Skip to content

chore(ci): forward-port revert OIDC in ci-release-publish (#23167)#23192

Merged
benesjan merged 1 commit into
nextfrom
jb/forward-port-revert-oidc-release-publish
May 12, 2026
Merged

chore(ci): forward-port revert OIDC in ci-release-publish (#23167)#23192
benesjan merged 1 commit into
nextfrom
jb/forward-port-revert-oidc-release-publish

Conversation

@benesjan
Copy link
Copy Markdown
Contributor

@benesjan benesjan commented May 12, 2026
edited
Loading

Forward-ports #23167 to v5 to hopefully get a v5 nightly tomorrow.

@benesjan
chore(ci): revert ci-release-publish to AWS access keys
2681b23 
Forward-ports #23167 from the v4 backport line onto next.
Reverts OIDC-based AWS auth in the ci-release-publish job back
to access key credentials to unblock nightlies.
@benesjan benesjan requested a review from charlielye as a code owner May 12, 2026 13:27
@benesjan benesjan enabled auto-merge May 12, 2026 13:29
@benesjan benesjan requested review from Thunkar and mverzilli May 12, 2026 13:29
@benesjan benesjan added this pull request to the merge queue May 12, 2026
Merged via the queue into next with commit e4e0586 May 12, 2026
25 checks passed
@benesjan benesjan deleted the jb/forward-port-revert-oidc-release-publish branch May 12, 2026 16:58
@randyquaye randyquaye mentioned this pull request May 13, 2026
Merged
1 task
rangozd pushed a commit to rangozd/aztec-packages that referenced this pull request May 16, 2026
@randyquaye
chore(ci): restore OIDC in ci-release-publish (revert AztecProtocol#2…
adab335 
…3192)

Restores the OIDC-based AWS auth in the ci-release-publish job that
was temporarily reverted in AztecProtocol#23192 to unblock nightlies.
rangozd pushed a commit to rangozd/aztec-packages that referenced this pull request May 16, 2026
@benesjan
chore(ci): restore OIDC in ci-release-publish (revert AztecProtocol#2…
9934c79 
…3192) (AztecProtocol#23234)

## Summary
- Restores OIDC-based AWS auth in the `ci-release-publish` job,
reverting AztecProtocol#23192.
- Re-adds the `permissions: id-token: write / contents: read` block and
the `aws-actions/configure-aws-credentials` step using
`secrets.AWS_OIDC_ROLE_ARN`.
- Removes the static `AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY` env
vars that AztecProtocol#23192 reintroduced as a workaround.

## Context
AztecProtocol#23192 forward-ported AztecProtocol#23167 to `next` (v5) as a temporary measure to
unblock nightlies. This PR moves v5 back onto OIDC now that the
underlying issue should be resolved.

## Test plan
- [ ] Confirm a tagged release publish run on this branch authenticates
to AWS successfully via OIDC before merging.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mverzilli mverzilli mverzilli approved these changes

@charlielye charlielye Awaiting requested review from charlielye charlielye is a code owner

@Thunkar Thunkar Awaiting requested review from Thunkar

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@benesjan @mverzilli