From 9ff74feb3ce1c9b00ce22642cc3b758378d5822c Mon Sep 17 00:00:00 2001
From: Florian Loitsch <florian@toit.io>
Date: Thu, 5 Oct 2023 13:55:02 +0200
Subject: [PATCH] Revert "Bake secrets into docker image. (#73)" (#89)

This reverts commit d6d7d8be64c10e717d701e8ece111b1a2750f04f.
---
 .github/workflows/ci.yml |  5 -----
 Dockerfile               | 14 --------------
 2 files changed, 19 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0bf4487..8a14c5c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -97,11 +97,6 @@ jobs:
         with:
           project_id: infrastructure-220307
 
-      - name: Create secrets
-        run: |
-          printf "%s" "${{ secrets.TOITWARE_REGISTRY_SSH_DEPLOY_KEY }}" > private_ssh_key
-          ssh-keyscan github.com > known_hosts
-
       - name: Build Docker Image
         run: |
           gcloud config set project infrastructure-220307
diff --git a/Dockerfile b/Dockerfile
index 970f280..443a965 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -34,18 +34,4 @@ ENV TOITDOCS_VIEWER_PATH /web_toitdocs
 ENV SDK_PATH /sdk
 ENV TOITDOCS_VIEWER_PATH /web_toitdocs
 
-# We are baking in private data.
-# As of 2022-07-08 the deployment overrides these values:
-# https://github.com/toitware/deployment/blob/50d35c2498cb98f360c922a491c2c31e73cc403d/console/values.yaml#L437
-# However, by adding the key here, we can remove these lines from there.
-
-# When building locally, one can either get the real key from bitwarden, or use any key.
-# It should only be necessary when pushing to the registry. (Not 100% certain.)
-copy private_ssh_key /ssh_data/private_ssh_key
-ENV REGISTRY_SSH_KEY_FILE /ssh_data/private_ssh_key
-
-# Same: we are baking in the known_hosts, which is, as of 2022-07-08, overridden by the deployment.
-copy known_hosts /ssh_data/known_hosts
-ENV SSH_KNOWN_HOSTS /ssh_data/known_hosts
-
 ENTRYPOINT ["/registry_container"]