diff --git a/.github/workflows/dev-green.yml b/.github/workflows/dev-green.yml index c400dfe5c..76a5b1069 100644 --- a/.github/workflows/dev-green.yml +++ b/.github/workflows/dev-green.yml @@ -16,16 +16,14 @@ jobs: ECS_SERVICE: realtime-signs-dev-green steps: - uses: actions/checkout@v3 - - uses: mbta/actions/build-push-ecr@v1 + - uses: mbta/actions/build-push-ecr@v2 id: build-push with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} docker-repo: ${{ secrets.DOCKER_REPO }} - - uses: mbta/actions/deploy-ecs@v1 + - uses: mbta/actions/deploy-ecs@v2 with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} ecs-cluster: ${{ env.ECS_CLUSTER }} ecs-service: ${{ env.ECS_SERVICE }} docker-tag: ${{ steps.build-push.outputs.docker-tag }} diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 3d2bc8176..e88374cc9 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -16,16 +16,14 @@ jobs: ECS_SERVICE: realtime-signs-dev steps: - uses: actions/checkout@v3 - - uses: mbta/actions/build-push-ecr@v1 + - uses: mbta/actions/build-push-ecr@v2 id: build-push with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} docker-repo: ${{ secrets.DOCKER_REPO }} - - uses: mbta/actions/deploy-ecs@v1 + - uses: mbta/actions/deploy-ecs@v2 with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} ecs-cluster: ${{ env.ECS_CLUSTER }} ecs-service: ${{ env.ECS_SERVICE }} docker-tag: ${{ steps.build-push.outputs.docker-tag }} diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml index bff603044..da267be2f 100644 --- a/.github/workflows/prod.yml +++ b/.github/workflows/prod.yml @@ -15,16 +15,14 @@ jobs: steps: - uses: actions/checkout@v3 - - uses: mbta/actions/build-push-ecr@v1 + - uses: mbta/actions/build-push-ecr@v2 id: build-push with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} docker-repo: ${{ secrets.DOCKER_REPO }} - - uses: mbta/actions/deploy-ecs@v1 + - uses: mbta/actions/deploy-ecs@v2 with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} ecs-cluster: ${{ env.ECS_CLUSTER }} ecs-service: ${{ env.ECS_SERVICE }} docker-tag: ${{ steps.build-push.outputs.docker-tag }}