diff --git a/.github/actions/README.md b/.github/actions/README.md deleted file mode 100644 index d7ff0c92c..000000000 --- a/.github/actions/README.md +++ /dev/null @@ -1 +0,0 @@ -### Reusable workflows \ No newline at end of file diff --git a/.github/actions/aws-oidc/action.yml b/.github/actions/aws-oidc/action.yml deleted file mode 100644 index 5b8130c13..000000000 --- a/.github/actions/aws-oidc/action.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: aws oidc auth -description: | - Get aws oidc auth. -inputs: - role-to-assume: - description: "AWS IAM Role to assume" - required: true - region: - description: "AWS Region" - required: true -runs: - using: "composite" # required for multiple AWS iam role assume else will return error - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: ${{ inputs.region }} - role-to-assume: ${{ inputs.role-to-assume }} - role-session-name: GitHubActions-${{ github.run_id }} - role-duration-seconds: 900 # minimum: 900sec, maximum: iam role session duration - env: - AWS_ACCESS_KEY_ID: "" - AWS_SECRET_ACCESS_KEY: "" - AWS_SESSION_TOKEN: "" - AWS_DEFAULT_REGION: "" - AWS_REGION: "" - - name: get-caller-identity is allowed to run on role. - run: aws sts get-caller-identity - shell: bash diff --git a/.github/workflows/create-tag.yml b/.github/workflows/create-tag.yml index d886404c3..449ba878b 100644 --- a/.github/workflows/create-tag.yml +++ b/.github/workflows/create-tag.yml @@ -83,7 +83,7 @@ jobs: echo "::add-mask::$CENTRALIZED" echo "CENTRALIZED=$CENTRALIZED" >> $GITHUB_OUTPUT - name: Configure AWS Credentials from Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-aus-appv3.yml b/.github/workflows/p2-aus-appv3.yml index 025195015..e86f2f91c 100644 --- a/.github/workflows/p2-aus-appv3.yml +++ b/.github/workflows/p2-aus-appv3.yml @@ -127,7 +127,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -151,7 +151,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 P2AUS ################################################ - name: Configure AWS Credentials from p2 AUS account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2AUS }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -246,7 +246,7 @@ jobs: # AWS P2AUS ACCOUNT STEPS BELOW US-EAST-1 FOR LAMBDA@EDGE ########################################################## - name: Configure AWS Credentials from p2 AUS account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2AUS }}:role/github-restricted-role-to-assume region: us-east-1 @@ -292,7 +292,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 AUS ########################################################## - name: Configure AWS Credentials from p2 AUS account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2AUS }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-aus.yml b/.github/workflows/p2-aus.yml index 2f356cf58..a6edc87ac 100644 --- a/.github/workflows/p2-aus.yml +++ b/.github/workflows/p2-aus.yml @@ -115,7 +115,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -138,7 +138,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 AUS ################################################ - name: Configure AWS Credentials from p2 AUS account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2AUS }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-euk-appv3.yml b/.github/workflows/p2-euk-appv3.yml index 165cc8041..a49d0b7a6 100644 --- a/.github/workflows/p2-euk-appv3.yml +++ b/.github/workflows/p2-euk-appv3.yml @@ -127,7 +127,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ap-southeast-2 @@ -151,7 +151,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 P2EUK ################################################ - name: Configure AWS Credentials from p2 EUK account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2EUK }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -246,7 +246,7 @@ jobs: # AWS P2EUK ACCOUNT STEPS BELOW US-EAST-1 FOR LAMBDA@EDGE ########################################################## - name: Configure AWS Credentials from p2 euk account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2EUK }}:role/github-restricted-role-to-assume region: us-east-1 @@ -292,7 +292,7 @@ jobs: # AWS P2EUK ACCOUNT STEPS BELOW eu-west-2 ########################################################## - name: Configure AWS Credentials from p2 euk account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2EUK }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-euk.yml b/.github/workflows/p2-euk.yml index 64192f4bc..4a48f04f2 100644 --- a/.github/workflows/p2-euk.yml +++ b/.github/workflows/p2-euk.yml @@ -115,7 +115,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ap-southeast-2 @@ -138,7 +138,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 EUK ################################################ - name: Configure AWS Credentials from p2 EUK account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2EUK }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-prerelease-appv3.yml b/.github/workflows/p2-prerelease-appv3.yml index 462e8eeb6..f024a5267 100644 --- a/.github/workflows/p2-prerelease-appv3.yml +++ b/.github/workflows/p2-prerelease-appv3.yml @@ -130,7 +130,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -154,7 +154,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 P2PRERELEASE ################################################ - name: Configure AWS Credentials from p2 prerelease AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2PRERELEASE }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -249,7 +249,7 @@ jobs: # AWS P2PRERELEASE ACCOUNT STEPS BELOW US-EAST-1 FOR LAMBDA@EDGE ########################################################## - name: Configure AWS Credentials from p2 p2prerelease AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2PRERELEASE }}:role/github-restricted-role-to-assume region: us-east-1 @@ -295,7 +295,7 @@ jobs: # AWS P2PRERELEASE ACCOUNT STEPS BELOW ap-southeast-2 ########################################################## - name: Configure AWS Credentials from p2 p2prerelease AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2PRERELEASE }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-prerelease.yml