From 0c526a6d2378c93fed9248acfca6c45429803e0e Mon Sep 17 00:00:00 2001
From: Konstantin Borovik <kb@lab5.ca>
Date: Mon, 29 Jul 2024 15:15:27 -0400
Subject: [PATCH] 2024.07.29-1515

---
 .github/workflows/lab5-gcp-dev1.yaml | 26 ++++++++++----------------
 VERSION                              |  2 +-
 2 files changed, 11 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/lab5-gcp-dev1.yaml b/.github/workflows/lab5-gcp-dev1.yaml
index 004b4a0..6bcab12 100644
--- a/.github/workflows/lab5-gcp-dev1.yaml
+++ b/.github/workflows/lab5-gcp-dev1.yaml
@@ -10,27 +10,21 @@ env:
 
 on: push
 
-permissions:
-  id-token: write
-  contents: read
-
 jobs:
   terraform-plan:
     runs-on: ubuntu-latest
     environment: lab5-gcp-dev1
+    permissions:
+      id-token: write
+      contents: read
     steps:
-      - name: Get OIDC token
-        uses: actions/github-script@v6
-        with:
-          script: |
-            const tokenUrl = process.env.ACTIONS_ID_TOKEN_REQUEST_URL
-            const token = await github.request({
-              url: tokenUrl,
-              headers: {
-                Authorization: `Bearer ${process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN}`
-              }
-            })
-            console.log("OIDC token:", token.data.value)
+      - name: Get OIDC Token and display audience
+        run: |
+          OIDC_TOKEN=$(curl -sLS "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=your-audience" \
+            -H "User-Agent: actions/oidc-client" \
+            -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN")
+          AUD_CLAIM=$(echo $OIDC_TOKEN | jq -r '.aud')
+          echo "OIDC Token Audience: $AUD_CLAIM"
       - id: checkout
         name: Code Checkout
         uses: actions/checkout@v4
diff --git a/VERSION b/VERSION
index fe2b7ca..96b2c22 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2024.07.29-1506
+2024.07.29-1515