From e1fb86a44758a1fe41ab6a9f8d3426fdf6ecb134 Mon Sep 17 00:00:00 2001 From: omartehsin1 Date: Wed, 6 Sep 2023 16:02:23 -0400 Subject: [PATCH 1/3] updated aws credential action --- .github/workflows/build-push.yml | 2 +- .github/workflows/build-test.yml | 2 +- .github/workflows/deploy-staging.yaml | 4 ++-- .github/workflows/remove-staging.yaml | 4 ++-- .github/workflows/tf_apply_production.yml | 2 +- .github/workflows/tf_plan_production.yml | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 448f5d75e..8c54933fe 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -94,7 +94,7 @@ jobs: ~/cds-website-dist key: ${{ runner.os }}-${{ github.sha }} - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # tag=v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-apply # TF apply role-session-name: cache diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index b1e9857bf..b3fe94583 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -86,7 +86,7 @@ jobs: key: ${{ runner.os }}-${{ github.sha }} - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/deploy-staging.yaml b/.github/workflows/deploy-staging.yaml index 480c82e3f..de5b7f8ae 100644 --- a/.github/workflows/deploy-staging.yaml +++ b/.github/workflows/deploy-staging.yaml @@ -26,7 +26,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} @@ -60,7 +60,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/remove-staging.yaml b/.github/workflows/remove-staging.yaml index 597e62eb6..563beddb7 100644 --- a/.github/workflows/remove-staging.yaml +++ b/.github/workflows/remove-staging.yaml @@ -23,7 +23,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} @@ -44,7 +44,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/tf_apply_production.yml b/.github/workflows/tf_apply_production.yml index 2c2f4e728..0834b61f6 100644 --- a/.github/workflows/tf_apply_production.yml +++ b/.github/workflows/tf_apply_production.yml @@ -33,7 +33,7 @@ jobs: uses: cds-snc/terraform-tools-setup@v1 - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # tag=v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-apply # TF apply role-session-name: TFApply diff --git a/.github/workflows/tf_plan_production.yml b/.github/workflows/tf_plan_production.yml index 492c8e3df..b37fecf75 100644 --- a/.github/workflows/tf_plan_production.yml +++ b/.github/workflows/tf_plan_production.yml @@ -40,7 +40,7 @@ jobs: uses: cds-snc/terraform-tools-setup@v1 - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # tag=v1.7.0 + uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-plan # TF plan role-session-name: TFPlan From a6c443f29f257c45ca27e4b7fc4595c021ff9424 Mon Sep 17 00:00:00 2001 From: omartehsin1 Date: Wed, 6 Sep 2023 16:24:05 -0400 Subject: [PATCH 2/3] updated to 3.0.0 --- .github/workflows/build-push.yml | 2 +- .github/workflows/build-test.yml | 2 +- .github/workflows/deploy-staging.yaml | 4 ++-- .github/workflows/remove-staging.yaml | 4 ++-- .github/workflows/tf_apply_production.yml | 2 +- .github/workflows/tf_plan_production.yml | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 8c54933fe..2d779623e 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -94,7 +94,7 @@ jobs: ~/cds-website-dist key: ${{ runner.os }}-${{ github.sha }} - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-apply # TF apply role-session-name: cache diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index b3fe94583..da9fd3fbb 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -86,7 +86,7 @@ jobs: key: ${{ runner.os }}-${{ github.sha }} - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/deploy-staging.yaml b/.github/workflows/deploy-staging.yaml index de5b7f8ae..d13d07b72 100644 --- a/.github/workflows/deploy-staging.yaml +++ b/.github/workflows/deploy-staging.yaml @@ -26,7 +26,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} @@ -60,7 +60,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/remove-staging.yaml b/.github/workflows/remove-staging.yaml index 563beddb7..8b954641d 100644 --- a/.github/workflows/remove-staging.yaml +++ b/.github/workflows/remove-staging.yaml @@ -23,7 +23,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} @@ -44,7 +44,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/tf_apply_production.yml b/.github/workflows/tf_apply_production.yml index 0834b61f6..985f31c8d 100644 --- a/.github/workflows/tf_apply_production.yml +++ b/.github/workflows/tf_apply_production.yml @@ -33,7 +33,7 @@ jobs: uses: cds-snc/terraform-tools-setup@v1 - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-apply # TF apply role-session-name: TFApply diff --git a/.github/workflows/tf_plan_production.yml b/.github/workflows/tf_plan_production.yml index b37fecf75..7d94803da 100644 --- a/.github/workflows/tf_plan_production.yml +++ b/.github/workflows/tf_plan_production.yml @@ -40,7 +40,7 @@ jobs: uses: cds-snc/terraform-tools-setup@v1 - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 + uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-plan # TF plan role-session-name: TFPlan From 23001f133dadcd73c8f519b6eb2603873bb9ee10 Mon Sep 17 00:00:00 2001 From: omartehsin1 Date: Wed, 6 Sep 2023 16:28:45 -0400 Subject: [PATCH 3/3] updated to 3.0.1 --- .github/workflows/build-push.yml | 2 +- .github/workflows/build-test.yml | 2 +- .github/workflows/deploy-staging.yaml | 4 ++-- .github/workflows/remove-staging.yaml | 4 ++-- .github/workflows/tf_apply_production.yml | 2 +- .github/workflows/tf_plan_production.yml | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 2d779623e..846a38de8 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -94,7 +94,7 @@ jobs: ~/cds-website-dist key: ${{ runner.os }}-${{ github.sha }} - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-apply # TF apply role-session-name: cache diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index da9fd3fbb..fdf7f9ca2 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -86,7 +86,7 @@ jobs: key: ${{ runner.os }}-${{ github.sha }} - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/deploy-staging.yaml b/.github/workflows/deploy-staging.yaml index d13d07b72..ad566da2a 100644 --- a/.github/workflows/deploy-staging.yaml +++ b/.github/workflows/deploy-staging.yaml @@ -26,7 +26,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} @@ -60,7 +60,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/remove-staging.yaml b/.github/workflows/remove-staging.yaml index 8b954641d..77ed97263 100644 --- a/.github/workflows/remove-staging.yaml +++ b/.github/workflows/remove-staging.yaml @@ -23,7 +23,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} @@ -44,7 +44,7 @@ jobs: - name: Configure AWS credentials id: aws-creds - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/tf_apply_production.yml b/.github/workflows/tf_apply_production.yml index 985f31c8d..24858b8b1 100644 --- a/.github/workflows/tf_apply_production.yml +++ b/.github/workflows/tf_apply_production.yml @@ -33,7 +33,7 @@ jobs: uses: cds-snc/terraform-tools-setup@v1 - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-apply # TF apply role-session-name: TFApply diff --git a/.github/workflows/tf_plan_production.yml b/.github/workflows/tf_plan_production.yml index 7d94803da..00caf5981 100644 --- a/.github/workflows/tf_plan_production.yml +++ b/.github/workflows/tf_plan_production.yml @@ -40,7 +40,7 @@ jobs: uses: cds-snc/terraform-tools-setup@v1 - name: configure aws credentials using OIDC - uses: aws-actions/configure-aws-credentials@ef93a73b1313f148011965ef7361f667f371f58b # v3.0.0 + uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # v3.0.1 with: role-to-assume: arn:aws:iam::521732289257:role/digital-canada-ca-plan # TF plan role-session-name: TFPlan