From 6853c39c0037b479ab6f6ba4c469e3ea46815304 Mon Sep 17 00:00:00 2001 From: Chris Banks Date: Fri, 21 Jun 2024 10:43:09 +0100 Subject: [PATCH] Use the per-repo IAM role names for push to ECR. https://github.com/alphagov/govuk-infrastructure/pull/1350 --- .github/workflows/build-and-push-image.yml | 6 +++--- .github/workflows/build-and-push-multiarch-image.yml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-push-image.yml b/.github/workflows/build-and-push-image.yml index 2aa61480c..86ef8b784 100644 --- a/.github/workflows/build-and-push-image.yml +++ b/.github/workflows/build-and-push-image.yml @@ -39,11 +39,11 @@ jobs: show-progress: false - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4.0.1 + uses: aws-actions/configure-aws-credentials@v4 with: - role-to-assume: "arn:aws:iam::172025368201:role/github_action_ecr_push" + role-to-assume: arn:aws:iam::172025368201:role/github_action_ecr_push_${{ github.event.repository.name }} aws-region: eu-west-1 - role-session-name: ecr-push + role-session-name: ecr-push-${{ github.event.repository.name }} - name: Login to Amazon ECR id: login-ecr diff --git a/.github/workflows/build-and-push-multiarch-image.yml b/.github/workflows/build-and-push-multiarch-image.yml index 6de147f23..1bfdab15a 100644 --- a/.github/workflows/build-and-push-multiarch-image.yml +++ b/.github/workflows/build-and-push-multiarch-image.yml @@ -72,9 +72,9 @@ jobs: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 with: - role-to-assume: "arn:aws:iam::172025368201:role/github_action_ecr_push" + role-to-assume: arn:aws:iam::172025368201:role/github_action_ecr_push_${{ github.event.repository.name }} aws-region: eu-west-1 - role-session-name: ecr-push + role-session-name: ecr-push-${{ github.event.repository.name }} - name: Login to Amazon ECR id: login-ecr