b/.github/workflows/p2-prerelease.yml index 6b522cd88..c447b8edc 100644 --- a/.github/workflows/p2-prerelease.yml +++ b/.github/workflows/p2-prerelease.yml @@ -125,7 +125,7 @@ jobs: # AWS CLI CONFIGURATION - P1 MAIN ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -149,7 +149,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 PRERELEASE ################################################ - name: Configure AWS Credentials from p2 prerelease AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2PRERELEASE }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-sandbox-appv3.yml b/.github/workflows/p2-sandbox-appv3.yml index 6787458f8..ce2cfacdd 100644 --- a/.github/workflows/p2-sandbox-appv3.yml +++ b/.github/workflows/p2-sandbox-appv3.yml @@ -130,7 +130,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -154,7 +154,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 P2SANDBOX ################################################ - name: Configure AWS Credentials from p2 sandbox AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2SANDBOX }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -244,7 +244,7 @@ jobs: # AWS P2SANDBOX ACCOUNT STEPS BELOW US-EAST-1 FOR LAMBDA@EDGE ########################################################## - name: Configure AWS Credentials from p2 p2sandbox AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2SANDBOX }}:role/github-restricted-role-to-assume region: us-east-1 @@ -290,7 +290,7 @@ jobs: # AWS P2SANDBOX ACCOUNT STEPS BELOW ap-southeast-2 ########################################################## - name: Configure AWS Credentials from p2 p2sandbox AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2SANDBOX }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-sandbox.yml b/.github/workflows/p2-sandbox.yml index c69a6a18e..a80330726 100644 --- a/.github/workflows/p2-sandbox.yml +++ b/.github/workflows/p2-sandbox.yml @@ -111,7 +111,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from CENTRALIZED Account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -134,7 +134,7 @@ jobs: # AWS CLI CONFIGURATION - P2SANDBOX ACCOUNT ################################################ - name: Configure AWS Credentials from P2SANDBOX Account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2SANDBOX }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-stage-appv3.yml b/.github/workflows/p2-stage-appv3.yml index 8f65bc3de..f56ef117d 100644 --- a/.github/workflows/p2-stage-appv3.yml +++ b/.github/workflows/p2-stage-appv3.yml @@ -131,7 +131,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -155,7 +155,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 P2STAGE ################################################ - name: Configure AWS Credentials from p2 stage AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2STAGE }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -250,7 +250,7 @@ jobs: # AWS P2STAGE ACCOUNT STEPS BELOW US-EAST-1 FOR LAMBDA@EDGE ########################################################## - name: Configure AWS Credentials from p2 p2stage AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2STAGE }}:role/github-restricted-role-to-assume region: us-east-1 @@ -296,7 +296,7 @@ jobs: # AWS P2STAGE ACCOUNT STEPS BELOW ap-southeast-2 ########################################################## - name: Configure AWS Credentials from p2 p2stage AU account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2STAGE }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-stage.yml b/.github/workflows/p2-stage.yml index 1a12eacf7..9b7479644 100644 --- a/.github/workflows/p2-stage.yml +++ b/.github/workflows/p2-stage.yml @@ -113,7 +113,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from CENTRALIZED Account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -137,7 +137,7 @@ jobs: # AWS CLI CONFIGURATION - P2STAGE ACCOUNT ################################################ - name: Configure AWS Credentials from P2STAGE Account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2STAGE }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-usa-appv3.yml b/.github/workflows/p2-usa-appv3.yml index cf9f952d2..6e9d756fd 100644 --- a/.github/workflows/p2-usa-appv3.yml +++ b/.github/workflows/p2-usa-appv3.yml @@ -127,7 +127,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ap-southeast-2 @@ -151,7 +151,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 P2USA ################################################ - name: Configure AWS Credentials from p2 USA account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2USA }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} @@ -246,7 +246,7 @@ jobs: # AWS P2USA ACCOUNT STEPS BELOW US-EAST-1 FOR LAMBDA@EDGE ########################################################## - name: Configure AWS Credentials from p2 USA account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2USA }}:role/github-restricted-role-to-assume region: us-east-1 @@ -292,7 +292,7 @@ jobs: # AWS P2USA ACCOUNT STEPS BELOW ########################################################## - name: Configure AWS Credentials from p2 USA account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2USA }}:role/github-restricted-role-to-assume region: ${{ env.REGION }} diff --git a/.github/workflows/p2-usa.yml b/.github/workflows/p2-usa.yml index bf85af9dd..2a364bbd1 100644 --- a/.github/workflows/p2-usa.yml +++ b/.github/workflows/p2-usa.yml @@ -116,7 +116,7 @@ jobs: # AWS CLI CONFIGURATION - CENTRALIZED ACCOUNT ################################################ - name: Configure AWS Credentials from P1 Centralized account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.CENTRALIZED }}:role/github-restricted-role-to-assume region: ap-southeast-2 @@ -139,7 +139,7 @@ jobs: # AWS CLI CONFIGURATION - DEVOPS P2 P2USA ################################################ - name: Configure AWS Credentials from p2 P2USA account - uses: ./.github/actions/aws-oidc + uses: intersective/devops-infrastructure-common/workflows/aws-oidc@release/live with: role-to-assume: arn:aws:iam::${{ steps.AWS_ORG.outputs.P2USA }}:role/github-restricted-role-to-assume region: ${{ env.REGION }}