From 921f2e1c7665adf59f13aadf0520158aba8e7644 Mon Sep 17 00:00:00 2001 From: julien Date: Wed, 10 May 2023 12:24:24 +0200 Subject: [PATCH] refactor(ci): use of OpenID Connect --- .github/workflows/ci-docs-autogen.yml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci-docs-autogen.yml b/.github/workflows/ci-docs-autogen.yml index 301ec18..8ba20f1 100644 --- a/.github/workflows/ci-docs-autogen.yml +++ b/.github/workflows/ci-docs-autogen.yml @@ -5,10 +5,13 @@ on: branches: - main +permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + jobs: - autogen-docs: + forge-docs: runs-on: ubuntu-latest - environment: name: Documentation url: https://developers-vaults.morpho.xyz @@ -18,11 +21,12 @@ jobs: with: submodules: recursive - - name: Generate and upload docs - uses: morpho-labs/foundry-docs-aws@v1 + - name: Generate & upload forge docs + uses: morpho-labs/foundry-docs-aws@v1.1.1 with: aws-s3-bucket: ${{ secrets.AWS_S3_BUCKET }} aws-cloudfront-distribution-id: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }} - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + role-session-name: ${{ vars.AWS_SESSION_NAME }} aws-region: ${{ secrets.AWS_REGION }} + s3-acl: private \ No newline at end of file