Skip to content

Commit e4167e9

Browse files
authored
revert(EN-2932): allow neurow to use GHA secrets (#57)
As discussed with @benassipaul and @bpaquet this repo needs to use an ARN to push the Docker image but as an org we don't want to expose this ARN so it will be set up as a GHA secret. - **Revert "feat(EN-2932): Migrate github secrets to vault (#56)"** - **Revert "feat(EN-2932): Migrate github secrets to vault (#55)"**
1 parent 4b8161f commit e4167e9

File tree

2 files changed

+3
-14
lines changed

2 files changed

+3
-14
lines changed

.github/ci-secrets.yml

Lines changed: 0 additions & 6 deletions
This file was deleted.

.github/workflows/docker_push.yml

Lines changed: 3 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -13,20 +13,15 @@ jobs:
1313
docker_push:
1414
runs-on: ubuntu-latest
1515
steps:
16-
- uses: actions/checkout@v4
17-
18-
- name: Load Secrets
19-
uses: doctolib/actions/load-secrets@main
20-
with:
21-
prefix_secrets: true
22-
2316
- name: Configure AWS
2417
uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v 4.0.1
2518
with:
26-
role-to-assume: ${{ env.VAULT_SECRET_IAM_ROLE }}
19+
role-to-assume: ${{ secrets.iam_role }}
2720
role-session-name: docker_build_public
2821
aws-region: us-east-1
2922

23+
- uses: actions/checkout@v4
24+
3025
- run: |
3126
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/doctolib
3227
cd neurow

0 commit comments

Comments
 (0)