez <victormartinezrubio@gmail.com>
Date: Wed, 5 Jun 2024 10:12:16 +0200
Subject: [PATCH] feat(feez/nuget/slack): github secrets (#2373)

---
 .github/workflows/release-main.yml | 21 ++++-----------------
 .github/workflows/release.yml      | 29 +++++++----------------------
 2 files changed, 11 insertions(+), 39 deletions(-)

diff --git a/.github/workflows/release-main.yml b/.github/workflows/release-main.yml
index f65c1fda6..967c9a92c 100644
--- a/.github/workflows/release-main.yml
+++ b/.github/workflows/release-main.yml
@@ -26,32 +26,19 @@ jobs:
 
     - name: Package with canary suffix
       run: ./build.sh pack
-
-    - name: Prepare feedz.io
-      uses: hashicorp/vault-action@v3.0.0
-      with:
-        url: ${{ secrets.VAULT_ADDR }}
-        method: approle
-        roleId: ${{ secrets.VAULT_ROLE_ID }}
-        secretId: ${{ secrets.VAULT_SECRET_ID }}
-        secrets: |
-          secret/apm-team/ci/elastic-observability-feedz.io apiKey | REPO_API_KEY ;
-          secret/apm-team/ci/elastic-observability-feedz.io url | REPO_API_URL
             
     # Github packages requires authentication, this is likely going away in the future so for now we publish to feedz.io
     - name: publish canary packages to feedz.io
-      run: dotnet nuget push 'build/output/_packages/*.nupkg' -k ${REPO_API_KEY} -s ${REPO_API_URL} --skip-duplicate --no-symbols
+      run: dotnet nuget push 'build/output/_packages/*.nupkg' -k ${{ secrets.FEEDZ_IO_API_KEY }} -s ${{ secrets.FEEDZ_IO_API_URL }} --skip-duplicate --no-symbols
       
     - name: publish canary packages github package repository
       run: dotnet nuget push 'build/output/_packages/*.nupkg' -k ${{secrets.GITHUB_TOKEN}} -s https://nuget.pkg.github.com/elastic/index.json --skip-duplicate --no-symbols
     
     - if: ${{ failure() }}
-      uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+      uses: elastic/oblt-actions/slack/send@v1.7.0
       with:
-        url: ${{ secrets.VAULT_ADDR }}
-        roleId: ${{ secrets.VAULT_ROLE_ID }}
-        secretId: ${{ secrets.VAULT_SECRET_ID }}
-        channel: "#apm-agent-dotnet"
+        bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
+        channel-id: "#apm-agent-dotnet"
         message: |
           :large_yellow_circle: [${{ github.repository }}] Snapshot could not be published to feedz.io.
           Build: (<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>)
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c0f5a3211..ce1b4d4ba 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -29,19 +29,8 @@ jobs:
     - name: Package
       run: ./build.sh pack
 
-    - name: Prepare Nuget
-      uses: hashicorp/vault-action@v3.0.0
-      with:
-        url: ${{ secrets.VAULT_ADDR }}
-        method: approle
-        roleId: ${{ secrets.VAULT_ROLE_ID }}
-        secretId: ${{ secrets.VAULT_SECRET_ID }}
-        secrets: |
-          secret/apm-team/ci/elastic-observability-nuget apiKey | REPO_API_KEY ;
-          secret/apm-team/ci/elastic-observability-nuget url | REPO_API_URL
-
     - name: Release to Nuget
-      run: .ci/linux/deploy.sh ${REPO_API_KEY} ${REPO_API_URL}
+      run: .ci/linux/deploy.sh ${{ secrets.NUGET_API_KEY }} ${{ secrets.NUGET_API_URL }}
 
     - name: Log in to the Elastic Container registry
       uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
@@ -69,24 +58,20 @@ jobs:
         gh release upload ${{ github.ref_name }} "build/output/ElasticApmAgent_${{ steps.bootstrap.outputs.agent-version }}.zip" "build/output/elastic_apm_profiler_${{ steps.bootstrap.outputs.agent-version }}-linux-x64.zip"
 
     - if: ${{ success() }}
-      uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+      uses: elastic/oblt-actions/slack/send@v1.7.0
       with:
-        url: ${{ secrets.VAULT_ADDR }}
-        roleId: ${{ secrets.VAULT_ROLE_ID }}
-        secretId: ${{ secrets.VAULT_SECRET_ID }}
-        channel: ${{ env.SLACK_CHANNEL }}
+        bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
+        channel-id: ${{ env.SLACK_CHANNEL }}
         message: |
           :large_green_circle: [${{ github.repository }}] Release *${{ github.ref_name }}* published.
           Build: (<${{ env.JOB_URL }}|here>)
           Release URL: (<https://github.com/elastic/apm-agent-dotnet/releases/tag/${{ github.ref_name }}|${{ github.ref_name }}>)
 
     - if: ${{ failure() }}
-      uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+      uses: elastic/oblt-actions/slack/send@v1.7.0
       with:
-        url: ${{ secrets.VAULT_ADDR }}
-        roleId: ${{ secrets.VAULT_ROLE_ID }}
-        secretId: ${{ secrets.VAULT_SECRET_ID }}
-        channel: ${{ env.SLACK_CHANNEL }}
+        bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
+        channel-id: ${{ env.SLACK_CHANNEL }}
         message: |
           :large_yellow_circle: [${{ github.repository }}] Release *${{ github.ref_name }}* could not be published.
           Build: (<${{ env.JOB_URL }}|here>)