Skip to content

docs: enable AWS STS #9451

docs: enable AWS STS

docs: enable AWS STS #9451

Workflow file for this run

name: Pre-merge Checks
on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
branches-ignore: ["version-*"]
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_S3_ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_S3_SECRET_KEY }}
AWS_DEFAULT_REGION: us-east-1
APPZI_TOKEN: ${{ secrets.APPZI_TOKEN }}
FULLSTORY_ORGID: ${{ secrets.FULLSTORY_ORGID }}
ALGOLIA_ADMIN_KEY: ${{ secrets.ALGOLIA_ADMIN_KEY }}
ALGOLIA_APP_ID: ${{ secrets.ALGOLIA_APP_ID }}
ALGOLIA_SEARCH_KEY: ${{ secrets.ALGOLIA_SEARCH_KEY }}
ALGOLIA_INDEX_NAME: ${{ secrets.ALGOLIA_INDEX_NAME }}
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}
jobs:
run-ci:
# runs-on: ubuntu-latest
runs-on: ubuntu-latest
defaults:
run:
shell: bash
if: ${{ !github.event.pull_request.draft && github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' }}
steps:
# If the condition above is not met, aka, the PR is not in draft status, then this step is skipped.
# Because this step is part of the critical path, omission of this step will result in remaining CI steps not gettinge executed.
# As of 8/8/2022 there is now way to enforce this beahvior in GitHub Actions CI.
- run: exit 0
vale:
name: Writing Checks
needs: [run-ci]
uses: spectrocloud/spectro-vale-pkg/.github/workflows/vale.yml@main
prettier:
name: Check Code Formatting
needs: [run-ci]
runs-on: ubuntu-latest
steps:
- name: Retrieve Credentials
id: import-secrets
uses: hashicorp/[email protected]
with:
url: https://vault.prism.spectrocloud.com
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: /providers/github/organizations/spectrocloud/token?org_name=spectrocloud token | VAULT_GITHUB_TOKEN
- name: Checkout Repository
uses: actions/checkout@v4
with:
token: ${{ steps.import-secrets.outputs.VAULT_GITHUB_TOKEN }}
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: "20"
cache: "npm"
- run: npm ci
- name: Auto Format (Prettier)
run: make format
- name: Commit Changes
uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_message: "ci: auto-formatting prettier issues"
build:
name: Build
needs: [run-ci, prettier]
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: "20"
cache: "npm"
- run: npm ci
- name: Build
run: |
touch .env
make build-ci
- name: Build with cached packs
if: ${{ env.BUILD_EXIT_CODE == '5' }}
uses: ./.github/actions/build-cached-packs
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}