From c672fb822dae96ec424b4e530ee2801f068efdb6 Mon Sep 17 00:00:00 2001
From: Ravi Pendurty <ravi.pendurty@highstreet-technologies.com>
Date: Thu, 23 Oct 2025 10:11:35 +0530
Subject: [PATCH] support 1password service

for authentication to nexus repos of o-ran-sc

Issue-ID: OAM-525
Change-Id: Iaf3889a8f4bec1cb8d777e159b65ae2a5b650c25
Signed-off-by: Ravi Pendurty <ravi.pendurty@highstreet-technologies.com>
---
 .github/workflows/gerrit-merge.yaml | 23 +++++------------------
 1 file changed, 5 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/gerrit-merge.yaml b/.github/workflows/gerrit-merge.yaml
index a2621af..6269ff2 100644
--- a/.github/workflows/gerrit-merge.yaml
+++ b/.github/workflows/gerrit-merge.yaml
@@ -80,26 +80,13 @@ jobs:
         env:
           GERRIT_PROJECT: ${{ inputs.GERRIT_PROJECT }}
 
-  load-secrets:
-    needs: [notify, sanitize]
-    runs-on: ubuntu-latest
-    outputs:
-      nexus_password: ${{ steps.load_secrets.outputs.NEXUS_PASSWORD }}
-    steps:
-      - name: Load secrets from 1Password
-        id: load_secrets
-        # yamllint disable-line rule:line-length
-        uses: 1password/load-secrets-action@13f58eec611f8e5db52ec16247f58c508398f3e6 # v3.0.0
-        env:
-          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
-          NEXUS_PASSWORD: op://6n4qm2onchsinyyeuxmcfbo7ne/oam-oam-controller/password
-
   maven-merge:
-    needs: [notify, sanitize, load-secrets]
+    needs: [notify, sanitize]
     # yamllint disable-line rule:line-length
-    uses: lfit/releng-reusable-workflows/.github/workflows/compose-make-merge.yaml@f318aaac9f4fce73a8059fe95ba9080833e018c2
+    uses: lfit/releng-reusable-workflows/.github/workflows/compose-make-merge.yaml@e0dd02d06e59db18c9596ef87353fb620ccfa1ab # v0.2.24
     secrets:                                                 # forward secrets
-      NEXUS_PASSWORD: ${{ needs.load-secrets.outputs.nexus_password }}
+      VAULT_MAPPING_JSON: ${{ secrets.VAULT_MAPPING_JSON }}
+      OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
     with:
       GERRIT_BRANCH: ${{ inputs.GERRIT_BRANCH }}
       GERRIT_CHANGE_ID: ${{ inputs.GERRIT_CHANGE_ID }}
@@ -110,7 +97,7 @@ jobs:
 
   report-status:
     if: ${{ always() }}
-    needs: [notify, sanitize, load-secrets, maven-merge]
+    needs: [notify, sanitize, maven-merge]
     runs-on: ubuntu-latest
     steps:
       - name: Get workflow conclusion
-- 
2.16.6