Skip to content

Commit 37132b5

Browse files
blvablva
committed
Update
1 parent 762b220 commit 37132b5

File tree

4 files changed

+14
-22
lines changed

4 files changed

+14
-22
lines changed

.github/workflows/release-changelog.yml

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,9 +25,7 @@ on:
2525
secrets: # all secrets are passed explicitly in this workflow
2626
api_bot_pat:
2727
required: true
28-
aws_access_key_id:
29-
required: true
30-
aws_secret_access_key:
28+
aws_s3_role_to_assume:
3129
required: true
3230

3331
permissions:

.github/workflows/release-spec-runner.yml

Lines changed: 5 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -50,8 +50,7 @@ jobs:
5050
uses: ./.github/workflows/release-spec.yml
5151
secrets:
5252
api_bot_pat: ${{ secrets.API_BOT_PAT }}
53-
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_DEV }}
54-
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_DEV }}
53+
aws_s3_role_to_assume: ${{ secrets.aws_s3_role_to_assume }}
5554
jira_api_token: ${{ secrets.JIRA_API_TOKEN }}
5655
with:
5756
aws_default_region: ${{ vars.AWS_DEFAULT_REGION}}
@@ -68,8 +67,7 @@ jobs:
6867
uses: ./.github/workflows/release-spec.yml
6968
secrets:
7069
api_bot_pat: ${{ secrets.API_BOT_PAT }}
71-
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_QA }}
72-
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_QA }}
70+
aws_s3_role_to_assume: ${{ secrets.aws_s3_role_to_assume }}
7371
jira_api_token: ${{ secrets.JIRA_API_TOKEN }}
7472
with:
7573
aws_default_region: ${{ vars.AWS_DEFAULT_REGION}}
@@ -86,8 +84,7 @@ jobs:
8684
uses: ./.github/workflows/release-spec.yml
8785
secrets:
8886
api_bot_pat: ${{ secrets.API_BOT_PAT }}
89-
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
90-
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
87+
aws_s3_role_to_assume: ${{ secrets.aws_s3_role_to_assume }}
9188
jira_api_token: ${{ secrets.JIRA_API_TOKEN }}
9289
with:
9390
aws_default_region: ${{ vars.AWS_DEFAULT_REGION}}
@@ -104,8 +101,7 @@ jobs:
104101
uses: ./.github/workflows/release-spec.yml
105102
secrets:
106103
api_bot_pat: ${{ secrets.API_BOT_PAT }}
107-
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }}
108-
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }}
104+
aws_s3_role_to_assume: ${{ secrets.aws_s3_role_to_assume }}
109105
postman_api_key: ${{ secrets.POSTMAN_API_KEY }}
110106
workspace_id: ${{ secrets.WORKSPACE_ID }}
111107
jira_api_token: ${{ secrets.JIRA_API_TOKEN }}
@@ -125,8 +121,7 @@ jobs:
125121
uses: ./.github/workflows/release-spec-v1.yml
126122
secrets:
127123
api_bot_pat: ${{ secrets.API_BOT_PAT }}
128-
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }}
129-
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }}
124+
aws_s3_role_to_assume: ${{ secrets.aws_s3_role_to_assume }}
130125
mms_deployed_sha_url: ${{ secrets.MMS_DEPLOYED_SHA_URL_PROD }}
131126
with:
132127
aws_default_region: ${{ vars.AWS_DEFAULT_REGION}}

.github/workflows/release-spec-v1.yml

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -21,9 +21,7 @@ on:
2121
secrets: # all secrets are passed explicitly in this workflow
2222
api_bot_pat:
2323
required: true
24-
aws_access_key_id:
25-
required: true
26-
aws_secret_access_key:
24+
aws_s3_role_to_assume:
2725
required: true
2826
mms_deployed_sha_url:
2927
required: true
@@ -37,11 +35,14 @@ jobs:
3735
name: Release OpenAPI Spec for V1 (DEPRECATED) APIs
3836
runs-on: ubuntu-latest
3937
steps:
38+
- name: aws configure
39+
uses: aws-actions/configure-aws-credentials@v4
40+
with:
41+
role-to-assume: ${{ secrets.aws_s3_role_to_assume }}
42+
aws-region: ${{inputs.aws_default_region}}
4043
- name: Download v1 Spec
4144
env:
4245
AWS_DEFAULT_REGION: ${{inputs.aws_default_region}}
43-
AWS_ACCESS_KEY_ID: ${{ secrets.aws_access_key_id }}
44-
AWS_SECRET_ACCESS_KEY: ${{ secrets.aws_secret_access_key }}
4546
S3_BUCKET: ${{ inputs.aws_s3_bucket }}
4647
MMS_DEPLOYED_SHA_URL: ${{secrets.mms_deployed_sha_url}}
4748
run: |

.github/workflows/release-spec.yml

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,8 @@ on:
4343
required: false
4444
jira_api_token:
4545
required: true
46+
aws_s3_role_to_assume:
47+
required: true
4648

4749
permissions:
4850
contents: write
@@ -54,8 +56,6 @@ jobs:
5456
uses: ./.github/workflows/generate-openapi.yml
5557
secrets:
5658
api_bot_pat: ${{ secrets.api_bot_pat }}
57-
aws_access_key_id: ${{ secrets.aws_access_key_id }}
58-
aws_secret_access_key: ${{ secrets.aws_secret_access_key }}
5959
with:
6060
aws_default_region: ${{ inputs.aws_default_region}}
6161
aws_s3_bucket: ${{ inputs.aws_s3_bucket}}
@@ -170,8 +170,6 @@ jobs:
170170
uses: ./.github/workflows/release-changelog.yml
171171
secrets:
172172
api_bot_pat: ${{ secrets.api_bot_pat }}
173-
aws_access_key_id: ${{ secrets.aws_access_key_id }}
174-
aws_secret_access_key: ${{ secrets.aws_secret_access_key }}
175173
with:
176174
aws_default_region: ${{ inputs.aws_default_region}}
177175
aws_s3_bucket: ${{ inputs.aws_s3_bucket}}

0 commit comments

Comments
 (0)