From 507a20d1c522f3db631a0f31ad669eee825bd854 Mon Sep 17 00:00:00 2001 From: Braden Mars Date: Mon, 21 Aug 2023 17:59:51 -0500 Subject: [PATCH] ci(deploy): update synthesized pipelines Signed-off-by: Braden Mars --- .github/workflows/deploy-maintenance-site.yml | 292 ++++++++++++++++++ .github/workflows/deploy.yml | 29 ++ 2 files changed, 321 insertions(+) create mode 100644 .github/workflows/deploy-maintenance-site.yml diff --git a/.github/workflows/deploy-maintenance-site.yml b/.github/workflows/deploy-maintenance-site.yml new file mode 100644 index 00000000..7ff041dd --- /dev/null +++ b/.github/workflows/deploy-maintenance-site.yml @@ -0,0 +1,292 @@ +# AUTOMATICALLY GENERATED FILE, DO NOT EDIT MANUALLY. +# Generated by AWS CDK and [cdk-pipelines-github](https://github.com/cdklabs/cdk-pipelines-github) + +name: Deploy Maintenance Site +on: + push: + branches: + - main + workflow_dispatch: {} + workflow_call: {} +jobs: + Build-deploy-maintenance-site-synth: + name: Synthesize + permissions: + contents: read + id-token: write + runs-on: ${{inputs.runner || 'ubuntu-latest'}} + needs: [] + env: + CI: "true" + GIGET_AUTH: ${{secrets.GH_CONFIGS_RO_PAT}} + NX_NON_NATIVE_HASHER: "true" + NX_BRANCH: ${{github.event.number}} + NX_RUN_GROUP: ${{github.run_id}} + NX_CLOUD_ACCESS_TOKEN: ${{secrets.NX_CLOUD_ACCESS_TOKEN}} + MAINTENANCE_SITE_SOURCE: ${{github.workspace}}/.maintenance-site + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + repository: CrisisCleanup/infrastructure + ref: main + - name: Install Helm + uses: azure/setup-helm@v3 + with: + version: 3.12.2 + - name: Install AWS CLI + uses: unfor19/install-aws-cli-action@v1 + if: inputs.runner == 'self-hosted' + with: + arch: arm64 + - name: Install SOPs + uses: CrisisCleanup/mozilla-sops-action@main + with: + version: 3.7.3 + - name: Setup PNPM + uses: pnpm/action-setup@v2.4.0 + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: "18" + cache: pnpm + - name: Authenticate Via OIDC Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole + role-session-name: deploy-maintenance-site + - continue-on-error: true + env: + S3_SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/maintenance-site/cdk.context.json + S3_DESTINATION: packages/stacks/maintenance-site/cdk.context.json + run: aws s3 copy ${{env.S3_SOURCE}} ${{env.S3_DESTINATION}} + - name: Checkout + uses: actions/checkout@v3 + with: + ref: main + repository: CrisisCleanup/maintenance-site + path: .maintenance-site + - name: Install + run: pnpm install + - name: Build + run: |- + pnpm build + pnpm -F 'stacks.maintenance-site' run synth:silent + cp -r packages/stacks/maintenance-site/cdk.out ./cdk.out + - continue-on-error: true + env: + S3_SOURCE: packages/stacks/maintenance-site/cdk.context.json + S3_DESTINATION: s3://crisiscleanup-pipeline-assets/cdk-assets/maintenance-site/cdk.context.json + run: aws s3 copy ${{env.S3_SOURCE}} ${{env.S3_DESTINATION}} + - name: Push assets + env: + SOURCE: cdk.out + DESTINATION: s3://crisiscleanup-pipeline-assets/maintenance-site/${{github.run_id}}-${{github.run_attempt}}/cdk.out + run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} + echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}} + aws s3 sync $SOURCE $DESTINATION + Assets-FileAsset1: + name: Publish Assets Assets-FileAsset1 + needs: + - Build-deploy-maintenance-site-synth + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + outputs: + asset-hash: ${{ steps.Publish.outputs.asset-hash }} + steps: + - name: Authenticate Via OIDC Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole + role-session-name: deploy-maintenance-site + - name: Pull assets + env: + SOURCE: s3://crisiscleanup-pipeline-assets/maintenance-site/${{github.run_id}}-${{github.run_attempt}}/cdk.out + DESTINATION: cdk.out + run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} + echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}} + aws s3 sync $SOURCE $DESTINATION + - name: Install + run: npm install --no-save cdk-assets + - id: Publish + name: Publish Assets-FileAsset1 + run: /bin/bash ./cdk.out/publish-Assets-FileAsset1-step.sh + Assets-FileAsset2: + name: Publish Assets Assets-FileAsset2 + needs: + - Build-deploy-maintenance-site-synth + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + outputs: + asset-hash: ${{ steps.Publish.outputs.asset-hash }} + steps: + - name: Authenticate Via OIDC Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole + role-session-name: deploy-maintenance-site + - name: Pull assets + env: + SOURCE: s3://crisiscleanup-pipeline-assets/maintenance-site/${{github.run_id}}-${{github.run_attempt}}/cdk.out + DESTINATION: cdk.out + run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} + echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}} + aws s3 sync $SOURCE $DESTINATION + - name: Install + run: npm install --no-save cdk-assets + - id: Publish + name: Publish Assets-FileAsset2 + run: /bin/bash ./cdk.out/publish-Assets-FileAsset2-step.sh + Assets-FileAsset3: + name: Publish Assets Assets-FileAsset3 + needs: + - Build-deploy-maintenance-site-synth + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + outputs: + asset-hash: ${{ steps.Publish.outputs.asset-hash }} + steps: + - name: Authenticate Via OIDC Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole + role-session-name: deploy-maintenance-site + - name: Pull assets + env: + SOURCE: s3://crisiscleanup-pipeline-assets/maintenance-site/${{github.run_id}}-${{github.run_attempt}}/cdk.out + DESTINATION: cdk.out + run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} + echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}} + aws s3 sync $SOURCE $DESTINATION + - name: Install + run: npm install --no-save cdk-assets + - id: Publish + name: Publish Assets-FileAsset3 + run: /bin/bash ./cdk.out/publish-Assets-FileAsset3-step.sh + Assets-FileAsset4: + name: Publish Assets Assets-FileAsset4 + needs: + - Build-deploy-maintenance-site-synth + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + outputs: + asset-hash: ${{ steps.Publish.outputs.asset-hash }} + steps: + - name: Authenticate Via OIDC Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole + role-session-name: deploy-maintenance-site + - name: Pull assets + env: + SOURCE: s3://crisiscleanup-pipeline-assets/maintenance-site/${{github.run_id}}-${{github.run_attempt}}/cdk.out + DESTINATION: cdk.out + run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} + echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}} + aws s3 sync $SOURCE $DESTINATION + - name: Install + run: npm install --no-save cdk-assets + - id: Publish + name: Publish Assets-FileAsset4 + run: /bin/bash ./cdk.out/publish-Assets-FileAsset4-step.sh + Assets-FileAsset5: + name: Publish Assets Assets-FileAsset5 + needs: + - Build-deploy-maintenance-site-synth + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + outputs: + asset-hash: ${{ steps.Publish.outputs.asset-hash }} + steps: + - name: Authenticate Via OIDC Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole + role-session-name: deploy-maintenance-site + - name: Pull assets + env: + SOURCE: s3://crisiscleanup-pipeline-assets/maintenance-site/${{github.run_id}}-${{github.run_attempt}}/cdk.out + DESTINATION: cdk.out + run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} + echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}} + aws s3 sync $SOURCE $DESTINATION + - name: Install + run: npm install --no-save cdk-assets + - id: Publish + name: Publish Assets-FileAsset5 + run: /bin/bash ./cdk.out/publish-Assets-FileAsset5-step.sh + pipeline-maintenance-site-Deploy: + name: Deploy pipelinemaintenancesite2E0710C3 + permissions: + contents: read + id-token: write + needs: + - Build-deploy-maintenance-site-synth + - Assets-FileAsset1 + - Assets-FileAsset2 + - Assets-FileAsset3 + - Assets-FileAsset4 + - Assets-FileAsset5 + runs-on: ${{inputs.runner || 'ubuntu-latest'}} + steps: + - name: Authenticate Via OIDC Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole + role-session-name: deploy-maintenance-site + - name: Assume CDK Deploy Role + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-region: us-east-1 + role-duration-seconds: 1800 + role-skip-session-tagging: true + aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} + aws-session-token: ${{ env.AWS_SESSION_TOKEN }} + role-to-assume: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_PIPELINE}}:role/cdk-hnb659fds-deploy-role-${{secrets.AWS_ACCOUNT_ID_PIPELINE}}-us-east-1 + role-external-id: Pipeline + - id: Deploy + uses: aws-actions/aws-cloudformation-github-deploy@v1.2.0 + with: + name: pipeline-maintenance-site + template: https://cdk-hnb659fds-assets-${{secrets.AWS_ACCOUNT_ID_PIPELINE}}-us-east-1.s3.us-east-1.amazonaws.com/${{ + needs.Assets-FileAsset1.outputs.asset-hash }}.json + no-fail-on-empty-changeset: "1" + role-arn: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_PIPELINE}}:role/cdk-hnb659fds-cfn-exec-role-${{secrets.AWS_ACCOUNT_ID_PIPELINE}}-us-east-1 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 01e26b42..6f107e96 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -100,6 +100,7 @@ jobs: SOURCE: cdk.out DESTINATION: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -128,6 +129,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -161,6 +163,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -194,6 +197,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -227,6 +231,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -260,6 +265,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -293,6 +299,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -326,6 +333,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -359,6 +367,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -392,6 +401,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -425,6 +435,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -458,6 +469,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -491,6 +503,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -524,6 +537,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -557,6 +571,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -590,6 +605,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -623,6 +639,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -656,6 +673,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -689,6 +707,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -722,6 +741,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -755,6 +775,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -788,6 +809,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -821,6 +843,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -854,6 +877,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -887,6 +911,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -920,6 +945,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -953,6 +979,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -986,6 +1013,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}} @@ -1019,6 +1047,7 @@ jobs: SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out DESTINATION: cdk.out run: |- + echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PIPELINE}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}} echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_PRODUCTION}}