From 9626d6ce5d45619e77d83b8b385462dbdff7715f Mon Sep 17 00:00:00 2001
From: Edison Pizarro <edison.pizarro.godoy@gmail.com>
Date: Wed, 6 Dec 2023 14:36:22 -0300
Subject: [PATCH] cd: use aws roles

---
 .github/workflows/deploy_dev.yml | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/deploy_dev.yml b/.github/workflows/deploy_dev.yml
index b15ce2a6..2d72f1ae 100644
--- a/.github/workflows/deploy_dev.yml
+++ b/.github/workflows/deploy_dev.yml
@@ -6,13 +6,10 @@ on:
 
 env:
   AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME_DEV }}
-  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
   AWS_CLOUDFRONT: ${{ secrets.AWS_CLOUDFRONT_ID_DEV }}
   NODE_ENV: staging
   APP_TITLE: ALeRCE Explorer - Staging Build
 
-
 jobs:
   publish:
     runs-on: ubuntu-latest
@@ -26,6 +23,14 @@ jobs:
       ZTF_DR_API_BASE_URL: ${{ secrets.ZTF_DR_API_BASE_URL }}
       USERS_API_BASE_URL: ${{ secrets.USERS_API_BASE_URL }}
     steps:
+      - name: Configure AWS credentials
+        id: creds
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_STAGING }}
+          aws-region: us-east-1
+          output-credentials: true
+          unset-current-credentials: true
       - uses: actions/checkout@v1
       - uses: actions/setup-node@v1
         with:
@@ -33,4 +38,3 @@ jobs:
       - run: npm install
       - run: npm run generate
       - run: npm run deploy
-