From 23778fda0dde6c9d0e55d297dfc08b871c8c2313 Mon Sep 17 00:00:00 2001
From: Jacques ROUSSEL <jacques.roussel@rouaje.com>
Date: Mon, 10 Jun 2024 14:08:33 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=92=9A(ci)=20improve=20submodule=20usage?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- remove deplucate declaration
- simplify helmfile
- use symlink
---
 .github/workflows/docker-hub.yml        |  6 +++---
 .github/workflows/people.yml            |  2 +-
 .github/workflows/secrets               |  1 -
 .gitmodules                             | 11 +++--------
 secrets                                 |  1 +
 src/helm/env.d/staging/secrets.enc.yaml |  1 +
 src/helm/helmfile.yaml                  |  6 +++---
 src/helm/secrets                        |  1 -
 8 files changed, 12 insertions(+), 17 deletions(-)
 delete mode 160000 .github/workflows/secrets
 create mode 160000 secrets
 create mode 120000 src/helm/env.d/staging/secrets.enc.yaml
 delete mode 160000 src/helm/secrets

diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml
index 7f16152..7ad2069 100644
--- a/.github/workflows/docker-hub.yml
+++ b/.github/workflows/docker-hub.yml
@@ -42,7 +42,7 @@ jobs:
         name: Load sops secrets
         uses: rouja/actions-sops@main
         with:
-          secret-file: .github/workflows/secrets/numerique-gouv/people/secrets.enc.env
+          secret-file: secrets/numerique-gouv/people/secrets.enc.env
           age-key: ${{ secrets.SOPS_PRIVATE }}
       -
         name: Login to DockerHub
@@ -86,7 +86,7 @@ jobs:
         name: Load sops secrets
         uses: rouja/actions-sops@main
         with:
-          secret-file: .github/workflows/secrets/numerique-gouv/people/secrets.enc.env
+          secret-file: secrets/numerique-gouv/people/secrets.enc.env
           age-key: ${{ secrets.SOPS_PRIVATE }}
       -
         name: Login to DockerHub
@@ -128,7 +128,7 @@ jobs:
         name: Load sops secrets
         uses: rouja/actions-sops@main
         with:
-          secret-file: .github/workflows/secrets/numerique-gouv/people/secrets.enc.env
+          secret-file: secrets/numerique-gouv/people/secrets.enc.env
           age-key: ${{ secrets.SOPS_PRIVATE }}
       -
         name: Call argocd github webhook
diff --git a/.github/workflows/people.yml b/.github/workflows/people.yml
index 60c75cc..f4cb1f2 100644
--- a/.github/workflows/people.yml
+++ b/.github/workflows/people.yml
@@ -347,7 +347,7 @@ jobs:
         name: Load sops secrets
         uses: rouja/actions-sops@main
         with:
-          secret-file: .github/workflows/secrets/numerique-gouv/people/secrets.enc.env
+          secret-file: secrets/numerique-gouv/people/secrets.enc.env
           age-key: ${{ secrets.SOPS_PRIVATE }}
       
       - name: Setup Node.js
diff --git a/.github/workflows/secrets b/.github/workflows/secrets
deleted file mode 160000
index eec9a2b..0000000
--- a/.github/workflows/secrets
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit eec9a2bad84ebc136faf49bdbfb651f4914ae176
diff --git a/.gitmodules b/.gitmodules
index 8c16285..0846cc2 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,8 +1,3 @@
-[submodule ".github/workflows/secrets"]
-	path = .github/workflows/secrets
-	url = https://github.com/numerique-gouv/secrets.git
-	branch = main
-[submodule "src/helm/secrets"]
-	path = src/helm/secrets
-	url = https://github.com/numerique-gouv/secrets.git
-	branch = main
+[submodule "secrets"]
+	path = secrets
+	url = ../secrets
diff --git a/secrets b/secrets
new file mode 160000
index 0000000..647b886
--- /dev/null
+++ b/secrets
@@ -0,0 +1 @@
+Subproject commit 647b88689c25da193b8d7b52bd12a7085468b417
diff --git a/src/helm/env.d/staging/secrets.enc.yaml b/src/helm/env.d/staging/secrets.enc.yaml
new file mode 120000
index 0000000..f1fdbed
--- /dev/null
+++ b/src/helm/env.d/staging/secrets.enc.yaml
@@ -0,0 +1 @@
+../../../../secrets/numerique-gouv/people/env/staging/secrets.enc.yaml
\ No newline at end of file
diff --git a/src/helm/helmfile.yaml b/src/helm/helmfile.yaml
index d09c585..71685dc 100644
--- a/src/helm/helmfile.yaml
+++ b/src/helm/helmfile.yaml
@@ -33,7 +33,7 @@ releases:
     namespace: {{ .Namespace }}
     chart: ./extra
     secrets:
-      - {{ ne .Environment.Name "dev" | ternary "secrets/numerique-gouv/people/env" "env.d" }}/{{ .Environment.Name }}/secrets.enc.yaml
+      - env.d/{{ .Environment.Name }}/secrets.enc.yaml
 
   - name: desk
     version: {{ .Values.version }}
@@ -42,7 +42,7 @@ releases:
     values:
       - env.d/{{ .Environment.Name }}/values.desk.yaml.gotmpl
     secrets:
-      - {{ ne .Environment.Name "dev" | ternary "secrets/numerique-gouv/people/env" "env.d" }}/{{ .Environment.Name }}/secrets.enc.yaml
+      - env.d/{{ .Environment.Name }}/secrets.enc.yaml
 
 environments:
   dev:
@@ -54,5 +54,5 @@ environments:
     values:
       - version: 0.0.1
     secrets:
-      - {{ ne .Environment.Name "dev" | ternary "secrets/numerique-gouv/people/env" "env.d" }}/{{ .Environment.Name }}/secrets.enc.yaml
+      - env.d/{{ .Environment.Name }}/secrets.enc.yaml
 
diff --git a/src/helm/secrets b/src/helm/secrets
deleted file mode 160000
index eec9a2b..0000000
--- a/src/helm/secrets
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit eec9a2bad84ebc136faf49bdbfb651f4914ae176