Add STS session token and AWS secret precheck
Some checks failed
Deploy Hello Lambda CFT / deploy (push) Failing after 1s
Some checks failed
Deploy Hello Lambda CFT / deploy (push) Failing after 1s
This commit is contained in:
parent
f6d4ade4b5
commit
f9ef010c34
1 changed files with 14 additions and 8 deletions
|
|
@ -8,6 +8,11 @@ on:
|
|||
jobs:
|
||||
deploy:
|
||||
runs-on: nas-safe
|
||||
env:
|
||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
|
||||
AWS_DEFAULT_REGION: ${{ secrets.LOWER }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
|
@ -26,23 +31,24 @@ jobs:
|
|||
fi
|
||||
aws --version
|
||||
|
||||
- name: Check required AWS secrets
|
||||
run: |
|
||||
for v in AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_DEFAULT_REGION; do
|
||||
if [ -z "${!v}" ]; then
|
||||
echo "Missing required secret/env: $v"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
- name: Verify AWS identity
|
||||
env:
|
||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
AWS_DEFAULT_REGION: ${{ secrets.LOWER }}
|
||||
run: aws sts get-caller-identity
|
||||
|
||||
- name: Validate CFT
|
||||
env:
|
||||
AWS_DEFAULT_REGION: ${{ secrets.LOWER }}
|
||||
run: |
|
||||
aws cloudformation validate-template \
|
||||
--template-body file://infra/hello-lambda.yml
|
||||
|
||||
- name: Deploy CFT
|
||||
env:
|
||||
AWS_DEFAULT_REGION: ${{ secrets.LOWER }}
|
||||
run: |
|
||||
aws cloudformation deploy \
|
||||
--stack-name hello-lambda-stack \
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue