File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -499,6 +499,9 @@ jobs:
499499 ci-release-publish :
500500 runs-on : ubuntu-latest
501501 environment : master
502+ permissions :
503+ id-token : write
504+ contents : read
502505 needs : [ci, ci-compat-e2e]
503506 if : |
504507 startsWith(github.ref, 'refs/tags/v')
@@ -514,10 +517,16 @@ jobs:
514517 with :
515518 ref : ${{ github.sha }}
516519
520+ - name : Configure AWS credentials (OIDC)
521+ uses : aws-actions/configure-aws-credentials@v4
522+ with :
523+ role-to-assume : ${{ secrets.AWS_OIDC_ROLE_ARN }}
524+ aws-region : us-east-2
525+ role-session-name : ci3-release-publish-${{ github.run_id }}
526+ role-duration-seconds : 21600
527+
517528 - name : Run Release Publish
518529 env :
519- AWS_ACCESS_KEY_ID : ${{ secrets.AWS_ACCESS_KEY_ID }}
520- AWS_SECRET_ACCESS_KEY : ${{ secrets.AWS_SECRET_ACCESS_KEY }}
521530 GITHUB_TOKEN : ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
522531 BUILD_INSTANCE_SSH_KEY : ${{ secrets.BUILD_INSTANCE_SSH_KEY }}
523532 GCP_SA_KEY : ${{ secrets.GCP_SA_KEY }}
You can’t perform that action at this time.
0 commit comments