Skip to content

Commit

Permalink
update GitHub Actions workflow to use OpenID Connect
Browse files Browse the repository at this point in the history
  • Loading branch information
eitoball committed Aug 3, 2024
1 parent bba064e commit fd9e28f
Showing 1 changed file with 9 additions and 9 deletions.
18 changes: 9 additions & 9 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,24 +8,24 @@ on:
types: [opened, synchronize, reopened]
workflow_dispatch: ~

permissions:
id-token: write
contents: read

jobs:
build:
runs-on: ubuntu-latest
name: Build and publish artifacts
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Check if secrets are available for publishing
run: echo "SECRETS_AVAILABLE=${{ secrets.AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV
- name: Configure AWS Credentials
if: env.SECRETS_AVAILABLE
uses: aws-actions/configure-aws-credentials@v1
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: arn:aws:iam::985752656544:role/reporting-github-actions
role-session-name: reporting-github-actions
aws-region: us-west-2
- name: Create application bundle
if: env.SECRETS_AVAILABLE
uses: Safecast/github-actions/bundle-application@v1
with:
app: reporting
Expand Down

0 comments on commit fd9e28f

Please sign in to comment.