Publicly accessible S3 for PRs #20
Description
I'd like to set up my S3 cache so that CI runs on pull requests can read from the cache, but for security reasons they shouldn't be able to write to it. I tried this by
- making
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYGitHub Secrets. GitHub Actions make sure that they're only available when built in a branch of the repository, not on PRs. - making the S3 bucket publicly readable
Now, unfortunately, action-s3-cache doesn't seem to be able to read public S3 buckets. If I omit the AWS_SECRET_ACCESS_KEY and AWS_ACCESS_KEY_ID variables when calling it, it fails with an error
2021/04/25 23:45:09 NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
What's the best way to make this work?