From 23cefc9228613f80d52ee669af2db6851e076c7f Mon Sep 17 00:00:00 2001
From: PoisonPhang <17688291+PoisonPhang@users.noreply.github.com>
Date: Tue, 13 Aug 2024 13:01:12 -0500
Subject: [PATCH] feat(ci): convert e2e & nightly to op

---
 .github/workflows/e2e-manual.yml | 21 +++++++++++++++++++--
 .github/workflows/nightly.yml    | 21 +++++++++++++++++++--
 2 files changed, 38 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/e2e-manual.yml b/.github/workflows/e2e-manual.yml
index d99b8435f7..bf5bcf1220 100644
--- a/.github/workflows/e2e-manual.yml
+++ b/.github/workflows/e2e-manual.yml
@@ -4,9 +4,26 @@ on:
   workflow_dispatch:
 
 jobs:
+  load-secrets:
+    runs-on: ubuntu-latest
+    outputs:
+      union-org-pat: ${{ steps.op-load-secret.UNION_ORG_PAT }}
+      nixbuild-token: ${{ steps.op-load-secret.NIXBUILD_TOKEN }}
+    steps:
+      - name: Load Secrets
+        id: op-load-secret
+        uses: 1password/load-secrets-action@v2
+        with:
+          export-env: false
+        env: 
+          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
+          UNION_ORG_PAT: op://ci/union-org-pat/pat
+          NIXBUILD_TOKEN: op://ci/nixbuild-token/token
+
   build:
+    needs: load-secrets
     uses: ./.github/workflows/e2e.yml
     secrets:
-      nixbuild_token: ${{ secrets.NIXBUILD_TOKEN }}
+      nixbuild_token: ${{ needs.load-secrets.outputs.nixbuild-token }}
       github_token: ${{ secrets.GITHUB_TOKEN }}
-      org_token: ${{ secrets.UNION_ORG_PAT }}
+      org_token: ${{ needs.load-secrets.outputs.union-org-pat }}
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index 81ef88fd55..a3cbc9a47b 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -7,12 +7,29 @@ on:
     - cron: '0 4 * * *'
 
 jobs:
+  load-secrets:
+    runs-on: ubuntu-latest
+    outputs:
+      union-org-pat: ${{ steps.op-load-secret.UNION_ORG_PAT }}
+      nixbuild-token: ${{ steps.op-load-secret.NIXBUILD_TOKEN }}
+    steps:
+      - name: Load Secrets
+        id: op-load-secret
+        uses: 1password/load-secrets-action@v2
+        with:
+          export-env: false
+        env: 
+          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
+          UNION_ORG_PAT: op://ci/union-org-pat/pat
+          NIXBUILD_TOKEN: op://ci/nixbuild-token/token
+
   build:
+    needs: load-secrets
     uses: ./.github/workflows/e2e.yml
     secrets:
-      nixbuild_token: ${{ secrets.nixbuild_token }}
+      nixbuild_token: ${{ needs.load-secrets.outputs.nixbuild-token }}
       github_token: ${{ secrets.GITHUB_TOKEN }}
-      org_token: ${{ secrets.UNION_ORG_PAT }}
+      org_token: ${{ needs.load-secrets.outputs.union-org-pat }}
 
   create-issue:
     runs-on: ubuntu-latest