Skip to content

Commit

Permalink
update aws-vault usage to sso (#164)
Browse files Browse the repository at this point in the history
  • Loading branch information
@DylanLovesCoffee
DylanLovesCoffee authored Aug 16, 2023
1 parent f439859 commit 4d9b829
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 5 deletions.
4 changes: 2 additions & 2 deletions local_tests/build-docker-runtime.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ fi
cd "$CURRENT_PATH/local_tests"
if [ -z "$LAYER_PATH" ] && [ -n "$LAYER_NAME" ]; then
# Get the latest available version
LATEST_AVAILABLE_VERSION=$(aws-vault exec serverless-sandbox-account-admin \
LATEST_AVAILABLE_VERSION=$(aws-vault exec sso-serverless-sandbox-account-admin \
-- aws lambda list-layer-versions --layer-name $LAYER_NAME --region sa-east-1 --max-items 1 \
| jq -r ".LayerVersions | .[0] | .Version")

Expand All @@ -77,7 +77,7 @@ if [ -z "$LAYER_PATH" ] && [ -n "$LAYER_NAME" ]; then
echo "The layer has already been downloaded, skipping"
else
echo "Downloading the latest $RUNTIME layer (version $LATEST_AVAILABLE_VERSION)"
URL=$(aws-vault exec serverless-sandbox-account-admin \
URL=$(aws-vault exec sso-serverless-sandbox-account-admin \
-- aws lambda get-layer-version --layer-name $LAYER_NAME --version-number $LATEST_AVAILABLE_VERSION \
--query Content.Location --region sa-east-1 --output text)
curl -k $URL -o "$LAYER"
Expand Down
6 changes: 3 additions & 3 deletions scripts/publish_prod.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ fi
docker login

echo "Checking that you have access to the commercial AWS account"
aws-vault exec prod-engineering -- aws sts get-caller-identity
aws-vault exec sso-prod-engineering -- aws sts get-caller-identity

echo "Checking that you have access to the GovCloud AWS account"
ddsaml2aws login -a govcloud-us1-fed-human-engineering
Expand All @@ -73,10 +73,10 @@ AWS_PROFILE=govcloud-us1-fed-human-engineering aws sts get-caller-identity
VERSION=$VERSION AGENT_VERSION=$AGENT_VERSION ./scripts/build_binary_and_layer_dockerized.sh

echo "Signing the layer"
aws-vault exec prod-engineering -- ./scripts/sign_layers.sh prod
aws-vault exec sso-prod-engineering -- ./scripts/sign_layers.sh prod

echo "Publishing layers to commercial AWS regions"
aws-vault exec prod-engineering --no-session -- ./scripts/publish_layers.sh
aws-vault exec sso-prod-engineering --no-session -- ./scripts/publish_layers.sh

echo "Publishing layers to GovCloud AWS regions"
ddsaml2aws login -a govcloud-us1-fed-human-engineering
Expand Down

0 comments on commit 4d9b829

Please sign in to comment.