Skip to content

Commit d137395

Browse files
eahefnawyeahefnawy
committed
chore(github): setup Github oidc
1 parent d5b0f1b commit d137395

File tree

3 files changed

+18
-9
lines changed

3 files changed

+18
-9
lines changed

.github/workflows/main.yml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,11 +24,14 @@ jobs:
2424
cmd: |
2525
yq -i '.stages.prod.params.customDomainName = "${{ vars.CUSTOM_DOMAIN_NAME }}"' serverless-compose.yml
2626
yq -i '.stages.prod.params.customDomainCertificateARN = "${{ vars.CUSTOM_DOMAIN_CERTIFICATE_ARN }}"' serverless-compose.yml
27-
- name: Serverless Deploy
27+
- name: Configure AWS Credentials - Serverless Marketing AWS Account
28+
uses: aws-actions/configure-aws-credentials@v2
29+
with:
30+
role-to-assume: arn:aws:iam::488110005556:role/GithubActionsDeploymentRole
31+
aws-region: us-east-1
32+
- name: Serverless Deploy - Prod
2833
uses: serverless/github-action@v4
2934
with:
3035
args: deploy --stage prod
3136
env:
3237
SERVERLESS_LICENSE_KEY: ${{ secrets.SERVERLESS_LICENSE_KEY }}
33-
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
34-
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

.github/workflows/pr-deploy.yml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,14 @@ jobs:
1818
cache: "npm"
1919
- name: Install dependencies
2020
run: npm ci
21-
- name: serverless deploy
21+
- name: Configure AWS Credentials - Serverless Marketing AWS Account
22+
uses: aws-actions/configure-aws-credentials@v2
23+
with:
24+
role-to-assume: arn:aws:iam::488110005556:role/GithubActionsDeploymentRole
25+
aws-region: us-east-1
26+
- name: Serverless Deploy - PR Preview
2227
uses: serverless/github-action@v4
2328
with:
2429
args: deploy --stage pr-${{ github.event.pull_request.number }}
2530
env:
2631
SERVERLESS_LICENSE_KEY: ${{ secrets.SERVERLESS_LICENSE_KEY }}
27-
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
28-
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

.github/workflows/pr-remove.yml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,14 @@ jobs:
1818
cache: "npm"
1919
- name: Install dependencies
2020
run: npm ci
21-
- name: serverless remove
21+
- name: Configure AWS Credentials - Serverless Marketing AWS Account
22+
uses: aws-actions/configure-aws-credentials@v2
23+
with:
24+
role-to-assume: arn:aws:iam::488110005556:role/GithubActionsDeploymentRole
25+
aws-region: us-east-1
26+
- name: Serverless Remove - PR Preview
2227
uses: serverless/github-action@v4
2328
with:
2429
args: remove --stage pr-${{ github.event.pull_request.number }}
2530
env:
2631
SERVERLESS_LICENSE_KEY: ${{ secrets.SERVERLESS_LICENSE_KEY }}
27-
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
28-
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

0 commit comments

Comments
 (0)