Inherited the secrets for update ssm workflow

sdangol · sdangol · commit e04d4728a0aa · 2025-08-26T13:14:05.000+01:00
diff --git a/.github/workflows/make-release.yml b/.github/workflows/make-release.yml
@@ -94,9 +94,8 @@ jobs:
   publish_layer:
     needs: publish-npm
     secrets:
-      AWS_LAYERS_BETA_ROLE_ARN: ${{ secrets.AWS_LAYERS_BETA_ROLE_ARN }}
-      AWS_LAYERS_PROD_ROLE_ARN: ${{ secrets.AWS_LAYERS_PROD_ROLE_ARN }}
-      TOKEN_GITHUB: ${{ secrets.GITHUB_TOKEN }}
+      # The update_ssm workflow called from the publish_layer workflow needs the secrets for all the regions. This will trigger a SonarQube warning.
+      inherit
     permissions:
       id-token: write
       contents: write
diff --git a/.github/workflows/publish_layer.yml b/.github/workflows/publish_layer.yml
@@ -97,6 +97,9 @@ jobs:
       environment: prod
       package_version: ${{ inputs.latest_published_version }}
       layer-version: ${{ needs.deploy-prod.outputs.layer-version }}
+    secrets:
+      # The update_ssm workflow needs the secrets for all the regions. This will trigger a SonarQube warning.
+      inherit
 
   update_layer_arn_docs:
     needs: [deploy-prod]
