From c396d529ad4cf78da9711e5efb94982fb8bb05f8 Mon Sep 17 00:00:00 2001
From: Albert Perez Toro <albert.toro@rdx.works>
Date: Fri, 7 Feb 2025 13:51:00 +0100
Subject: [PATCH 1/2] ci: Refactor secrets

---
 .github/workflows/ci.yml | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b4c7762..50cf779 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -22,12 +22,37 @@ jobs:
     steps:
       - uses: actions/checkout@v3.1.0
 
+      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
+        with:
+          role_name: 'arn:aws:iam::${{ secrets.SECRETS_ACCOUNT_ID }}:role/gh-swift-engine-toolkit-secrets-read-access'
+          app_name: 'swift-engine-toolkit'
+          step_name: 'fetch-bite-ssh-key'
+          secret_prefix: 'BITE_UNIT_TESTS_SSH_KEY'
+          secret_name: 'arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/radixdlt/swift-engine-toolkit/bite-unit-test-ssh-key-omHqLq'
+          parse_json: true
+      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
+        with:
+          role_name: 'arn:aws:iam::${{ secrets.SECRETS_ACCOUNT_ID }}:role/gh-swift-engine-toolkit-secrets-read-access'
+          app_name: 'swift-engine-toolkit'
+          step_name: 'fetch-slip-ssh-key'
+          secret_prefix: 'SLIP_10_UNIT_TESTS_SSH_KEY'
+          secret_name: 'arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/radixdlt/swift-engine-toolkit/slip-unit-test-ssh-key-vJWCk8'
+          parse_json: true
+      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
+        with:
+          role_name: 'arn:aws:iam::${{ secrets.SECRETS_ACCOUNT_ID }}:role/gh-swift-engine-toolkit-secrets-read-access'
+          app_name: 'swift-engine-toolkit'
+          step_name: 'fetch-mnemonic-ssh-key'
+          secret_prefix: 'MNEMONIC_UNIT_TESTS_SSH_KEY'
+          secret_name: 'arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/radixdlt/swift-engine-toolkit/mnemonic-unit-test-ssh-key-cFG0FT'
+          parse_json: true
+
       - uses: webfactory/ssh-agent@v0.6.0
         with:
           ssh-private-key: |
-            ${{ secrets.BITE_UNIT_TESTS_SSH_KEY }}
-            ${{ secrets.SLIP_10_UNIT_TESTS_SSH_KEY }}
-            ${{ secrets.MNEMONIC_UNIT_TESTS_SSH_KEY }}
+            ${{ env.BITE_UNIT_TESTS_SSH_KEY }}
+            ${{ env.SLIP_10_UNIT_TESTS_SSH_KEY }}
+            ${{ env.MNEMONIC_UNIT_TESTS_SSH_KEY }}
 
       - name: Run unit tests
         uses: mxcl/xcodebuild@v1

From 7aa2b3f1741193f6d7d8246517c69db4b223975d Mon Sep 17 00:00:00 2001
From: Albert Perez Toro <albert.toro@rdx.works>
Date: Fri, 7 Feb 2025 13:59:07 +0100
Subject: [PATCH 2/2] CI: Refactor forked gh actions

---
 .github/workflows/ci.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 50cf779..4206c8f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,7 +20,7 @@ jobs:
           - iOS
 
     steps:
-      - uses: actions/checkout@v3.1.0
+      - uses: RDXWorks-actions/checkout@main
 
       - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
         with:
@@ -47,7 +47,7 @@ jobs:
           secret_name: 'arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/radixdlt/swift-engine-toolkit/mnemonic-unit-test-ssh-key-cFG0FT'
           parse_json: true
 
-      - uses: webfactory/ssh-agent@v0.6.0
+      - uses: RDXWorks-actions/ssh-agent@master
         with:
           ssh-private-key: |
             ${{ env.BITE_UNIT_TESTS_SSH_KEY }}
@@ -55,7 +55,7 @@ jobs:
             ${{ env.MNEMONIC_UNIT_TESTS_SSH_KEY }}
 
       - name: Run unit tests
-        uses: mxcl/xcodebuild@v1
+        uses: RDXWorks-actions/xcodebuild@master
         with:
           xcode: ^14.2
           action: test