fix: updated dependabot file location and reused changelog workflow for shared workflow repo (#66)

VishwajitNagulkar · web-flow · commit 7634834fce9e · 2023-08-28T22:20:11.000+05:30
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,17 +1,30 @@
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
----
 version: 2
-updates:   
-  - package-ecosystem: "github-actions" # See documentation for possible values
-    directory: "/" # Location of package manifests
+updates:
+  - package-ecosystem: 'github-actions'
+    # Workflow files stored in the
+    # default location of `.github/workflows`
+    directory: '/' # Location of package manifests
     schedule:
-      interval: "weekly"
-    # Add assignees
+      interval: 'weekly'
+      day: 'sunday'
+      time: '09:00'
+      timezone: 'America/Toronto'
+    open-pull-requests-limit: 3
     assignees:
-      - "clouddrove-ci"
-    # Add reviewer
-    reviewers: 
-      - "anmolnagpal"
+    - "clouddrove-ci"
+    reviewers:
+    - "d4kverma"
+    - "anmolnagpal"
+  - package-ecosystem: 'terraform'
+    directory: '*' # Location of package manifests
+    schedule:
+      interval: 'weekly'
+      day: 'sunday'
+      time: '09:00'
+      timezone: 'America/Toronto'
+    open-pull-requests-limit: 3
+    assignees:
+    - "clouddrove-ci"
+    reviewers:
+    - "d4kverma"
+    - "anmolnagpal"
diff --git a/.github/workflows/changelog-call-internal b/.github/workflows/changelog-call-internal
@@ -0,0 +1,14 @@
+name: changelog
+permissions: write-all
+on:
+  push:
+    tags:
+      - "*"
+  workflow_dispatch:
+jobs:
+  changelog:
+    uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master
+    with:
+      branch: 'master'
+    secrets:
+      GITHUB: ${{ secrets.GITHUB }}
diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml
@@ -9,10 +9,7 @@ on:
     secrets:
       GITHUB:
         required: true
-        description: 'PAT of the user to run the jobs.'    
-  push:
-    tags:
-      - "*"      
+        description: 'PAT of the user to run the jobs.'  
 
 jobs:
   create_changelog:
diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
diff --git a/.github/workflows/helm.yml b/.github/workflows/helm.yml
@@ -11,10 +11,10 @@ on:
         required: false
         type: string
         description: 'EKS cluster name'
-      aws-region:
+      aws_region:
         required: false
         type: string
-        description: 'AWS EKS cluster region'
+        default: us-east-1
       azure-cluster-name:
         required: false
         type: string
@@ -62,8 +62,14 @@ on:
         description: 'AWS Access Key ID'
         required: false
       AWS_SECRET_ACCESS_KEY:
-        description: 'AWS Secret Access Key'
         required: false
+        description: 'AWS Secret Access Key'
+      AWS_SESSION_TOKEN:
+          required: false
+          description: 'AWS Session Token'
+      BUILD_ROLE:
+          required: false
+          description: 'AWS OIDC role for aws authentication'
       AZURE_CREDENTIALS:
         description: 'Azure Credentilas'
         required: false
@@ -77,11 +83,15 @@ jobs:
 
       - name: Configure AWS credentials
         if: ${{ inputs.provider == 'aws' }}
-        uses: aws-actions/configure-aws-credentials@v3
+        uses: aws-actions/configure-aws-credentials@v2
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ${{ inputs.aws-region }}
+          aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }}
+          role-to-assume: ${{ secrets.BUILD_ROLE }}
+          aws-region: ${{ inputs.aws_region }}
+          role-duration-seconds: 900
+          role-skip-session-tagging: true
 
       - name: Install Azure CLI
         if: ${{ inputs.provider == 'azure' }}
diff --git a/docs/helm.md b/docs/helm.md
@@ -24,12 +24,10 @@ jobs:
   aws:
     uses: clouddrove/github-shared-workflows/.github/workflows/helm.yml@master
     secrets:
-      AWS_ACCESS_KEY_ID: # AWS Access Key ID
-      AWS_SECRET_ACCESS_KEY: # AWS Secret Access Key ID
+      BUILD_ROLE: # AWS OIDC role for aws authentication
     with:
       provider: # aws 
       aws-region: # AWS region 
-      helm-chart-directory: # Helm chart directory from repo
       eks-cluster-name: # EKS cluster name 
       release-name: # Helm chart realease name
       helm-chart-directory: # Helm chart directory from repo
