use inherited secrets for certs

.github/workflows/pr.yaml

@@ -23,9 +23,6 @@ jobs:
     # Re-export secrets and env vars to make them available to shared actions and workflows
     runs-on: ubuntu-latest
     outputs:
-        ca_cert: "${{steps.reexport.outputs.ca_cert}}"
-        client_cert: "${{steps.reexport.outputs.client_cert}}"
-        client_key: "${{steps.reexport.outputs.client_key}}"
         endpoint: "${{steps.reexport.outputs.endpoint}}"
         service_name: "${{steps.reexport.outputs.service_name}}"
         otel_resource_attributes: "${{steps.reexport.outputs.otel_resource_attributes}}"
@@ -34,9 +31,6 @@ jobs:
         - id: reexport
           # NOTE: certs are base-64 encoded so that they're easier to handle here
           run: |
-            echo ca_cert="${{ secrets.OTEL_EXPORTER_OTLP_CA_CERTIFICATE }}" >> ${GITHUB_OUTPUT}
-            echo client_cert="${{ secrets.OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE }}" >> ${GITHUB_OUTPUT}
-            echo client_key="${{ secrets.OTEL_EXPORTER_OTLP_CLIENT_KEY }}" >> ${GITHUB_OUTPUT}
             echo endpoint="${OTEL_EXPORTER_OTLP_ENDPOINT}" >> ${GITHUB_OUTPUT}
             echo service_name="${OTEL_SERVICE_NAME}" >> ${GITHUB_OUTPUT}
             echo otel_resource_attributes="${OTEL_RESOURCE_ATTRIBUTES}" >> ${GITHUB_OUTPUT}
@@ -88,9 +82,7 @@ jobs:
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
       files_yaml: |
         test_cpp:
           - '**'
@@ -117,10 +109,8 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
       ignored_pr_jobs: "final-telemetry-update"
+
   conda-cpp-build:
     needs:
       - checks
@@ -134,9 +124,7 @@ jobs:
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   conda-cpp-tests:
     needs: [conda-cpp-build, changed-files, reexports, top-level-telemetry-traceparent]
     secrets: inherit
@@ -148,9 +136,7 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   conda-python-build:
     needs:
       - conda-cpp-build
@@ -164,9 +150,7 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   conda-python-tests:
     needs: [conda-python-build, changed-files, reexports, top-level-telemetry-traceparent]
     secrets: inherit
@@ -178,9 +162,7 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   docs-build:
     needs:
       - conda-python-build
@@ -198,9 +180,7 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: "${{needs.reexports.outputs.shared_actions_ref}}"
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   wheel-build-cpp:
     needs:
       - checks
@@ -216,9 +196,7 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   wheel-build-python:
     needs:
       - wheel-build-cpp
@@ -233,9 +211,7 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   wheel-tests:
     needs: [wheel-build-python, changed-files, reexports, top-level-telemetry-traceparent]
     secrets: inherit
@@ -248,9 +224,7 @@ jobs:
       traceparent: ${{ needs.top-level-telemetry-traceparent.outputs.traceparent }}
       otel_resource_attributes: "${{needs.reexports.outputs.otel_resource_attributes}}"
       shared_actions_ref: ${{needs.reexports.outputs.shared_actions_ref}}
-      ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-      client_cert: "${{needs.reexports.outputs.client_cert}}"
-      client_key: "${{needs.reexports.outputs.client_key}}"
+
   devcontainer:
     secrets: inherit
     uses: rapidsai/shared-workflows/.github/workflows/build-in-devcontainer.yaml@add-telemetry
@@ -290,6 +264,3 @@ jobs:
           uses: ./shared-actions/telemetry-finalize-root-span
           with:
             traceparent: ${{needs.top-level-telemetry-traceparent.outputs.traceparent}}
-            ca_cert: "${{needs.reexports.outputs.ca_cert}}"
-            client_cert: "${{needs.reexports.outputs.client_cert}}"
-            client_key: "${{needs.reexports.outputs.client_key}}"