From cd8879994322b67f71922537633d799847a486b9 Mon Sep 17 00:00:00 2001
From: Quentin BEY <quentin.bey@mail.numerique.gouv.fr>
Date: Thu, 30 Jan 2025 14:47:18 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=92=9A(github)=20remove=20secret=20fetch?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The secrets are not managed in the folder anymore.
---
 .github/workflows/deploy.yml     | 19 +--------
 .github/workflows/docker-hub.yml | 70 ++------------------------------
 2 files changed, 5 insertions(+), 84 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 86144f4..3e0513c 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -11,26 +11,9 @@ jobs:
   notify-argocd:
     runs-on: ubuntu-latest
     steps:
-      -
-        uses: actions/create-github-app-token@v1
-        id: app-token
-        with:
-          app-id: ${{ secrets.APP_ID }}
-          private-key: ${{ secrets.PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: "people,secrets"
       -
         name: Checkout repository
-        uses: actions/checkout@v2
-        with:
-          submodules: recursive
-          token: ${{ steps.app-token.outputs.token }}
-      -
-        name: Load sops secrets
-        uses: rouja/actions-sops@main
-        with:
-          secret-file: secrets/numerique-gouv/people/secrets.enc.env
-          age-key: ${{ secrets.SOPS_PRIVATE }}
+        uses: actions/checkout@v4
       -
         name: Call argocd github webhook
         run: |
diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml
index 8909ae9..2757f0c 100644
--- a/.github/workflows/docker-hub.yml
+++ b/.github/workflows/docker-hub.yml
@@ -19,20 +19,9 @@ jobs:
   trivy-scan:
     runs-on: ubuntu-latest
     steps:
-      -
-        uses: actions/create-github-app-token@v1
-        id: app-token
-        with:
-          app-id: ${{ secrets.APP_ID }}
-          private-key: ${{ secrets.PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: "people,secrets"
       -
         name: Checkout repository
-        uses: actions/checkout@v2
-        with:
-          submodules: recursive
-          token: ${{ steps.app-token.outputs.token }}
+        uses: actions/checkout@v4
       -
         name: Docker meta
         id: meta
@@ -57,32 +46,15 @@ jobs:
   build-and-push-backend:
     runs-on: ubuntu-latest
     steps:
-      -
-        uses: actions/create-github-app-token@v1
-        id: app-token
-        with:
-          app-id: ${{ secrets.APP_ID }}
-          private-key: ${{ secrets.PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: "people,secrets"
       -
         name: Checkout repository
-        uses: actions/checkout@v2
-        with:
-          submodules: recursive
-          token: ${{ steps.app-token.outputs.token }}
+        uses: actions/checkout@v4
       -
         name: Docker meta
         id: meta
         uses: docker/metadata-action@v5
         with:
           images: lasuite/people-backend
-      -
-        name: Load sops secrets
-        uses: rouja/actions-sops@main
-        with:
-          secret-file: secrets/numerique-gouv/people/secrets.enc.env
-          age-key: ${{ secrets.SOPS_PRIVATE }}
       -
         name: Login to DockerHub
         if: github.event_name != 'pull_request'
@@ -108,32 +80,15 @@ jobs:
   build-and-push-frontend:
     runs-on: ubuntu-latest
     steps:
-      -
-        uses: actions/create-github-app-token@v1
-        id: app-token
-        with:
-          app-id: ${{ secrets.APP_ID }}
-          private-key: ${{ secrets.PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: "people,secrets"
       -
         name: Checkout repository
-        uses: actions/checkout@v2
-        with:
-          submodules: recursive
-          token: ${{ steps.app-token.outputs.token }}
+        uses: actions/checkout@v4
       -
         name: Docker meta
         id: meta
         uses: docker/metadata-action@v5
         with:
           images: lasuite/people-frontend
-      -
-        name: Load sops secrets
-        uses: rouja/actions-sops@main
-        with:
-          secret-file: secrets/numerique-gouv/people/secrets.enc.env
-          age-key: ${{ secrets.SOPS_PRIVATE }}
       - name: create-version-json
         id: create-version-json
         uses: jsdaniell/create-json@v1.2.3
@@ -163,26 +118,9 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event_name != 'pull_request'
     steps:
-      -
-        uses: actions/create-github-app-token@v1
-        id: app-token
-        with:
-          app-id: ${{ secrets.APP_ID }}
-          private-key: ${{ secrets.PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: "people,secrets"
       -
         name: Checkout repository
-        uses: actions/checkout@v2
-        with:
-          submodules: recursive
-          token: ${{ steps.app-token.outputs.token }}
-      -
-        name: Load sops secrets
-        uses: rouja/actions-sops@main
-        with:
-          secret-file: secrets/numerique-gouv/people/secrets.enc.env
-          age-key: ${{ secrets.SOPS_PRIVATE }}
+        uses: actions/checkout@v4
       -
         name: Call argocd github webhook
         run: |