Using full path to file #20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: AWS Auth + Welcome Email | |
on: | |
push: | |
branches: | |
- 'test_userpool_creation' | |
paths: | |
'**.json' | |
env: | |
AWS_ACCT_ID: ${{ secrets.AWS_ACCT_ID }} | |
AWS_REGION : 'us-west-2' | |
IAM_ROLE: ${{ secrets.ROLE_NAME }} | |
permissions: | |
id-token: write | |
contents: read | |
jobs: | |
changed_files: | |
runs-on: ubuntu-latest # windows-latest || macos-latest | |
name: Test changed-files | |
outputs: | |
config-file-name: ${{ steps.config-file-name.outputs.CONFIG_FILE}} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # OR "2" -> To retrieve the preceding commit. | |
- name: Get changed files | |
id: get-changed-files | |
uses: tj-actions/changed-files@v40 | |
# NOTE: `since_last_remote_commit: true` is implied by default and falls back to the previous local commit. | |
- name: List all changed files | |
id: config-file-name | |
run: | | |
for file in ${{ steps.get-changed-files.outputs.all_changed_files }}; do | |
if [[ "$file" == *nrel-op.json ]]; then | |
echo "The name of the config file is: ${file}." | |
echo "CONFIG_FILE=${file}" >> "$GITHUB_OUTPUT" | |
fi | |
done | |
AssumeRoleAndCallIdentity: | |
name: AWS Authentication + Sending Welcome Email | |
needs: changed_files | |
if: always() | |
runs-on: ubuntu-latest | |
steps: | |
- name: Git clone the repository | |
uses: actions/checkout@v3 | |
- name: configure aws credentials | |
uses: aws-actions/[email protected] | |
with: | |
role-to-assume: arn:aws:iam::${{ env.AWS_ACCT_ID }}:role/${{ env.IAM_ROLE }} | |
role-session-name: GitHub_to_AWS_via_FederatedOIDC | |
aws-region: ${{ env.AWS_REGION }} | |
# Hello from AWS: WhoAmI | |
- name: Sts GetCallerIdentity | |
run: | | |
aws sts get-caller-identity --debug | |
- name: Install Boto3 | |
run: pip install boto3 | |
- name: Run email-config.py | |
run: python email_automation/email-config.py -g ${{ needs.changed_files.outputs.config-file-name }} |