Skip to content

Commit

Permalink
ingest-to-phylo: Test aws-role-policies
Browse files Browse the repository at this point in the history
Testing upstream changes in pathogen-repo-build from
nextstrain/.github@e0e79dc

This allows us to exclude the secrets for AWS credentials.
  • Loading branch information
joverlee521 committed Apr 9, 2024
1 parent 9892009 commit ac7ab7e
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions .github/workflows/ingest-to-phylogenetic.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -42,22 +42,23 @@ jobs:
ingest:
permissions:
id-token: write
uses: nextstrain/.github/.github/workflows/pathogen-repo-build.yaml@master
secrets: inherit
uses: nextstrain/.github/.github/workflows/pathogen-repo-build.yaml@e0e79dc3cb38b5fb873c412bd0e12917f169d2bd
with:
# Starting with the default docker runtime
# We can migrate to AWS Batch when/if we need to for more resources or if
# the job runs longer than the GH Action limit of 6 hours.
runtime: docker
runtime: aws-batch
env: |
NEXTSTRAIN_DOCKER_IMAGE: ${{ inputs.ingest_image }}
run: |
nextstrain build \
--env AWS_ACCESS_KEY_ID \
--env AWS_SECRET_ACCESS_KEY \
--env AWS_SESSION_TOKEN \
ingest \
upload_all \
--configfile build-configs/nextstrain-automation/config.yaml
--configfile build-configs/nextstrain-automation/config.yaml \
--config s3_dst="s3://nextstrain-data/files/workflows/zika/trial/aws-role-policies"
# Specifying artifact name to differentiate ingest build outputs from
# the phylogenetic build outputs
artifact-name: ingest-build-output
Expand Down

0 comments on commit ac7ab7e

Please sign in to comment.