Indentation

robertnovac1 · robertnovac1 · commit b466fb161b64 · 2025-07-07T11:26:59.000+01:00
diff --git a/azure/new_pipelines/aws-assume-role-new-int.yml b/azure/new_pipelines/aws-assume-role-new-int.yml
@@ -8,63 +8,63 @@ parameters:
     type: string
 
 steps:
-    - template: "azure/components/aws-clean-config.yml@common"
+  - template: "azure/components/aws-clean-config.yml@common"
 
-    - bash: |
-        set -e
-        echo "##vso[task.setvariable variable=ROLE]${{ parameters.role }}"
-        echo "##vso[task.setvariable variable=AWS_ACCOUNT_ID]${{ parameters.aws_account_id }}"
-      displayName: get imms role name
-    - bash: |
-        set -e
-        aws_role="$(ROLE)"
-        echo "assume role: '${aws_role}'"
-        echo "account_id: $(AWS_ACCOUNT_ID)" 
-        
-        aws_role="arn:aws:iam::${account_id}:role/${aws_role}"
-        echo "AWS role: $aws_role"
-  
-        echo "Check if role exists"
-        # iam synchronisation issues can take a few to make the role appear
-        for i in {1..15}; do
-          if aws iam get-role --role-name ${aws_role} > /dev/null; then
-            echo role exists
-            sleep 2
-            break
-          fi
-          echo waiting for role ...
+  - bash: |
+      set -e
+      echo "##vso[task.setvariable variable=ROLE]${{ parameters.role }}"
+      echo "##vso[task.setvariable variable=AWS_ACCOUNT_ID]${{ parameters.aws_account_id }}"
+    displayName: get imms role name
+  - bash: |
+      set -e
+      aws_role="$(ROLE)"
+      echo "assume role: '${aws_role}'"
+      echo "account_id: $(AWS_ACCOUNT_ID)" 
+      
+      aws_role="arn:aws:iam::${account_id}:role/${aws_role}"
+      echo "AWS role: $aws_role"
+
+      echo "Check if role exists"
+      # iam synchronisation issues can take a few to make the role appear
+      for i in {1..15}; do
+        if aws iam get-role --role-name ${aws_role} > /dev/null; then
+          echo role exists
           sleep 2
-        done
-        account_id="$(aws sts get-caller-identity --query Account --output text)"
-        aws_role="arn:aws:iam::${account_id}:role/${aws_role}"
-       
-        cp ~/.aws/config.default ~/.aws/config
-        tmp_file="$(Agent.TempDirectory)/.aws.tmp.creds.json"
-        # add some backoff to allow for eventual consistency of IAM
-        for i in {2..4};
-        do
-            if aws sts assume-role --role-arn "${aws_role}" --role-session-name build-assume-role > ${tmp_file}; then
-                echo assumed role
-                assumed_role="yes"
-                break
-            fi
-            let "sleep_for=$i*10";
-            sleep $sleep_for
-        done
-        if [[ "${assumed_role}" != "yes" ]]; then
-            echo "assume role failed"
-            exit -1
+          break
         fi
-        echo "aws_access_key_id = $(jq -r .Credentials.AccessKeyId ${tmp_file})" >> ~/.aws/config
-        echo "aws_secret_access_key = $(jq -r .Credentials.SecretAccessKey ${tmp_file})" >> ~/.aws/config
-        echo "aws_session_token = $(jq -r .Credentials.SessionToken ${tmp_file})" >> ~/.aws/config
-        expiry=$(jq -r .Credentials.Expiration ${tmp_file})
-        echo "##vso[task.setvariable variable=ASSUME_ROLE_EXPIRY;]$expiry"
-        rm ${tmp_file}
-        profile="${{ parameters.profile }}"
-        if [[ ! -z "${profile}" ]]; then
-          echo as profile ${profile}
-          sed -i "s#\[default\]#\[profile ${profile}\]#" ~/.aws/config
-        fi
-      displayName: assume role
-      condition: and(succeeded(), ne(variables['ROLE'], ''))
+        echo waiting for role ...
+        sleep 2
+      done
+      account_id="$(aws sts get-caller-identity --query Account --output text)"
+      aws_role="arn:aws:iam::${account_id}:role/${aws_role}"
+      
+      cp ~/.aws/config.default ~/.aws/config
+      tmp_file="$(Agent.TempDirectory)/.aws.tmp.creds.json"
+      # add some backoff to allow for eventual consistency of IAM
+      for i in {2..4};
+      do
+          if aws sts assume-role --role-arn "${aws_role}" --role-session-name build-assume-role > ${tmp_file}; then
+              echo assumed role
+              assumed_role="yes"
+              break
+          fi
+          let "sleep_for=$i*10";
+          sleep $sleep_for
+      done
+      if [[ "${assumed_role}" != "yes" ]]; then
+          echo "assume role failed"
+          exit -1
+      fi
+      echo "aws_access_key_id = $(jq -r .Credentials.AccessKeyId ${tmp_file})" >> ~/.aws/config
+      echo "aws_secret_access_key = $(jq -r .Credentials.SecretAccessKey ${tmp_file})" >> ~/.aws/config
+      echo "aws_session_token = $(jq -r .Credentials.SessionToken ${tmp_file})" >> ~/.aws/config
+      expiry=$(jq -r .Credentials.Expiration ${tmp_file})
+      echo "##vso[task.setvariable variable=ASSUME_ROLE_EXPIRY;]$expiry"
+      rm ${tmp_file}
+      profile="${{ parameters.profile }}"
+      if [[ ! -z "${profile}" ]]; then
+        echo as profile ${profile}
+        sed -i "s#\[default\]#\[profile ${profile}\]#" ~/.aws/config
+      fi
+    displayName: assume role
+    condition: and(succeeded(), ne(variables['ROLE'], ''))
