Skip to content

Gyuheon0h/manual checkout verif #17711

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
gyuheon0h wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Gyuheon0h/manual checkout verif #17711

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
dfdb2aa
Make one call to app key enabled policy
gyuheon0h Apr 23, 2026
636d5ee
Manual verif job
gyuheon0h Apr 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .gitlab-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -619,5 +619,5 @@ test-dd-sts:
aud: rapid-seceng-sit
script:
- apt-get update && apt-get install -y curl
- 'curl -s -o /dev/null -w "API key request http status code: %{http_code}\n" -H "Authorization: Bearer ${DD_STS_OIDC_TOKEN}" "https://dd-sts.us1.ddbuild.io/sts/datadog/exchange?policy=dd-trace-py-gitlab"'
- 'curl -s -o /dev/null -w "APP key request http status code: %{http_code}\n" -H "Authorization: Bearer ${DD_STS_OIDC_TOKEN}" "https://dd-sts.us1.ddbuild.io/sts/datadog/exchange?policy=dd-trace-py-gitlab-app-key"'
- 'echo "API key policy response code: $(curl -s -o /dev/null -w %{http_code} -H "Authorization: Bearer ${DD_STS_OIDC_TOKEN}" https://dd-sts.us1.ddbuild.io/sts/datadog/exchange?policy=dd-trace-py-gitlab)"'
- 'echo "APP key policy response code: $(curl -s -o /dev/null -w %{http_code} -H "Authorization: Bearer ${DD_STS_OIDC_TOKEN}" https://dd-sts.us1.ddbuild.io/sts/datadog/exchange?policy=dd-trace-py-gitlab-app-key)"'
51 changes: 39 additions & 12 deletions .gitlab/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,10 +43,37 @@ release_pypi_prod:
variables:
PYPI_REPOSITORY: pypi

# notify_datadog_release:
# extends: .release_base
# needs: [ "ddtrace package", "release_pypi_prod" ]
# image: ${PYPI_PUBLISH_IMAGE}
# id_tokens:
# DD_STS_OIDC_TOKEN:
# aud: rapid-seceng-sit
# tags: [ "arch:amd64" ]
# before_script:
# - apt-get update && apt-get install --no-install-recommends -y curl jq
# - >-
# DD_STS_RESPONSE=$(curl -sS
# -H "Authorization: Bearer ${DD_STS_OIDC_TOKEN}"
# "https://dd-sts.us1.ddbuild.io/sts/datadog/exchange?policy=dd-trace-py-gitlab-app-key")
# - export DD_API_KEY=$(echo "$DD_STS_RESPONSE" | jq -re '.api_key')
# - export DD_APP_KEY=$(echo "$DD_STS_RESPONSE" | jq -re '.application_key')
# script:
# - |
# echo "Tag: ${CI_COMMIT_TAG} -> Commit SHA: ${CI_COMMIT_SHA}"
# curl --retry 3 --retry-delay 2 --fail -X POST \
# -H "Content-Type: application/json" \
# -H "DD-API-KEY: ${DD_API_KEY}" \
# -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
# -d "{\"meta\": {\"payload\": {\"version\": \"${CI_COMMIT_TAG}\", \"git_commit_sha\": \"${CI_COMMIT_SHA}\"}}}" \
# https://api.datadoghq.com/api/v2/workflows/dd0d5405-b38c-4f4f-8f4c-c0cd4a65d4d6/instances

notify_datadog_release:
extends: .release_base
stage: release
when: manual
allow_failure: true
needs: [ "ddtrace package", "release_pypi_prod" ]
needs: []
image: ${PYPI_PUBLISH_IMAGE}
id_tokens:
DD_STS_OIDC_TOKEN:
Expand All @@ -55,21 +82,21 @@ notify_datadog_release:
before_script:
- apt-get update && apt-get install --no-install-recommends -y curl jq
- >-
DD_STS_API_KEY=$(curl -sS
-H "Authorization: Bearer ${DD_STS_OIDC_TOKEN}"
"https://dd-sts.us1.ddbuild.io/sts/datadog/exchange?policy=dd-trace-py-gitlab")
- >-
DD_STS_APP_KEY=$(curl -sS
DD_STS_RESPONSE=$(curl -sS
-H "Authorization: Bearer ${DD_STS_OIDC_TOKEN}"
"https://dd-sts.us1.ddbuild.io/sts/datadog/exchange?policy=dd-trace-py-gitlab-app-key")
- export DD_API_KEY=$(echo "$DD_STS_API_KEY" | jq -re '.api_key')
- export DD_APP_KEY=$(echo "$DD_STS_APP_KEY" | jq -re '.application_key')
- export DD_API_KEY=$(echo "$DD_STS_RESPONSE" | jq -re '.api_key')
- export DD_APP_KEY=$(echo "$DD_STS_RESPONSE" | jq -re '.application_key')
- '[ -n "$DD_API_KEY" ] && echo "DD_API_KEY is set (${#DD_API_KEY} chars)" || echo "DD_API_KEY is EMPTY"'
- '[ -n "$DD_APP_KEY" ] && echo "DD_APP_KEY is set (${#DD_APP_KEY} chars)" || echo "DD_APP_KEY is EMPTY"'
script:
- |
echo "Tag: ${CI_COMMIT_TAG} -> Commit SHA: ${CI_COMMIT_SHA}"
curl --retry 3 --retry-delay 2 --fail -X POST \
echo "Testing workflow API with hardcoded values..."
PAYLOAD='{"version": "v0.0.0-dry-run", "git_commit_sha": "0000000000000000000000000000000000000000"}'
BODY=$(jq -n --arg input "$PAYLOAD" '{"meta": {"payload": {"input": $input}}}')
curl --retry 3 --retry-delay 2 -w "\nHTTP status: %{http_code}\n" -X POST \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d "{\"meta\": {\"payload\": {\"version\": \"${CI_COMMIT_TAG}\", \"git_commit_sha\": \"${CI_COMMIT_SHA}\"}}}" \
-d "$BODY" \
https://api.datadoghq.com/api/v2/workflows/dd0d5405-b38c-4f4f-8f4c-c0cd4a65d4d6/instances
Loading