From f7f2bcac2f5c09cbd85b04355806cc586a8a2f8d Mon Sep 17 00:00:00 2001 From: David Lopez Date: Thu, 5 Jan 2023 09:33:16 -0800 Subject: [PATCH] fix: remove e2e test account credentials --- .github/workflows/canaries.yml | 19 +++++++++++++------ .github/workflows/check.yml | 14 +++++++++++--- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/.github/workflows/canaries.yml b/.github/workflows/canaries.yml index 50cadc193..09578d8d1 100644 --- a/.github/workflows/canaries.yml +++ b/.github/workflows/canaries.yml @@ -31,16 +31,19 @@ jobs: run: | npm i aws-amplify @aws-amplify/ui-react npm i --save-dev cypress + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.E2E_TEST_ROLE_ARN }} + aws-region: us-west-2 - name: Run CLI Pull in test app working-directory: e2e-test-app run: | FORCE_RENDER=1 amplify pull --appId ${{ secrets.E2E_TEST_APP_ID }} --envName staging -y --providers "{\ \"awscloudformation\":{\ \"configLevel\":\"project\",\ - \"useProfile\":false,\ + \"useProfile\":true,\ \"profileName\":\"default\",\ - \"accessKeyId\":\"${{ secrets.E2E_TEST_ACCESS_KEY }}\",\ - \"secretAccessKey\":\"${{ secrets.E2E_TEST_SECRET_KEY }}\",\ \"region\":\"us-west-2\"\ }\ }" @@ -103,16 +106,19 @@ jobs: run: | npm i aws-amplify @aws-amplify/ui-react npm i --save-dev cypress + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.E2E_TEST_ROLE_ARN }} + aws-region: us-west-2 - name: Run CLI Pull in test app working-directory: e2e-test-app run: | FORCE_RENDER=1 amplify pull --appId ${{ secrets.E2E_TEST_APP_ID }} --envName staging -y --providers "{\ \"awscloudformation\":{\ \"configLevel\":\"project\",\ - \"useProfile\":false,\ + \"useProfile\":true,\ \"profileName\":\"default\",\ - \"accessKeyId\":\"${{ secrets.E2E_TEST_ACCESS_KEY }}\",\ - \"secretAccessKey\":\"${{ secrets.E2E_TEST_SECRET_KEY }}\",\ \"region\":\"us-west-2\"\ }\ }" @@ -131,6 +137,7 @@ jobs: env: REACT_APP_USER_EMAIL: ${{ secrets.E2E_TEST_USER_EMAIL }} REACT_APP_USER_PASSWORD: ${{ secrets.E2E_TEST_USER_PASSWORD }} + write-release-canary-failure-metric: runs-on: ubuntu-latest needs: release-canary diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index c87efa83f..51420ef3c 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -6,6 +6,11 @@ on: pull_request: branches: [main, develop, feature/*, tagged-release/*] +# These permissions are needed to interact with GitHub's OIDC Token endpoint. +permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + jobs: amplify-cli-tests: runs-on: ubuntu-latest @@ -52,16 +57,19 @@ jobs: run: | npm i aws-amplify @aws-amplify/ui-react npm i --save-dev cypress + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.E2E_TEST_ROLE_ARN }} + aws-region: us-west-2 - name: Run CLI Pull in test app working-directory: e2e-test-app run: | FORCE_RENDER=1 amplify-dev pull --appId ${{ secrets.E2E_TEST_APP_ID }} --envName staging -y --providers "{\ \"awscloudformation\":{\ \"configLevel\":\"project\",\ - \"useProfile\":false,\ + \"useProfile\":true,\ \"profileName\":\"default\",\ - \"accessKeyId\":\"${{ secrets.E2E_TEST_ACCESS_KEY }}\",\ - \"secretAccessKey\":\"${{ secrets.E2E_TEST_SECRET_KEY }}\",\ \"region\":\"us-west-2\"\ }\ }"