ci(oidc): use AWS access (#13492)

.github/workflows/benchmarks.yml

@@ -52,9 +52,6 @@ jobs:
       GOBENCH_PASSWORD: ${{ secrets.GOBENCH_PASSWORD }}
       GOBENCH_USERNAME: ${{ secrets.GOBENCH_USERNAME }}
       GOBENCH_HOST: ${{ secrets.GOBENCH_HOST }}
-      # TODO: use keyless
-      AWS_ACCESS_KEY_ID: ${{ secrets.OBSERVABILITY_AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.OBSERVABILITY_AWS_SECRET_ACCESS_KEY }}
     steps:
       - uses: actions/checkout@v4
 
@@ -89,6 +86,8 @@ jobs:
 
       - uses: elastic/oblt-actions/google/auth@v1
 
+      - uses: elastic/oblt-actions/aws/auth@v1
+
       - uses: google-github-actions/get-secretmanager-secrets@dc4a1392bad0fd60aee00bb2097e30ef07a1caae # v2.1.3
         with:
           export_to_environment: true

.github/workflows/generate-smoke-tests-list/action.yml

@@ -3,13 +3,6 @@
 name: generate-smoke-tests-list
 description: Generate smoke tests list
 
-inputs:
-  aws-csv-file:
-    description: 'Content with the AWS csv file'
-    required: true
-  aws-profile:
-    description: 'aws profile'
-    required: true
 outputs:
   tests:
     description: "List of smoke tests"
@@ -21,11 +14,6 @@ outputs:
 runs:
   using: "composite"
   steps:
-    - name: Setup cluster env
-      uses: ./.github/workflows/setup-cluster-env
-      with:
-        aws-csv-file: ${{ inputs.aws-csv-file }}
-        aws-profile: ${{ inputs.aws-profile }}
     - id: generate
       name: Generate matrix and date
       run: |

.github/workflows/setup-cluster-env/action.yml

@@ -3,14 +3,6 @@
 name: setup-cluster-env
 description: Setup cluster env
 
-inputs:
-  aws-csv-file:
-    description: 'Content with the AWS csv file'
-    required: true
-  aws-profile:
-    description: 'aws profile'
-    required: true
-
 runs:
   using: "composite"
   steps:
@@ -20,15 +12,3 @@ runs:
         cache-dependency-path: |
           go.sum
           tools/go.sum
-    - name: Configure AWS account
-      run: |
-        echo "${AWS_ACCOUNT_IMPORT}" > ${{ runner.temp }}/account.csv;
-        sed -i 's/User name/User Name/g' ${{ runner.temp }}/account.csv;
-        aws configure import --csv file://${{ runner.temp }}/account.csv;
-        echo 'AWS_ACCOUNT_IMPORT='        >> ${GITHUB_ENV};
-        echo "AWS_PROFILE=${AWS_PROFILE}" >> ${GITHUB_ENV}
-        rm -f ${{ runner.temp }}/account.csv;
-      shell: 'bash'
-      env:
-        AWS_ACCOUNT_IMPORT: ${{ inputs.aws-csv-file }}
-        AWS_PROFILE: ${{ inputs.aws-profile }}

.github/workflows/smoke-tests-ess.yml

@@ -27,9 +27,6 @@ jobs:
       - id: generate
         name: Generate matrix and date
         uses: ./.github/workflows/generate-smoke-tests-list
-        with:
-          aws-csv-file: ${{ secrets.OBSERVABILITY_AWS_CSV_FILE }}
-          aws-profile: ${{ secrets.OBSERVABILITY_AWS_PROFILE }}
 
   smoke-tests-ess:
     name: Run smoke tests ${{ matrix.test }} for ${{ matrix.version }}
@@ -57,10 +54,8 @@ jobs:
           ref: ${{ inputs.branch }}
       - name: Setup cluster env
         uses: ./.github/workflows/setup-cluster-env
-        with:
-          aws-csv-file: ${{ secrets.OBSERVABILITY_AWS_CSV_FILE }}
-          aws-profile: ${{ secrets.OBSERVABILITY_AWS_PROFILE }}
 
+      - uses: elastic/oblt-actions/aws/auth@v1
 
       - uses: elastic/oblt-actions/google/auth@v1
 

.github/workflows/smoke-tests-os.yml

@@ -26,9 +26,6 @@ jobs:
       - id: generate
         name: Generate matrix and date
         uses: ./.github/workflows/generate-smoke-tests-list
-        with:
-          aws-csv-file: ${{ secrets.OBSERVABILITY_AWS_CSV_FILE }}
-          aws-profile: ${{ secrets.OBSERVABILITY_AWS_PROFILE }}
 
   smoke-tests-os:
     name: Run smoke tests OS
@@ -51,9 +48,8 @@ jobs:
         run: echo "VERSION=$(make get-version)" >> "${GITHUB_ENV}"
       - name: Setup cluster env
         uses: ./.github/workflows/setup-cluster-env
-        with:
-          aws-csv-file: ${{ secrets.OBSERVABILITY_AWS_CSV_FILE }}
-          aws-profile: ${{ secrets.OBSERVABILITY_AWS_PROFILE }}
+
+      - uses: elastic/oblt-actions/aws/auth@v1
 
       - uses: elastic/oblt-actions/google/auth@v1