fix(prod): adding in production roles

Pocket · Aug 20, 2024 · be9fa9e · be9fa9e
1 parent a71d77d
commit be9fa9e
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 18 deletions.
diff --git a/.github/workflows/reuse-build-and-push-image.yml b/.github/workflows/reuse-build-and-push-image.yml
@@ -106,8 +106,7 @@ jobs:
           uses: aws-actions/configure-aws-credentials@v4
           with:
             aws-region: us-east-1
-            # TODO: Change this to the right roles when setup
-            role-to-assume: arn:aws:iam::410318598490:role/GithubTesting-Daniel
+            role-to-assume: arn:aws:iam::410318598490:role/PocketGHARole
         - name: Build and Push Development Docker Image
           id: dev-docker-build
           uses: ./.github/actions/containerize
@@ -143,13 +142,11 @@ jobs:
           uses: actions/download-artifact@v4
           with:
               name: ${{inputs.archive-download-name}}
-        # Get the AWS credentials
         - name: AWS Credentials
           uses: aws-actions/configure-aws-credentials@v4
           with:
             aws-region: us-east-1
-            # TODO: Change this to the right roles when setup
-            role-to-assume: arn:aws:iam::410318598490:role/GithubTesting-Daniel
+            role-to-assume: arn:aws:iam::996905175585:role/PocketGHARole
         - name: Build and Push Production Docker Image
           id: prod-docker-build
           uses: ./.github/actions/containerize

diff --git a/.github/workflows/reuse-build-and-push-lambda.yml b/.github/workflows/reuse-build-and-push-lambda.yml
@@ -60,7 +60,6 @@ jobs:
             scope: ${{inputs['scope']}}
             s3-key: ${{ inputs.s3-key }}
 
-# TODO: These need to request AWS ECR Credentials to push the Docker Image
     development:
       if: github.ref == 'refs/heads/dev'
       runs-on: ubuntu-latest
@@ -71,8 +70,7 @@ jobs:
           uses: aws-actions/configure-aws-credentials@v4
           with:
             aws-region: us-east-1
-            # TODO: Change this to the right roles when setup
-            role-to-assume: arn:aws:iam::410318598490:role/GithubTesting-Daniel       
+            role-to-assume: arn:aws:iam::410318598490:role/PocketGHARole
         - name: Build Lambda
           uses: ./.github/actions/build-lambda
           with:
@@ -101,8 +99,7 @@ jobs:
           uses: aws-actions/configure-aws-credentials@v4
           with:
             aws-region: us-east-1
-            # TODO: Change this to the right roles when setup
-            role-to-assume: arn:aws:iam::410318598490:role/GithubTesting-Daniel
+            role-to-assume: arn:aws:iam::996905175585:role/PocketGHARole
         - name: Build Lambda
           uses: ./.github/actions/build-lambda
           with:

diff --git a/.github/workflows/reuse-infrastructure.yml b/.github/workflows/reuse-infrastructure.yml
@@ -39,16 +39,15 @@ jobs:
           uses: aws-actions/configure-aws-credentials@v4
           with:
             aws-region: us-east-1
-            # TODO: Change this to the right roles when setup
-            role-to-assume: arn:aws:iam::410318598490:role/GithubTesting-Daniel
+            role-to-assume: arn:aws:iam::996905175585:role/PocketGHARole
         - name: Execute CDKTF
           if: inputs.raw-terraform == false
           uses: ./.github/actions/cdktf
           with:
             stack-output-path: ${{inputs['stack-output-path']}}
             scope: ${{inputs['scope']}}
             # TODO: Change this to production when ready
-            environment: development #production
+            environment: production
             behavior: plan
             github-token: ${{ secrets.GITHUB_TOKEN }}
             pagerduty-token: ${{ secrets.PAGERDUTY_TOKEN }}
@@ -61,7 +60,7 @@ jobs:
             stack-output-path: ${{inputs['stack-output-path']}}
             scope: ${{inputs['scope']}}
             # TODO: Change this to production when ready
-            environment: development #production
+            environment: production
             behavior: plan
             github-token: ${{ secrets.GITHUB_TOKEN }}
             pagerduty-token: ${{ secrets.PAGERDUTY_TOKEN }}
@@ -80,15 +79,13 @@ jobs:
           uses: aws-actions/configure-aws-credentials@v4
           with:
             aws-region: us-east-1
-            # TODO: Change this to the right roles when setup
-            role-to-assume: arn:aws:iam::410318598490:role/GithubTesting-Daniel   
+            role-to-assume: arn:aws:iam::410318598490:role/PocketGHARole
         - name: Production AWS Credentials
           if: github.ref == 'refs/heads/main' 
           uses: aws-actions/configure-aws-credentials@v4
           with:
             aws-region: us-east-1
-            # TODO: Change this to the right roles when setup
-            role-to-assume: arn:aws:iam::410318598490:role/GithubTesting-Daniel      
+            role-to-assume: arn:aws:iam::996905175585:role/PocketGHARole
         - name: Execute Development CDKTF
           if: inputs.raw-terraform == false && github.ref == 'refs/heads/dev'
           uses: ./.github/actions/cdktf