Skip to content

Commit bf0ae9e

Browse files
bnusunnybnusunny
authored
Optimize GitHub actions (#338)
* Optimize GitHub Actions workflow * Update the pipeline.yaml * Update the pipeline.yaml * Update the pipeline.yaml * Update the pipeline.yaml * Update the pipeline.yaml * Run to e2e for pull requests * Update aws-actions/configure-aws-credentials to v4 * Update aws-actions/configure-aws-credentials to v4 * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Use GitHub OIDC provider for auth * Only run test and build jobs on a new pull request * Correct the regions for assume roles
1 parent 6730ac7 commit bf0ae9e

File tree

1 file changed

+9
-12
lines changed

1 file changed

+9
-12
lines changed

.github/workflows/pipeline.yaml

Lines changed: 9 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -139,9 +139,6 @@ jobs:
139139
if: ${{ github.ref == 'refs/heads/main' || github.event_name == 'release' }}
140140
needs: [ build ]
141141
runs-on: ubuntu-20.04
142-
permissions:
143-
id-token: write
144-
contents: read
145142
steps:
146143
- uses: actions/checkout@v3
147144
- uses: actions/setup-python@v4
@@ -503,7 +500,7 @@ jobs:
503500
- name: Assume the github runner role
504501
uses: aws-actions/configure-aws-credentials@v4
505502
with:
506-
aws-region: ${{ env.BETA_REGION }}
503+
aws-region: ${{ matrix.region }}
507504
role-to-assume: ${{ env.GITHUB_RUNNER_ROLE }}
508505

509506
- name: Assume the gamma pipeline user role
@@ -576,7 +573,7 @@ jobs:
576573
- name: Assume the github runner role
577574
uses: aws-actions/configure-aws-credentials@v4
578575
with:
579-
aws-region: ${{ env.BETA_REGION }}
576+
aws-region: ${{ matrix.region }}
580577
role-to-assume: ${{ env.GITHUB_RUNNER_ROLE }}
581578

582579
- name: Assume the prod pipeline user role
@@ -649,7 +646,7 @@ jobs:
649646
- name: Assume the github runner role
650647
uses: aws-actions/configure-aws-credentials@v4
651648
with:
652-
aws-region: ${{ env.BETA_REGION }}
649+
aws-region: ${{ matrix.region }}
653650
role-to-assume: ${{ env.GITHUB_RUNNER_CHINA_ROLE }}
654651

655652
- name: Assume the china pipeline user role
@@ -724,7 +721,7 @@ jobs:
724721
- name: Assume the github runner role
725722
uses: aws-actions/configure-aws-credentials@v4
726723
with:
727-
aws-region: ${{ env.BETA_REGION }}
724+
aws-region: ${{ matrix.region }}
728725
role-to-assume: ${{ env.GITHUB_RUNNER_CHINA_ROLE }}
729726

730727
- name: Assume the china pipeline user role
@@ -809,7 +806,7 @@ jobs:
809806
- name: Assume the github runner role
810807
uses: aws-actions/configure-aws-credentials@v4
811808
with:
812-
aws-region: ${{ env.BETA_REGION }}
809+
aws-region: ${{ matrix.region }}
813810
role-to-assume: ${{ env.GITHUB_RUNNER_ROLE }}
814811

815812
- name: Assume the gamma pipeline user role
@@ -887,7 +884,7 @@ jobs:
887884
- name: Assume the github runner role
888885
uses: aws-actions/configure-aws-credentials@v4
889886
with:
890-
aws-region: ${{ env.BETA_REGION }}
887+
aws-region: ${{ matrix.region }}
891888
role-to-assume: ${{ env.GITHUB_RUNNER_ROLE }}
892889

893890

@@ -966,7 +963,7 @@ jobs:
966963
- name: Assume the github runner role
967964
uses: aws-actions/configure-aws-credentials@v4
968965
with:
969-
aws-region: ${{ env.BETA_REGION }}
966+
aws-region: ${{ matrix.region }}
970967
role-to-assume: ${{ env.GITHUB_RUNNER_CHINA_ROLE }}
971968

972969
- name: Assume the china pipeline user role
@@ -1046,7 +1043,7 @@ jobs:
10461043
- name: Assume the github runner role
10471044
uses: aws-actions/configure-aws-credentials@v4
10481045
with:
1049-
aws-region: ${{ env.BETA_REGION }}
1046+
aws-region: ${{ matrix.region }}
10501047
role-to-assume: ${{ env.GITHUB_RUNNER_CHINA_ROLE }}
10511048

10521049
- name: Assume the china pipeline user role
@@ -1108,7 +1105,7 @@ jobs:
11081105
- name: Assume the github runner role
11091106
uses: aws-actions/configure-aws-credentials@v4
11101107
with:
1111-
aws-region: ${{ env.BETA_REGION }}
1108+
aws-region: ${{ env.PROD_ECR_REGION }}
11121109
role-to-assume: ${{ env.GITHUB_RUNNER_ROLE }}
11131110

11141111
- name: Assume the prod pipeline user role

0 commit comments

Comments
 (0)