Revert "refactor: bring back OIDC"

Abogical · Abogical · commit 0f3493c96c90 · 2025-10-16T15:31:11.000Z
This reverts commit d0243d5.
diff --git a/.github/workflows/integration-test-deployment.yml b/.github/workflows/integration-test-deployment.yml
@@ -39,12 +39,24 @@ jobs:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
       
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v5
-        with:
-          role-to-assume: ${{ vars.CDK_ATMOSPHERE_OIDC_ROLE }}
-          role-session-name: run-tests@aws-cdk-deployment-integ
-          aws-region: us-east-1
+      - name: Assume Atmosphere Role
+        id: creds
+        run: |
+          # Assume role and capture the JSON output
+          CREDS=$(aws sts assume-role \
+          --role-arn ${{ vars.CDK_ATMOSPHERE_OIDC_ROLE }} \
+          --role-session-name run-tests@aws-cdk-deployment-integ)
+          # Parse the JSON output and set environment variables
+          AWS_ACCESS_KEY_ID=$(echo $CREDS | jq -r '.Credentials.AccessKeyId')
+          AWS_SECRET_ACCESS_KEY=$(echo $CREDS | jq -r '.Credentials.SecretAccessKey')
+          AWS_SESSION_TOKEN=$(echo $CREDS | jq -r '.Credentials.SessionToken')
+          echo "::add-mask::$AWS_ACCESS_KEY_ID"
+          echo "::add-mask::$AWS_SECRET_ACCESS_KEY"
+          echo "::add-mask::$AWS_SESSION_TOKEN"
+          
+          echo "AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> $GITHUB_ENV
+          echo "AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> $GITHUB_ENV
+          echo "AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN" >> $GITHUB_ENV
 
       - name: Setup Node.js
         uses: actions/setup-node@v5
