From 64d27eba797e541ac944618dae3b9156f6356897 Mon Sep 17 00:00:00 2001 From: Nicolas BRIERE Date: Thu, 4 Jan 2024 14:42:16 +0100 Subject: [PATCH] feat: add build args for aws login to docker build workflow --- .github/workflows/build-image.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 91fa5db..18d50a1 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -61,6 +61,8 @@ jobs: env: VAULT_URL: ${{ inputs.VAULT_URL || vars.VAULT_URL || vars.PULLREQUEST_VAULT_URL }} VAULT_GITHUB_ACTIONS_ROLE: ${{ inputs.vault_github_actions_role || vars.VAULT_GITHUB_ACTIONS_ROLE }} + AWS_ACCOUNT_ID: ${{ vars.AWS_ACCOUNT_ID || vars.PULL_REQUEST_AWS_ACCOUNT_ID }} + AWS_REGION: ${{ vars.AWS_REGION || vars.AWS_DEFAULT_REGION }} outputs: image-url: ${{ steps.meta.outputs.tags }} image-version: ${{ steps.meta.outputs.version }} @@ -88,6 +90,13 @@ jobs: secret/data/github-actions-common/github/read-repo-token USERNAME | GH_ORG_READ_REPO_USER ; secret/data/github-actions-common/github/read-repo-token PASSWORD | GH_ORG_READ_REPO_TOKEN ; + - name: Configure AWS Credentials + id: aws + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ env.AWS_REGION }} + role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github_oidc + - name: Checkout uses: actions/checkout@v4 @@ -126,3 +135,7 @@ jobs: ${{ inputs.build-args }} GITHUB_USER=${{ steps.secrets.outputs.GH_ORG_READ_REPO_USER }} GITHUB_TOKEN=${{ steps.secrets.outputs.GH_ORG_READ_REPO_TOKEN }} + AWS_ACCESS_KEY_ID=${{ steps.aws.outputs.aws-access-key-id }} + AWS_SECRET_ACCESS_KEY=${{ steps.aws.outputs.aws-secret-access-key }} + AWS_SESSION_TOKEN=${{ steps.aws.outputs.aws-session-token }} +