Skip to content

[Bug]: Unable to use profile secrets with CMK #18

[Bug]: Unable to use profile secrets with CMK

[Bug]: Unable to use profile secrets with CMK #18

Workflow file for this run

---
name: Create JIRA ticket for new issues
on:
issues:
types: [opened, reopened, closed]
permissions:
issues: write
contents: read
jobs:
jira_task:
name: Create Jira issue
if: github.event.action == 'opened'
runs-on: ubuntu-latest
steps:
- name: Create JIRA ticket
id: create
shell: bash
env:
ISSUE_NUMBER: ${{ github.event.issue.number }}
ISSUE_BODY: ${{ github.event.issue.body }}
ISSUE_URL: ${{ github.event.issue.html_url }}
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
JIRA_ASSIGNEE: ${{ secrets.ASSIGNEE_JIRA_TICKET }}
run: |
json_response=$(curl --request POST \
--url 'https://jira.mongodb.org/rest/api/2/issue' \
--header 'Authorization: Bearer '"${JIRA_API_TOKEN}" \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"fields": {
"project": {
"id": "10984"
},
"summary": "HELP: GitHub Issue n. '"${ISSUE_NUMBER}"'",
"issuetype": {
"id": "12"
},
"customfield_12751": [{
"id": "25550"
}],
"description": "This ticket tracks the following GitHub issue: '"${ISSUE_URL}"'.",
"components": [
{
"id": "34031"
}
]
}
}')
echo "Response: ${json_response}"
JIRA_TICKET_ID=$(echo "${json_response}" | jq -r '.key')
echo "The following JIRA ticket has been created: ${JIRA_TICKET_ID}"
echo "jira-ticket-id=${JIRA_TICKET_ID}" >> "${GITHUB_OUTPUT}"
- name: Add comment
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043
with:
issue-number: ${{ github.event.issue.number }}
body: |
Thanks for opening this issue! Please make sure to provide the following information to help us reproduce the issue:
- Complete cloud formation template used by the customers
- List of Public CFN Resources that are activated in the AWS account with their release version
- AWS Region where the CFN stack is running
- The policies and service principals of the IAM role that is used to activate the CFN resource and run the CFN template (if any).
Note that passing an IAM role to CloudFormation when creating a stack is optional. If you don't supply one, the user permissions are assumed. See the IAM permissions section in the General information guide for more information.
The ticket [${{ steps.create.outputs.jira-ticket-id }}](https://jira.mongodb.org/browse/${{ steps.create.outputs.jira-ticket-id }}) was created for internal tracking.
reopen_jira_ticket:
name: Reopen JIRA ticket
if: github.event.action == 'reopened'
runs-on: ubuntu-latest
steps:
- name: Reopened JIRA ticket if exists
run: |
ISSUE_NUMBER=${{ github.event.issue.number }}
JIRA_API_TOKEN=${{ secrets.JIRA_API_TOKEN }}
JIRA_QUERY="project = CLOUDP AND issuetype = Story AND resolution = Declined AND text ~ \"HELP: GitHub Issue n. $ISSUE_NUMBER\""
# URL encode the query
JIRA_URL=$(echo "$JIRA_QUERY" | jq -s -R -r @uri)
json_response=$(curl -s --request GET \
--url "https://jira.mongodb.org/rest/api/2/search?fields=id&jql=${JIRA_URL}" \
--header 'Authorization: Bearer '"${JIRA_API_TOKEN}" \
--header 'Accept: application/json')
JIRA_TICKET_ID=$(echo "${json_response}" | jq -r '.issues[0].id')
if [ -z "$JIRA_TICKET_ID" ]; then
echo "JIRA_TICKET_ID is not defined. Exiting the script."
exit 1
fi
JIRA_REOPENED_URL="https://jira.mongodb.org/rest/api/2/issue/${JIRA_TICKET_ID}/transitions"
json_response=$(curl -s --request POST \
--url "${JIRA_REOPENED_URL}" \
--header 'Authorization: Bearer '"${JIRA_API_TOKEN}" \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"transition": {
"id": 3
},
"update": {
"comment": [
{
"add": {
"body": "The related GitHub issue was reopened. Updated via automated process."
}
}
]
}
}')
echo "Response: ${json_response}"
close_jira_ticket:
name: Close JIRA ticket
if: github.event.action == 'closed'
runs-on: ubuntu-latest
steps:
- name: Close JIRA ticket if exists
run: |
ISSUE_NUMBER=${{ github.event.issue.number }}
JIRA_API_TOKEN=${{ secrets.JIRA_API_TOKEN }}
JIRA_QUERY="project = CLOUDP AND issuetype = Story AND resolution = Unresolved AND text ~ \"HELP: GitHub Issue n. $ISSUE_NUMBER\""
# URL encode the query
JIRA_URL=$(echo "$JIRA_QUERY" | jq -s -R -r @uri)
json_response=$(curl -s --request GET \
--url "https://jira.mongodb.org/rest/api/2/search?fields=id&jql=${JIRA_URL}" \
--header 'Authorization: Bearer '"${JIRA_API_TOKEN}" \
--header 'Accept: application/json')
JIRA_TICKET_ID=$(echo "${json_response}" | jq -r '.issues[0].id')
if [ -z "$JIRA_TICKET_ID" ]; then
echo "JIRA_TICKET_ID is not defined. Exiting the script."
exit 1
fi
JIRA_CLOSE_URL="https://jira.mongodb.org/rest/api/2/issue/${JIRA_TICKET_ID}/transitions"
json_response=$(curl -s --request POST \
--url "${JIRA_CLOSE_URL}" \
--header 'Authorization: Bearer '"${JIRA_API_TOKEN}" \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"transition": {
"id": 1371
},
"update": {
"comment": [
{
"add": {
"body": "The related GitHub issue was closed. Resolved via automated process."
}
}
]
},
"fields": {
"resolution": {
"name": "Declined"
}
}
}')
echo "Response: ${json_response}"