diff --git a/.github/composites/setup-github-auth.yaml b/.github/composites/setup-github-auth.yaml index c4110ea..7fca157 100644 --- a/.github/composites/setup-github-auth.yaml +++ b/.github/composites/setup-github-auth.yaml @@ -1,5 +1,5 @@ name: Setup GitHub Authentication -secrets: +inputs: GIT_TOKEN_BASIC: required: true runs: @@ -9,4 +9,4 @@ runs: run: export GITHUB_TOKEN="$GIT_TOKEN_BASIC" shell: bash env: - GIT_TOKEN_BASIC: ${{ secrets.GIT_TOKEN_BASIC }} + GIT_TOKEN_BASIC: ${{ inputs.GIT_TOKEN_BASIC }} diff --git a/.github/composites/terragrunt-apply.yaml b/.github/composites/terragrunt-apply.yaml index 2fe1cdb..236d11d 100644 --- a/.github/composites/terragrunt-apply.yaml +++ b/.github/composites/terragrunt-apply.yaml @@ -10,11 +10,14 @@ inputs: required: false type: string default: .*\.(hcl|json|yaml)$ -secrets: - GIT_TOKEN_BASIC: + githubAccessToken: + description: The GitHub PAT used to access GitHub repositories (required to access private repositories, such as stack-modules). required: true - TFC_ACCESS_TOKEN: + type: string + terraformCloudAccessToken: + description: The access token used to access and interact with remote state/locks stored in Terraform Cloud. required: true + type: string runs: using: composite steps: @@ -44,11 +47,11 @@ runs: run: ./.actions/scripts/terraform/set-tfc-credentials.sh shell: bash env: - TFC_ACCESS_TOKEN: ${{ secrets.TFC_ACCESS_TOKEN }} + TFC_ACCESS_TOKEN: ${{ inputs.terraformCloudAccessToken }} - name: Terragrunt Apply if: steps.verify_files_changed.outputs.files_changed == 'true' run: ./.actions/scripts/terraform/run-terragrunt-apply.sh '${{ inputs.baseDirectory }}' shell: bash env: - GITHUB_TOKEN: ${{ secrets.GIT_TOKEN_BASIC }} + GITHUB_TOKEN: ${{ inputs.githubAccessToken }}