frontend/.github/workflows/build_app_android.yaml

@@ -39,23 +39,11 @@ jobs:
           # remove the 'v' prefix from the tag name
           echo "BUILD_NAME=${REF_NAME//v}" >> $GITHUB_ENV
 
-      - name: Load secrets
-        id: load-secrets
-        uses: hashicorp/vault-action@v3
-        with:
-          url: https://api.hashicorp.com
-          token: ${{ secrets.VAULT_TOKEN }}
-          secrets: |
-            secret/release GOOGLE_MAPS_API_KEY | GOOGLE_MAPS_API_KEY ;
-            secret/release ANDROID_SECRET_PROPERTIES_BASE64 | ANDROID_SECRET_PROPERTIES_BASE64 ;
-            secret/release ANDROID_GOOGLE_PLAY_JSON_BASE64 | ANDROID_GOOGLE_PLAY_JSON_BASE64 ;
-            secret/release ANDROID_KEYSTORE_BASE64 | ANDROID_KEYSTORE_BASE64 ;
-
       - name: Put selected secrets into files
         run: |
-          echo "${{ steps.load-secrets.outputs.ANDROID_SECRET_PROPERTIES_BASE64 }}" | base64 -d > secrets.properties
-          echo "${{ steps.load-secrets.outputs.ANDROID_GOOGLE_PLAY_JSON_BASE64 }}" | base64 -d > google-key.json
-          echo "${{ steps.load-secrets.outputs.ANDROID_KEYSTORE_BASE64 }}" | base64 -d > release.keystore
+          echo "${{ secrets.ANDROID_SECRET_PROPERTIES_BASE64 }}" | base64 -d > secrets.properties
+          echo "${{ secrets.ANDROID_GOOGLE_PLAY_JSON_BASE64 }}" | base64 -d > google-key.json
+          echo "${{ secrets.ANDROID_KEYSTORE_BASE64 }}" | base64 -d > release.keystore
         working-directory: android
 
       - name: Install fastlane
@@ -68,4 +56,4 @@ jobs:
         env:
           BUILD_NUMBER: ${{ github.run_number }}
           # BUILD_NAME is implicitly available
-          GOOGLE_MAPS_API_KEY: ${{ steps.load-secrets.outputs.GOOGLE_MAPS_API_KEY }}
+          GOOGLE_MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}

frontend/.github/workflows/build_app_ios.yaml

@@ -30,23 +30,10 @@ jobs:
           # remove the 'v' prefix from the tag name
           echo "BUILD_NAME=${REF_NAME//v}" >> $GITHUB_ENV
 
-      - name: Load secrets
-        id: load-secrets
-        uses: hashicorp/vault-action@v3
-        with:
-          url: https://api.hashicorp.com
-          token: ${{ secrets.VAULT_TOKEN }}
-          secrets: |
-            secret/release GOOGLE_MAPS_API_KEY | GOOGLE_MAPS_API_KEY ;
-            secret/release IOS_ASC_KEY_ID | IOS_ASC_KEY_ID ;
-            secret/release IOS_ASC_ISSUER_ID | IOS_ASC_ISSUER_ID ;
-            secret/release IOS_ASC_KEY | IOS_ASC_KEY ;
-            secret/release IOS_MATCH_REPO_SSH_KEY_BASE64 | IOS_MATCH_REPO_SSH_KEY_BASE64 ;
-
       - name: Setup SSH key for match git repo
         run: echo "$MATCH_REPO_SSH_KEY" | base64 --decode > ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
         env:
-          MATCH_REPO_SSH_KEY: ${{ steps.load-secrets.outputs.IOS_MATCH_REPO_SSH_KEY_BASE64 }}
+          MATCH_REPO_SSH_KEY: ${{ secrets.IOS_MATCH_REPO_SSH_KEY_BASE64 }}
 
       - name: Install fastlane
         run: bundle install
@@ -58,8 +45,8 @@ jobs:
         env:
           BUILD_NUMBER: ${{ github.run_number }}
           # BUILD_NAME is implicitly available
-          GOOGLE_MAPS_API_KEY: ${{ steps.load-secrets.outputs.GOOGLE_MAPS_API_KEY }}
-          IOS_ASC_KEY_ID: ${{ steps.load-secrets.outputs.IOS_ASC_KEY_ID }}
-          IOS_ASC_ISSUER_ID: ${{ steps.load-secrets.outputs.IOS_ASC_ISSUER_ID }}
-          IOS_ASC_KEY: ${{ steps.load-secrets.outputs.IOS_ASC_KEY }}
-          MATCH_PASSWORD: ${{ steps.load-secrets.outputs.IOS_MATCH_PASSWORD }}
+          GOOGLE_MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}
+          IOS_ASC_KEY_ID: ${{ secrets.IOS_ASC_KEY_ID }}
+          IOS_ASC_ISSUER_ID: ${{ secrets.IOS_ASC_ISSUER_ID }}
+          IOS_ASC_KEY: ${{ secrets.IOS_ASC_KEY }}
+          MATCH_PASSWORD: ${{ secrets.IOS_MATCH_PASSWORD }}

frontend/android/fallback.properties

@@ -1,3 +1,2 @@
 # This file mirrors the state of secrets.properties as a reference for the developer.
 # And as a fallback for build.gradle
-MAPS_API_KEY=Key