Skip to content

Commit

Permalink
fix: use correct AWS role
Browse files Browse the repository at this point in the history 
Updating the workflow to use a new secret to get the role from based on some infra changes.
  • Loading branch information
@adamconnelly
adamconnelly committed Oct 14, 2024
1 parent f9c3b10 commit ef1e9d8
Showing 1 changed file with 17 additions and 17 deletions.
34 changes: 17 additions & 17 deletions .github/workflows/build_scheduled.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-duration-seconds: 3600

- name: Setup packer
Expand All @@ -50,10 +50,10 @@ jobs:
- name: Build the AWS AMI using Packer (${{ matrix.arch }})
run: packer build aws.pkr.hcl
env:
PKR_VAR_encrypt_boot: false
PKR_VAR_ami_name_prefix: spacelift-${{ needs.timestamp.outputs.timestamp }}
PKR_VAR_source_ami_architecture: ${{ matrix.arch }}
PKR_VAR_instance_type: ${{ matrix.arch == 'x86_64' && 't3.micro' || 't4g.micro' }}
PKR_VAR_encrypt_boot: false
PKR_VAR_ami_name_prefix: spacelift-${{ needs.timestamp.outputs.timestamp }}
PKR_VAR_source_ami_architecture: ${{ matrix.arch }}
PKR_VAR_instance_type: ${{ matrix.arch == 'x86_64' && 't3.micro' || 't4g.micro' }}

- name: Upload manifest
uses: actions/upload-artifact@v4
Expand Down Expand Up @@ -230,7 +230,7 @@ jobs:
# Technically, we don't need the source code but the git tagging action requires it
- name: Checkout source code
uses: actions/checkout@main

- name: Bump version and push tag
id: tag_version
uses: mathieudutour/[email protected]
Expand All @@ -249,7 +249,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: manifest_aws_arm64.json

# The manifest file look like this:
# "builds": [
# {
Expand All @@ -269,7 +269,7 @@ jobs:
var content = fs.readFileSync("./manifest_aws_arm64.json", "utf8");
var manifest = JSON.parse(content);
const toPrint = [];
manifest["builds"].forEach((build) => {
const regionToAmi = build["artifact_id"].split(",");
Expand All @@ -278,18 +278,18 @@ jobs:
toPrint.push(`| ${region} | ${ami} |`);
});
});
content = fs.readFileSync("./manifest_aws_x86_64.json", "utf8");
manifest = JSON.parse(content);
manifest["builds"].forEach((build) => {
const regionToAmi = build["artifact_id"].split(",");
regionToAmi.forEach((regionToAmi, i) => {
const [region, ami] = regionToAmi.split(":");
toPrint[i] = toPrint[i] + ` ${ami} |`;
});
});
const header = [
"## AWS",
"",
Expand Down Expand Up @@ -324,20 +324,20 @@ jobs:
# "custom_data": null
# }
# ]

- name: Write Azure and GCP AMI IDs to the markdown file
uses: actions/github-script@v7
env:
AZURE_VERSION: ${{ needs.azure.outputs.azure_version }}
with:
script: |
const fs = require("fs");
content = fs.readFileSync("./manifest_gcp.json", "utf8");
manifest = JSON.parse(content);
const gcpLinesToPrint = [];
manifest["builds"].forEach((build) => {
artifact = build["artifact_id"];
if (artifact.indexOf("-us-") > 0) {
Expand All @@ -350,7 +350,7 @@ jobs:
gcpLinesToPrint.push(` - Asia | \`${artifact}\``);
}
});
azureLines = [
"## Azure",
"",
Expand All @@ -369,4 +369,4 @@ jobs:
with:
tag: ${{ steps.tag_version.outputs.new_tag }}
name: ${{ steps.tag_version.outputs.new_tag }}
bodyFile: ./body.md
bodyFile: ./body.md

0 comments on commit ef1e9d8

Please sign in to comment.