diff --git a/.github/workflows/arm_deb_packager.yml b/.github/workflows/arm_deb_packager.yml index 37f80e78..73de135b 100644 --- a/.github/workflows/arm_deb_packager.yml +++ b/.github/workflows/arm_deb_packager.yml @@ -190,6 +190,5 @@ jobs: with: target: ${{ needs.build_package.outputs.target }} tag: ${{ needs.build_package.outputs.tag }} - secrets: account_id: ${{ needs.build_package.outputs.account_id }} instance_id: ${{ needs.build_package.outputs.instance_id }} diff --git a/.github/workflows/deploy_package.yml b/.github/workflows/deploy_package.yml index 11be2c0a..b3560fec 100644 --- a/.github/workflows/deploy_package.yml +++ b/.github/workflows/deploy_package.yml @@ -7,11 +7,13 @@ on: tag: type: string default: "next" - secrets: + oidcrole: + type: string + default: midendev account_id: - required: true + type: string instance_id: - required: true + type: string permissions: id-token: write @@ -25,14 +27,14 @@ jobs: uses: aws-actions/configure-aws-credentials@v4 with: aws-region: eu-west-1 - role-to-assume: arn:aws:iam::${{ secrets.account_id }}:role/midendev-GithubActionsRole + role-to-assume: arn:aws:iam::${{ inputs.account_id }}:role/${{ inputs.oidcrole }}-GithubActionsRole role-session-name: GithubActionsSession - name: Execute Architecture for instance id: get_arch uses: ./.github/actions/ssm_execute with: - instance_id: ${{ secrets.instance_id }} + instance_id: ${{ inputs.instance_id }} command: uname -m - name: Determine architecture @@ -48,7 +50,7 @@ jobs: id: package_install_testnet uses: ./.github/actions/ssm_execute with: - instance_id: ${{ secrets.instance_id }} + instance_id: ${{ inputs.instance_id }} command: | sudo rm -f miden-* sudo systemctl stop miden-node @@ -70,7 +72,7 @@ jobs: id: package_install_devnet uses: ./.github/actions/ssm_execute with: - instance_id: ${{ secrets.instance_id }} + instance_id: ${{ inputs.instance_id }} command: | sudo rm -f miden-* sudo systemctl stop miden-node @@ -84,7 +86,7 @@ jobs: id: configure_environment uses: ./.github/actions/ssm_execute with: - instance_id: ${{ secrets.instance_id }} + instance_id: ${{ inputs.instance_id }} command: | sleep 10 sudo chown -R miden /opt/miden @@ -97,7 +99,7 @@ jobs: id: start_miden_service uses: ./.github/actions/ssm_execute with: - instance_id: ${{ secrets.instance_id }} + instance_id: ${{ inputs.instance_id }} command: | COMMAND_ID=$(aws ssm send-command \ sudo systemctl daemon-reload @@ -107,7 +109,7 @@ jobs: id: start_miden_faucet_service uses: ./.github/actions/ssm_execute with: - instance_id: ${{ secrets.instance_id }} + instance_id: ${{ inputs.instance_id }} command: | sudo systemctl daemon-reload sudo systemctl start miden-faucet