From 81be68e168788947e36978f93b482638bc8a1be5 Mon Sep 17 00:00:00 2001 From: Guillaume Boutry Date: Fri, 12 Jan 2024 14:05:29 +0100 Subject: [PATCH] Regenerate secrets to publish charms Add utility for generating a new secret. Change-Id: If1c379ba88a8ab012bee1fc70265966f59c17dea --- .gitignore | 3 ++ generate_token.sh | 53 +++++++++++++++++++ zuul.d/secrets.yaml | 123 ++++++++++++++++++++++---------------------- 3 files changed, 117 insertions(+), 62 deletions(-) create mode 100755 generate_token.sh diff --git a/.gitignore b/.gitignore index 32543ded..66aec3e4 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,6 @@ __pycache__/ *.py[cod] **.swp .stestr/ +*.auth +*.pub +*.token diff --git a/generate_token.sh b/generate_token.sh new file mode 100755 index 00000000..2f10a3d8 --- /dev/null +++ b/generate_token.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +# This script generates a token that can publish the charms to charmhub. +# The token is specific to every charms inside this repository, and has to be +# generated every time a new charm is added to the repository (or when it is +# expired). + +if ! command -v charmcraft &> /dev/null +then + echo "charmcraft could not be found" + echo "Install it with: snap install charmcraft --classic" + exit 1 +fi + +if ! command -v zuul-client &> /dev/null +then + echo "zuul-client could not be found" + echo "Install it with: pip install zuul-client" + exit 1 +fi + +opt_charm="" + +for charm in $(cat charms/*/{metadata,charmcraft}.yaml | grep -e "^name: " | awk '{print $2}'); do + opt_charm="$opt_charm --charm=$charm" +done + + +set -x +charmcraft login --export=sunbeam-charms.auth \ + $opt_charm \ + --permission=package-manage-metadata \ + --permission=package-manage-releases \ + --permission=package-manage-revisions \ + --permission=package-view-metadata \ + --permission=package-view-releases \ + --permission=package-view-revisions \ + --ttl=7776000 + +# Fetch project public key +[ ! -f "sunbeam-charms.pub" ] && curl https://zuul.opendev.org/api/tenant/openstack/key/opendev.org/openstack/sunbeam-charms.pub -o sunbeam-charms.pub + +zuul-client --zuul-url https://zuul.opendev.org encrypt \ + --public-key sunbeam-charms.pub \ + --tenant openstack \ + --project opendev.org/openstack/sunbeam-charms \ + --secret-name charmhub_token \ + --field-name value \ + --infile sunbeam-charms.auth \ + --outfile sunbeam-charms.charmhub.token + +generated="\ # Generated on $(date --iso-8601=seconds --utc) with 90 days ttl" +sed '1d' < sunbeam-charms.charmhub.token | sed "4 i $generated" > zuul.d/secrets.yaml diff --git a/zuul.d/secrets.yaml b/zuul.d/secrets.yaml index 52fdd902..03e65135 100644 --- a/zuul.d/secrets.yaml +++ b/zuul.d/secrets.yaml @@ -1,66 +1,65 @@ - secret: name: charmhub_token data: - # Generated on 06-Dec-2023 with 90 days ttl + # Generated on 2024-01-12T13:04:48+00:00 with 90 days ttl value: !encrypted/pkcs1-oaep - - jhfqdXPfF4Ta32M+niY9sTcr3oiRROr90OKDF4GeqhPfGqnAkQUG7nSSuyDX51Uf+bLKh - zVImXVofiYGbJJag6NYxy5DGE+gQh/uYd3eJM2/h9u9Er01OOYSXLW6z/RZBMgLirMPrN - +PVEIT9mzbNhJxKP4es97QbXp+ySVnFdOqHxT86XEIK+YY9bEB7jiow01/7qOD0c9FiQj - bw0+OrUxK7fUlZ7E1TbF0BJP3pE5euvHOvnvzy4x7u3gHJaafpgPF2CxtZ9mvt0t6DQe7 - umW/njfPpjxU9LAgQ6G/K7cNz7QOAGBr0p3+fAscGCh+Pl8EgwE6QrnY0NJXDWiOItJdN - 2Ah4PQJaLY+ly6gJIbPApE4xlbmAlYNah2isB+uBi6q/sH0wUjSEfCpeQmAlhkc0YJtqn - uOqE9n2KKaMcb/E2xtHNqOBTTLv54B1J3NUtZMhysxZApSSBECUUg1tWZOWtSk3nHv2Bx - 1Rup+GLAO2ZmTLumTzaVF4CF84PeSaNUhgRsowrgPADMeRZwcMN/WQUHKsOZzWfZij0KG - i+MfcJopZkgET7Ldm6Tih/RBMSlfbMmzL92mRMOCupH4Oi1e8u60g2Aqq9jUL2THZYahQ - 817yrxlhakHlEM7HlZpRS48gPGnu4c9Lj2qXUFlKDdRe5EuSd0Vh7J9zM+zD4k= - - ITKXmr54HjyI/iLTAXC2AcRo8pIeVrksDXTWNRjDyteVCP7QcIzkXikb2g/PAbtA+AvTT - TrdptmSoKFO4l5mN+THWPVXdll6Pb4ECnSDz6SDpN3HxK8e+72IiCgEmU+gv1mIgyQVsN - cUarsWbiPzVwMMYQt+LSb3/8m7Xw9Vgr24U8X92EWtUnRFO0mVK5FxiXv4MBrWrR/jsmX - EmrWzx7A0wvRCIQumdtDoC93WEKhS5u08j7kA7Owuis+r0L+XSzs0Hy9Ayd9FjeabNf9c - Dt3Xrl1AnG2p4i3eZALzN2ktc8ZbXNKHFIou4zvFhaifoRys23n1gxzjMMYM348onb2Ke - s6RyxT4hj8oFRNPKb754XT1RucVsmKI2NLTYo4SijTFbJ/flbZ+/535ic0Bm8KkdBgkFE - H5P58Czv39q2KO+BbE4Cs7yq9R07vi44slFdyztalvWt01q7tNzkBRrE/L1hAu4aryiNq - NXQwZsF+bW5NS+68wT/ZaDd5Wyue1QM600e61UViYSu6qtg0JeTfGCQAj3MwQXMmjA/8l - dzTlTSkezdiT3gPzz6gUNclFVuKzm+eS62jZcK0++j4qTWQsenv8zkpqmvKUHB0YmaZyE - j5iT1rV8m/SHIJZqJNt49v7pjD33HtRr3SQ8JB5u50ngkeG2Cb5jqsRgs3jdtU= - - oFtKfNL/2m7sB76/W2siBhzZWirTF6B3mrhfeemaAUElqBKQ+8gK16Mam4Uvf9GWTx4FO - dP733W4Pw3Lv8hPmUMfAig2mTurzbsfyWjiwMQ9ypDuInd3TZajmG3Rf/r1uh1Oz76V8v - GzhUhP51k3A+6rj4lAJNwApT/Bi7S55F79oZG8C9Yb+3HziEmCHvO2Zn+BVngPufEr+Uo - Sy+qmCt0+4PoSi1JabvVU/1LV6aUPCHCaI3LMIcdN+PNm8/OXMa9uRWd17tRoXUDKMLze - u52a/hfXP1jQTkK5QZ8wBwB1WBNN8Fel+4AI+B21i6FlRN22Y1mPRxnVTIm9J9IyVL+EX - D8zyGyBtZBNn0OPndsDvlyHPY1ybDYg3JL87AX6NInQ1SQD0PoFUK1yLB3jSO9e4WA+ra - ESoEEuYfiOncpck/uMs/sRLJEmAckwPF6pHiESDAe6f1R6a1SDnI000/qB98eZSrb7lG3 - bC67iiccC6Fu+yn+0HjOd2hTeLtoHrGGPVJSLgYwUx1wZ5M/Qy8YfMQjkHaVvDeUr5EfV - X+7JrqEsarYQfBYp+X58rkmUHbt07fNPWfjQZCmlf5MM6gWoB1Ag50WVkOWYAXarIHn7r - QeDGyBHz6Uq6iXm6+bUiK5UicGzvROF80tX7FWzuGepH70KVTOH+NgxL0/vzJc= - - MU69oWWklB/9Vbh1CH/AboD0OuLa0MqqQAVF5i3Y+nY7YB6Btg1ckrs8yKoURyD+3SSS5 - vQC7nLFFsgnYtyqSYPkAXcaJtZhy51GPbFbSRu4sKpJEZoTzkFPmSsCuJAQH0TNcOm9FR - 5yFv2PlsYLH4JwTxz9kPv/YdJHp1BWlheB/4RSzEz3R0asjKrLLiCUnOXfYNdYqgSAJMY - 4R1p+uldj2SsXIfAuQBJ/5vK+/06+IO/htHUg34lBi/3xsuhuUs5E1r3ASPMSgwxqgO9e - gRZoAcpRVNiwbZaYoxJZmoKeFIw8Xa34/wmJ6P1LnZIEKohR1zlwtPoL3sJlvfb5OZZ+d - XS/fi+x55krOHP3XUBDrIwyJb6n5l2HAsmBmzkUlRFIGNqPjQZ9l3UwE57qEd3nuoRqlW - ns6lEibsud9JAzl/Ki2r3eTVEVUbaC0pNVxREBT125Z4Ioxo3jvAWU2NEueYiaVghGtEG - fbWRBOKUMHcUglUm0AlcVUmu8YXTlzspk1l5bReFhvv13EcLEzbWBvgdE9v5xAonS30Y6 - YSebIQxFNdSKFjp8mJaNrDyvTG+uTNf6pFy90fT1/IXDM+wEO4rpotu8i64+TlbsEtJGw - p4fZLxw1DGwBRz20N45ZwVJl/xXDY5ws0PQq3LftLeaboDdqDJh0fXQx5rZ4Dg= - - jYDTyMcIaw1RxBbiSToWNYK3b9FkgfV2gYSC+W4BA+4TkxA05UipCArCXPrYf9fP6B40A - dNmH574qwFpMNmCcmyFTbYQ52XGf1KQibAsgzM34JcfyCUy0BuZyw1TtdGlVCDz7gVm+E - IbBRh2z09qYWzkJ0DbGLX+ex3awIusbSklWQwOzqd0415VLX4/NfNMKDr87v3Od6tR7ks - CYP99eo3kXgD5HDKEHHcF/D7h0f8je2qGEhoNJVtNBsGZB0Bv66D36bJeVBJNTrVB3mcc - AFvZHI1UGUKBvQcQHkyhSwkKd9syrYPj0lS1Boq29N/M5kU5L1/RlGruz+/2qQDhrN0+y - Tmgg2B6ESH0lootvOAlswHOdcnbn7JwpZYCwqbODzfFfQQL0z7ErcXkfuOlXzpp8rg+FK - nLnXIRcPmBncueBzLSN3y0lmrIdHAVogLB43DVqFWphp0aI6J9duilwJeA/riJk4NrWi4 - WNWoe6X7Vm8gkv577sEJ6z+zTxNkN5a7XlVIT5vJSCIra1NkQKZBGUfx26gmv684Je4xJ - 8sQiH2yMcH8UjbNP0ZlhKbjyFKgPwMZ0x0JwM5pIw5meC7iORFtISqk5j3ozS1fUS/iHX - pZDbDNiCCllBaqwysnAsAD+jH8z9bWsN41KAu6KslK5aotG6l1H0LurczRB2MA= - - X9AaE+5kl5T6aAI7MkXqNlE2gi8VOt+zSagZQ4P8EsP3C5XmEXmWez81P2N3JG6m5Euwb - 75opZ3lefiM0VKBgsPQVYWBtnNhS1dGxN5WcJ/YxgzpSu9JYbPlXnhhWDfM93lxHJgda4 - WxM8By3KfB6jyaQb6IqVdf/1CiawSCazAyOTi8sA06XmpuQK7ZUlLofoTwqhTnxyjudW7 - /C5e0g+b5bY94kEj1sgc5qXaF2NY47m1GMarqPqajMGPsumzBb/haOOqWrdWpS9M/pCJn - m62tuOLy2IMqzO1hp1wtOflDUdy9gX/c6qNCn/x4SiYB378P1fToQLzyDgDMlHNEVNQj3 - 2Faq11xoXbuu8oWmz2Jb+1KUUDYX06KUj7QicpBFeEFNYZaNHH4A5QVo+qVQ3DAcby4Fq - /f2+2ub2d4iJHD+X2V9lrWFj2lmF5n0KLrcXv2wznomnxSD11wJB4BIKrQIzWDPJI0v1Q - hTPDnd37Dqi4YSCV9io+boNEqGo5dEah28ah0Gurdy7xnJOB+q1Qe/IUD7UzXPhkUE/rH - rK1kLbyAYF2Vqd8pHY5nlBniBj2+IPDanCfhZoKAIDFg/mNQqGZTFkvtn4WO1TB0CK82J - 6d/3A0O9cRzS6wQWfjR5gsq5nYiJWHU+7Vp+O6CPrsu+UMoV1Ow/b5Ia24iafo= - + - fojARxWlJPEVDv9FIq1kH9njVwjTQen/dgEQEUnsGtZ3Kuueta74+q8yDEI+VYkp2CoEh + q2AugV4EgeOy9SMwZbnTmEBXrs/NBetK1K9QcfYagFkaOvd0BAQwu5vqkFYtJUFt7NF6O + gfnvYJEAdUbijCpf9qlIECkGKy2B6EExE3mdTAWfiWO0PasTzghsyzrZHw2cecwHxQtgY + 35AyuOepixJXl8ZZe+M4rptcUCwkNgHSLjIrnVkPN/slPPjD5QMWAlMchk4MJ3PdhfFH5 + e1msBZI11eogC75Qsd3ihK8rPvVlrGx5Wtm3RTqXbUOdTowa8ODhIIT5S9QyzZAGgChX5 + kxhu47P6Juj4dOh/hy+bRjQxXa0rp/sGO2s+A/G0doS0DwQxJXhewPIXU03dyljmTYxpD + +D4msfpR898ToU1QzJ5HUGRS/IjxLz0g3xVplcMuc3trQ7F2L4xFqSyO+aBdS5HEFKGhc + E7MoUeASgMXegk9HLxfCGtJ1whIa2OigRtiqskaFvuBmpoDO/eHq2j9JbVQXvWdBHMao1 + HVyiuLp2zgjz5PnDfQVmhFTdLEdlD4brNLWuj0cOWz/VAbAnmpviYDVQKbFzvw4R6RmVx + 4tiqDAS3sGn5VQ7JncY3CoFh+vzqIlJgfAMcYl2tMK1sKmpni1AkWXIjL3GpEg= + - KJvizLLlWS2+SAqczHICBsdP5RahpS6LS52hIGOAhntM99/BS6+NObRdmmw9awTapRjfM + Gj1JYKjognxdlG9DOEZaa1Mw98iS9an/17Zq1H40iCTG1Hs3mu9UG2gr+gmpWPIxnXV+B + ypLgOym0KRExNBVf2OvNO3iaDsjJl38af5ltHqLRHDY8avrp48mqVRlq6vRiRQRipX+Tt + Vv/6Y+KB7po1eIn7RuFsqTY7TvDpw6+xDGCv8BRtL6yN4mahqF1rEikDi0HTFXxkC2X/w + jWyddjCXtJPr1mrjMYB2qlBPAl2e9x/WyOodbfE9CwRYma9digjJYi3cdh4cgSgA2JUtX + lOgeKIfIqbVRaZISvW02J1OuWz30QCFM0gJbuZDbvuodUKf+ZbWrloqCfMX8o5Jc/zaVA + +W+hyjT0wd1Tk+aRBKoxB9NbuRCJpqy3xcbm77J2MtVH4WZ8crUdDPKe5+pCMzz1ocquE + 2nFY25pcecNnkYswtIMJwMRetOIpaLEsm7WPPxwcTID8JBK7Z2zhAPTIIeInYVLj7HOOm + n6EbuTXbmJk/RaVHBCjolwEcoBxzpmRhIm3Mx+iEky/BC2F+XCoc7yH+IxaFrNeDgNR6B + N8F4uDxK3g3w84H29qrghq8x7nITEbRrTPUylO7QVO4QGRZpT5cbKdt0sSsBq0= + - KoLDGjt8ZS6ljWFhBHhAk2dIDKZE5kSDEFoxECjktcnOUZBOPwnOwSteIPccc/NvGgBe1 + R0dma7YwQvrNcKEYzocYysO9oaHyImBPYkO6D2cenK2C4fm9kNIgrvvO3HLJWcu7lgFrk + SNg05Vo10+jwjmXdQrtwBqyDfDOgtNcKbSXAuD3NLFCTsnQzZ9SNHHM3YKvxsQrdi0ifm + QYEdU5mUhbhV9fzCdW8mTF1L/NFWJN/7AfbcIuO+Fry5xMnMcpyfhRbem3/9nT2SgqVKZ + twwtiOp4Pj6RU2XzSmEaG5b1D1dA3i+o8Gewua1ofgw38IIXbDWzZC5xRcpYDnEKkRzoL + xKjv4c8jv2rBKR1L3Nbui0uXctCiVXgD+2C5A0jKKdfPVk0Z8ccd2p1zPnpEwof1TRD7P + o2kVqCw1jTN4C3B3/0Q/slJazdptnpyXVtqLXhRTUO4VOupaLpzI+8RhoowQfej0S/Ihv + fmQHiZV4l83TTbkVsyvGDNgwgFhS5gXocp4Y9mqEmTmDAYkVfzmeIu5IPSj/Nh9peYuHa + wLi2JxBOSXQiDSm7o1C0tk7JDdwKNfQpEw0x2Dv9/moi/1gOaIzeO7AQaXKQ6ALN6SbEb + oHeR4Q6XS23AULA2tuzkIV812YEqzAIFbbRm567hOmxGlNRuPOtTk2rKXEGmDM= + - SOaNMU2/mlRf4rEEhr6fetG5fFYsgxSKICt8ytCXTVHYVB15Z2oxTFwDhWx5aGr51Xf/e + L0Wyz7QbD+HgIDX2uMc27CeR7q5nCs1tIIrYcVju5JMP/8Iac7XNqjZl6fO0hx7QMVEI2 + UJBxxgHCo8WxssPR4X3vBcTJelnIteKOxD682gJikPvkPSgi8M0+Sp/J/vwn9MFWC/CqV + da6gyDjXaKQPH0+4Xc4kYFSTgOl6aZp7oOMALf+aRZ9H6Gpk6liJGTQFTfMbl/T1SmDRC + Es306wI9+IyUvqkzOSANj4jGQ8V3lmyXfH87gJO/UXqkyM68v9wUpkTaITPM+v6c+NXBR + wqEqxhSZ4qJYHouLceUwKAnK1ikEOSBGXa73J4Fv1NSR77dqAltJxDFdFjz1gHBXqpowW + dqv6LZFJrXT+ULfqZaa6ahUIudkm6ddyVOH/KBt10v16rASZIckhP7t3hJMgp+JU3YejO + gjWwkoumNO7hJct2San6GmxeXSIwR2BMGSBX6WV9cCEXj0AFc/cNABC8saSLqzW4INVnu + kO515D6ndDNMS/c5m4VcQiZEnwJfFmLAYAbVo8hH3ZIjgnyyJGdKG3v5PNGHz973YsTnj + SMAgH7GVxS1QRyIMcX9/zMcrh0QdmiRid1QkA9THWPo9EAa0CbB8yqRZarGF+g= + - ZFvnZeDm2WNAowFcBPt8AheQPZcWEb4ZiU5kr0lK3nppS8iFV5egjUu39Zrd0JWyq6rwl + rQ9/jC8u6wx5I0Nzn9kt8nXUojlLb8lMzB1MIBXH/ELIPOxkhtnaSZCOZwGmj6DoedOdZ + 5iwvdWhUAX1EKiAkyjQmq1m6ERLe/lJnsK5geKhWK42Gk0TPpMHC9E2uaMv8I9jjbJMNw + gVPXuLKVB0Z1AXbVHWQyDhm7GNo/SwS724vVeYnAojKAETNFrB4zPEJ9cAZ8nDLoCFaXP + hdXRd4hmwLmf4+V4DJi+bD3UOLIF3tHXealiOqaPmfSJ1l3PDPbHi7SfxJc+fSP23xZR2 + y79nBPmYALGBZn2o/I9gwtDhKYcwmgmfh5u2d46sr/lC07/9ufpJpv66vtcHzlwRe4YGe + Hn/+UJftvImfVfBId7I+5d8mv0TeVQeetFGz297QbIucHGkBmJmGCrfKH5XDNgt1/W6T1 + V85+HeWfNYoo7p0mI/WLlnjO3NqQ6L73SeA3mR2EEeZMs9qOW7ft/9qdwrssbtGl0recm + crJqRnpp58ZNq/REn7v55RNZ4SemiYZweI2t6R5uym+zMYxBFnJ4SpAMDc7jpxfB6R1ig + J/q/haSjiJqDFIfrKgAVqozVDZBjKsH+U+4ddQoqkfp4afLWTN6JsMDJFkHWDc= + - MpgQVrlV6v0AXHA3zEz0Gcm7VQXbTw50PPIjZyr/VqjHOaRNnT71OmrY+I9Yn2ANGaWPr + ejkSrHKd0I0RngGIu0eHCscOOAAJUm9Gal8XBFl028BVLJvbEKs/v0IOdVzi1THJutA8N + 0EoPVs3/3K2U4dASIb8pxPB6z9kKEQWWq7Om43t54WDY2lH9N+91VCGo7ZSwXUoan6usx + EQHVTAw7jm7SwH8PDtwoMMem137rLl3HSN/RWDi7ZiCZDGUxziL3BW/kSYA+238jxr2ic + lyddmdOkNKo3H5a5smhP+dq4w6J7YGkIqM0/yn/LQu2M//xLAf60HCTTRE3h/WnYcuPIM + QTtVekpNxTYW8pAvukNCx8jLgCdqPHl+DY1TwzCtSbhpxyE85CfT5UW29Vh6FCOHz2bKU + p5w2Tag3g65BEZ8qFAIiiru5EC2Vqfz3EaZrVAcUtdSUSaiN31xt5ThfcVp8heL/Kbzlr + SiHwR+Cis174nqJ2eVZb+5AeKRJVesh6yJ7ACQNr2th2R88XHmM5Y2DNTx7qT7I68YHXC + 3w+1joHyPWO8BCCKbXcVXh/fTELytQdJaRGtnL2P+7727mPpL+rVmSKVm34ny2xtWCPrf + +yKK+7zaCgUeeRdvW+MdhI2B1GdLgOGM9iNHyVbuNp+19/1wqPR9dZn1eU+yhI=