File tree Expand file tree Collapse file tree 1 file changed +11
-10
lines changed
Expand file tree Collapse file tree 1 file changed +11
-10
lines changed Original file line number Diff line number Diff line change 5555 # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
5656 - name : Checkout repository
5757 uses : actions/checkout@v6
58-
59- - name : Debug OIDC token
60- run : |
61- TOKEN=$(curl -s -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
62- "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=sts.amazonaws.com")
63- echo "$TOKEN" | jq -r '.value' | cut -d. -f2 | base64 -d 2>/dev/null | jq '.sub, .aud'
6458
6559 - name : set aws credentials
6660 uses : aws-actions/configure-aws-credentials@v4
@@ -69,10 +63,17 @@ jobs:
6963 role-session-name : aws-auth-action
7064 aws-region : ${{ env.AWS_REGION }}
7165
72- - name : Get secrets by name
73- uses : aws-actions/aws-secretsmanager-get-secrets@v2
74- with :
75- secret-ids : platform/maven
66+ - name : get secrets into the env
67+ run : |
68+ while IFS=$'\t' read -r key value; do
69+ echo "::add-mask::${value}"
70+ echo "${key}=${value}" >> $GITHUB_ENV
71+ done < <(aws secretsmanager get-secret-value \
72+ --region us-west-2 \
73+ --secret-id platform/maven \
74+ --query SecretString \
75+ --output text | \
76+ jq -r 'to_entries[] | [.key, .value] | @tsv')
7677
7778 - name : List env keys
7879 run : env | cut -d '=' -f 1 | sort
You can’t perform that action at this time.
0 commit comments