From e4bed84343d1394b37ab9d87542eb5a2befe0a54 Mon Sep 17 00:00:00 2001
From: Jacques ROUSSEL <jacques.roussel@rouaje.com>
Date: Fri, 7 Jun 2024 11:35:12 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B(CI)=20fix=20ci=20issue?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- fix get secret in ci
---
 .github/workflows/docker-hub.yml | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml
index e9e722bc..78fa3acc 100644
--- a/.github/workflows/docker-hub.yml
+++ b/.github/workflows/docker-hub.yml
@@ -158,13 +158,24 @@ jobs:
       github.event_name != 'pull_request'
     steps:
       -
-        name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: ${{ secrets.APP_ID }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
+          owner: ${{ github.repository_owner }}
+          repositories: "impress,secrets"
+      -
+        name: Checkout repository
+        uses: actions/checkout@v2
+        with:
+          submodules: recursive
+          token: ${{ steps.app-token.outputs.token }}
       -
         name: Load sops secrets
         uses: rouja/actions-sops@main
         with:
-          secret-file: .github/workflows/secrets.enc.env
+          secret-file: .github/workflows/secrets/numerique-gouv/impress/secrets.enc.env
           age-key: ${{ secrets.SOPS_PRIVATE }}
       -
         name: Call argocd github webhook