Skip to content

Commit

Permalink
getting to learn GitHub actions secret management
Browse files Browse the repository at this point in the history
  • Loading branch information
@izaim
izaim committed Mar 26, 2024
1 parent a8b72cb commit abddaa0
Showing 1 changed file with 9 additions and 15 deletions.
24 changes: 9 additions & 15 deletions .github/workflows/test_coverage_with_tokens.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,22 +38,16 @@ jobs:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
COGNITO_INIT: ${{ secrets.COGNITO_INIT }}
COGNITO_USER_POOL_ID: ${{ secrets.COGNITO_USER_POOL_ID }}
COGNITO_CLIENT_ID: ${{ secrets.COGNITO_CLIENT_ID }}
COGNITO_AUTH_FLOW: ${{ secrets.COGNITO_AUTH_FLOW }}
COGNITO_USERNAME: ${{ secrets.COGNITO_USERNAME }}
COGNITO_PASSWORD: ${{ secrets.COGNITO_PASSWORD }}


run: |
echo $COGNITO_USER_POOL_ID
echo "$COGNITO_USER_POOL_ID"
echo ${{ secrets.COGNITO_USER_POOL_ID }}
echo "${{ secrets.COGNITO_USER_POOL_ID }}"
pip install awscli
OUTPUT=$(aws cognito-idp "$COGNITO_INIT" --user-pool-id "$COGNITO_USER_POOL_ID" --client-id "$COGNITO_CLIENT_ID" --auth-flow "$COGNITO_AUTH_FLOW" --auth-parameters USERNAME="$COGNITO_USERNAME",PASSWORD="$COGNITO_PASSWORD")
export ACCESS_TOKEN=$(echo "$OUTPUT" | jq -r '.AuthenticationResult.AccessToken' | sed 's/^"\(.*\)"$/\1/')
export ID_TOKEN=$(echo "$OUTPUT" | jq -r '.AuthenticationResult.IdToken' | sed 's/^"\(.*\)"$/\1/')
OUTPUT=$(aws cognito-idp "${{ secrets.COGNITO_INIT }}" --user-pool-id "${{ secrets.COGNITO_USER_POOL_ID }}" --client-id "${{ secrets.COGNITO_CLIENT_ID }}" --auth-flow "${{ secrets.COGNITO_AUTH_FLOW }}" --auth-parameters USERNAME="${{ secrets.COGNITO_USERNAME }}",PASSWORD=${{ secrets.COGNITO_PASSWORD }})
ACCESS_TOKEN=$(echo "$OUTPUT" | jq -r '.AuthenticationResult.AccessToken' | sed 's/^"\(.*\)"$/\1/')
EXPIRES=$(echo "$OUTPUT" | jq -r '.AuthenticationResult.ExpiresIn' | sed 's/^"\(.*\)"$/\1/')
ID_TOKEN=$(echo "$OUTPUT" | jq -r '.AuthenticationResult.IdToken' | sed 's/^"\(.*\)"$/\1/')
echo $ACCESS_TOKEN
echo $EXPIRES
echo $ID_TOKEN
- name: Setup Python
uses: actions/setup-python@v4
Expand All @@ -72,4 +66,4 @@ jobs:
CRIPT_HOST: https://lb-stage.mycriptapp.org/
CRIPT_TOKEN: $ID_TOKEN
CRIPT_STORAGE_TOKEN: $ACCESS_TOKEN
CRIPT_TESTS: False
CRIPT_TESTS: False

0 comments on commit abddaa0

Please sign in to comment.