Comments (8)
ah damn, that's kind of lame, otherwise yeah you could have two concurrent filters for the two branches and do it that way, hmm... haha
from actions.
I think you'd have to filter on the branches you want, then create two different deployment actions in order to tweak config
from actions.
Yeah, I was going to go this route. I wasn't sure how multiple workflow files worked. I wish when you filter, you can choose to close the entire workflow execution or just cancel the branch, so I can start with a filter and continue with a branch.
from actions.
I'm going through this, and creating a new workflow and using "AWS_ACCESS_KEY_ID" or "AWS_SECRET_ACCESS_KEY" secrets don't let me reset the value. Secrets are persisted for the entire action area... :(
from actions.
@tj exactly. actions is pretty amazing, they still have a long way to go. Even if I could do "secrets per branch" type of thing, that'd be cool.
I finally got a successful SAM + "staging" branch deploy, so I'm going to test a production one today and hope to knock it out.
My current solution is storing the AWS credentials file as a secret "AWS_CREDENTIALS", running a plain bash action to create a .aws/credentials file within my repository, and setting the SAM to use it.
action "create aws credentials" {
uses = "actions/bin/sh@master"
needs = "filter staging branch"
secrets = ["AWS_CREDENTIALS"]
args = ["rm -rf ${GITHUB_WORKSPACE}/.aws && mkdir ./.aws && echo \"$AWS_CREDENTIALS\" >> ${GITHUB_WORKSPACE}/.aws/credentials"]
}
action "staging sam package" {
uses = "apex/actions/aws/sam@master"
needs = "create aws credentials"
args = "package --profile example-${NODE_ENV} --template-file template.yml --output-template-file template-packaged.yml --s3-bucket example-${NODE_ENV}"
env = {
NODE_ENV = "staging"
AWS_SHARED_CREDENTIALS_FILE = "${GITHUB_WORKSPACE}/.aws/credentials"
}
}
This way worked, just need to copy paste (
from actions.
@j did creating two action workflows work for you?
I'm still confused on how to load a separate AwS profile for prod and staging.
from actions.
@pavan-shipmnts its been a while now, I forget haha, I think it worked but I don't use GH Actions since I work solo, there might be a better way to approach environments now that GH Actions is more mature
from actions.
You can use the AWS CLI to create multiple profiles:
- name: Set AWS Credentials
run: |
aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} --profile firstProfile
aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} --profile firstProfile
aws configure set region ${ secrets.AWS_DEFAULT_REGION} --profile firstProfile
aws_assume=($(aws sts assume-role \
--role-arn "arn:aws:iam::${accountId}:role/${roleName}" \
--role-session-name "${roleSessionName}" \
--profile firstProfile \
--query 'Credentials.[AccessKeyId,SecretAccessKey,SessionToken]' \
--output text))
aws configure set aws_access_key_id "${aws_assume[0]}" --profile secondProfile
aws configure set aws_secret_access_key "${aws_assume[1]}" --profile secondProfile
aws configure set aws_session_token "${aws_assume[2]}" --profile secondProfile
You can use the --profile ${name}
flag in basically every aws command. After your set those credentials, just pass the flag with the name you want for each command.
from actions.
Related Issues (9)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from actions.