Move secrets to infisical.

author: Elizabeth Hunt <me@liz.coffee> 2025-12-06 17:53:34 -0800
committer: Elizabeth Hunt <me@liz.coffee> 2025-12-06 18:08:46 -0800
commit: 97cfab7168a08507644266d1c72945060b05c41d (patch)
tree: 98094f24a334108451ab65f03c229184750609cb /worker/scripts
parent: a24545074ee575f37f7d4d3d4058f71e04ba2fba (diff)
download: ci-97cfab7168a08507644266d1c72945060b05c41d.tar.gz
ci-97cfab7168a08507644266d1c72945060b05c41d.zip
4 files changed, 11 insertions, 11 deletions
diff --git a/worker/scripts/ansible_playbook.ts b/worker/scripts/ansible_playbook.ts
index f7315ab..5c101ba 100755
--- a/worker/scripts/ansible_playbook.ts
+++ b/worker/scripts/ansible_playbook.ts
@@ -12,7 +12,7 @@ import {
     TraceUtil,
 } from '@emprespresso/pengueno';
 import type { AnsiblePlaybookJob } from '@emprespresso/ci_model';
-import { Bitwarden, BitwardenKey, getPathOnHost, type SecureNote } from '@emprespresso/ci_worker';
+import { Infisical, InfisicalKey, getPathOnHost, type SecureNote } from '@emprespresso/ci_worker';
 import { writeFile, mkdir } from 'fs/promises';
 import { join } from 'path';
 import { rmSync } from 'fs';
@@ -25,7 +25,7 @@ const eitherJob = getRequiredEnvVars(['path', 'playbooks']).mapRight(
         },
 );
 
-const eitherVault = Bitwarden.getConfigFromEnvironment().mapRight((config) => new Bitwarden(config));
+const eitherVault = Infisical.getConfigFromEnvironment().mapRight((config) => new Infisical(config));
 
 const playbookMetric = Metric.fromName('ansiblePlaybook.playbook');
 const _logJob = LogTraceable.of(eitherJob).flatMap(TraceUtil.withTrace('ansible_playbook'));
@@ -49,8 +49,8 @@ await LogMetricTraceable.ofLogTraceable(_logJob)
                 Error,
                 {
                     secretFiles: { ssh_key: string; ansible_secrets: string };
-                    key: BitwardenKey;
-                    vault: Bitwarden;
+                    key: InfisicalKey;
+                    vault: Infisical;
                     job: AnsiblePlaybookJob;
                 }
             >
diff --git a/worker/scripts/build_docker_image.ts b/worker/scripts/build_docker_image.ts
index 759dfc1..527120a 100755
--- a/worker/scripts/build_docker_image.ts
+++ b/worker/scripts/build_docker_image.ts
@@ -10,7 +10,7 @@ import {
     Command,
 } from '@emprespresso/pengueno';
 import type { BuildDockerImageJob, BuildDockerImageJobProps } from '@emprespresso/ci_model';
-import { Bitwarden, type LoginItem } from '@emprespresso/ci_worker';
+import { Infisical, type LoginItem } from '@emprespresso/ci_worker';
 import path from 'path';
 
 const job = getRequiredEnvVars([
@@ -36,7 +36,7 @@ const job = getRequiredEnvVars([
         (x) => x,
     );
 
-const eitherVault = Bitwarden.getConfigFromEnvironment().mapRight((config) => new Bitwarden(config));
+const eitherVault = Infisical.getConfigFromEnvironment().mapRight((config) => new Infisical(config));
 
 const buildImageMetric = Metric.fromName('dockerImage.build').asResult();
 const loginMetric = Metric.fromName('dockerRegistry.login').asResult();
diff --git a/worker/scripts/checkout_ci.ts b/worker/scripts/checkout_ci.ts
index c4006e6..009d3fa 100755
--- a/worker/scripts/checkout_ci.ts
+++ b/worker/scripts/checkout_ci.ts
@@ -26,7 +26,7 @@ function isCiWorkflow(t: unknown): t is CiWorkflow {
 }
 
 const CI_WORKFLOW_FILE = '.ci/ci.json';
-const OCI_REGISTRY = 'oci.liz.coffee';
+const OCI_REGISTRY = 'img.liz.coffee';
 const PIPELINE_IMAGE = OCI_REGISTRY + '/emprespresso/ci_worker:release';
 const READONLY_CREDENTIALS = { username: 'readonly', password: 'readonly' };
 
diff --git a/worker/scripts/npm_publish.ts b/worker/scripts/npm_publish.ts
index 9324856..bcb2796 100644
--- a/worker/scripts/npm_publish.ts
+++ b/worker/scripts/npm_publish.ts
@@ -11,7 +11,7 @@ import {
     TraceUtil,
     getStdoutMany,
 } from '@emprespresso/pengueno';
-import { Bitwarden, getPathOnHost, type SecureNote } from '@emprespresso/ci_worker';
+import { Infisical, getPathOnHost, type SecureNote } from '@emprespresso/ci_worker';
 import { writeFile, mkdir } from 'fs/promises';
 import { join } from 'path';
 import { rmSync } from 'fs';
@@ -25,11 +25,11 @@ const eitherJob = getRequiredEnvVars(['source', 'registry']).mapRight(
         },
 );
 
-const eitherVault = Bitwarden.getConfigFromEnvironment().mapRight((config) => new Bitwarden(config));
+const eitherVault = Infisical.getConfigFromEnvironment().mapRight((config) => new Infisical(config));
 
 const READONLY_CREDENTIALS = { username: 'readonly', password: 'readonly' };
-const REGISTRY = 'oci.liz.coffee';
-const CI_PACKPUB_IMG = 'oci.liz.coffee/emprespresso/ci_packpub_npm:release';
+const REGISTRY = 'img.liz.coffee';
+const CI_PACKPUB_IMG = 'img.liz.coffee/emprespresso/ci_packpub_npm:release';
 
 const packPubMetric = Metric.fromName('npm_publish.packpub');
 const _logJob = LogTraceable.of(eitherJob).flatMap(TraceUtil.withTrace('npm_publish'));
author	Elizabeth Hunt <me@liz.coffee>	2025-12-06 17:53:34 -0800
committer	Elizabeth Hunt <me@liz.coffee>	2025-12-06 18:08:46 -0800
commit	97cfab7168a08507644266d1c72945060b05c41d (patch)
tree	98094f24a334108451ab65f03c229184750609cb /worker/scripts
parent	a24545074ee575f37f7d4d3d4058f71e04ba2fba (diff)
download	ci-97cfab7168a08507644266d1c72945060b05c41d.tar.gz ci-97cfab7168a08507644266d1c72945060b05c41d.zip