From d1e43d137a4d5ea6e93b1bddae7f47df44b8f0a6 Mon Sep 17 00:00:00 2001 From: Leonardo Pinho Date: Thu, 5 Dec 2024 12:26:44 -0300 Subject: [PATCH] ci: fix role assume, ssm parameter --- .../workflows/publish-posts-updated-gcp.yml | 33 ++++++++++++++++--- content/code-blocks.mdx | 2 +- content/prop-drilling.mdx | 2 +- content/react-debug-magic.mdx | 2 +- 4 files changed, 32 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish-posts-updated-gcp.yml b/.github/workflows/publish-posts-updated-gcp.yml index 2b743c9..1f81d73 100644 --- a/.github/workflows/publish-posts-updated-gcp.yml +++ b/.github/workflows/publish-posts-updated-gcp.yml @@ -25,8 +25,33 @@ jobs: - name: Install dependencies run: npm install gray-matter @google-cloud/pubsub - - name: Authenticate to Google Cloud - id: auth + - name: Authenticate to AWS using OIDC + id: aws-auth + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ secrets.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + # inline-session-policy: >- + # { + # "Version": "2012-10-17", + # "Statement": [ + # { + # "Sid": "SSMReadAccess", + # "Effect": "Allow", + # "Action": "ssm:GetParameter", + # "Resource": "arn:aws:ssm:*:${{ secrets.AWS_ACCOUNT_ID }}:parameter/${{ secrets.GCP_TOPIC_PARAMETER_PATH }}" + # } + # ] + # } + + - name: Fetch GCP Topic Name from SSM + id: fetch-topic-name + run: | + GCP_TOPIC_NAME=$(aws ssm get-parameter --name "${{ secrets.GCP_TOPIC_PARAMETER_PATH }}" --region ${{ secrets.AWS_REGION }} --query "Parameter.Value" --output text) + echo "GCP_TOPIC_NAME=$GCP_TOPIC_NAME" >> $GITHUB_ENV + + - name: Authenticate to Google Cloud using OIDC + id: gcp-auth uses: google-github-actions/auth@v2 with: project_id: ${{ secrets.GCP_PROJECT_ID }} @@ -47,6 +72,6 @@ jobs: - name: Publish updates to GCP env: GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} - GCP_TOPIC_NAME: ${{ secrets.GCP_TOPIC_NAME }} + GCP_TOPIC_NAME: ${{ env.GCP_TOPIC_NAME }} CHANGED_FILES: ${{ env.CHANGED_FILES }} - run: node github-actions-scripts/publish-post-update.js + run: node github-actions-scripts/publish-post-update.js \ No newline at end of file diff --git a/content/code-blocks.mdx b/content/code-blocks.mdx index f43f4ce..e496672 100644 --- a/content/code-blocks.mdx +++ b/content/code-blocks.mdx @@ -2,7 +2,7 @@ title: Lets see what we can do with rehype pretty code description: Syntax highlighting, line numbers, line highlights, word highlights date: 2024-03-04 -tags: ["code", "rehype pretty", "mdx"] +tags: ["code", "rehype pretty", "mdx", "kubernetes"] published: true --- diff --git a/content/prop-drilling.mdx b/content/prop-drilling.mdx index d01a7ca..bd481de 100644 --- a/content/prop-drilling.mdx +++ b/content/prop-drilling.mdx @@ -6,7 +6,7 @@ tags: ["code", "react", "props"] published: true --- -# Prop Drilling: The Horror Movie +# Prop Drilling: The Horror Movie testing In the shadowy depths of a complex React application, a horror story unfolds. Components, innocent and unsuspecting, find themselves ensnared in a terrifying ordeal known as prop drilling. This tale of suspense and survival will take you through the darkest corridors of React development. diff --git a/content/react-debug-magic.mdx b/content/react-debug-magic.mdx index e484ba8..a15cf5b 100644 --- a/content/react-debug-magic.mdx +++ b/content/react-debug-magic.mdx @@ -12,7 +12,7 @@ In the mystical land of React, where components render and state changes abound, ## The Spell for Revealing Hidden Bugs -Hidden bugs are like invisible sprites, causing mischief unseen. Use this spell to reveal them: +Hidden bugs are testing like invisible sprites, causing mischief unseen. Use this spell to reveal them: Ingredients: