From f2b88ecd0f445beebd504d29cb886df86f04e37a Mon Sep 17 00:00:00 2001 From: J Blackman Date: Tue, 10 Oct 2023 13:51:06 +1100 Subject: [PATCH] Don't inherit secrets, pass as params (#3602) --- .github/workflows/app-build.yml | 12 ++++++++++-- .github/workflows/app-nightly.yml | 5 +++++ .github/workflows/app-weekly.yml | 5 +++++ 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/.github/workflows/app-build.yml b/.github/workflows/app-build.yml index d64c367f02..6737520e96 100644 --- a/.github/workflows/app-build.yml +++ b/.github/workflows/app-build.yml @@ -9,8 +9,16 @@ on: description: 'Specifies the path to use in the output of the build' required: false type: string - secrets: inherit - + secrets: + AWS_S3_BUCKET: + required: true + AWS_ACCESS_KEY_ID: + required: true + AWS_SECRET_ACCESS_KEY: + required: true + AWS_REGION: + required: true + jobs: test: name: Test diff --git a/.github/workflows/app-nightly.yml b/.github/workflows/app-nightly.yml index 73d2b6e652..c8b4f7aee4 100644 --- a/.github/workflows/app-nightly.yml +++ b/.github/workflows/app-nightly.yml @@ -10,3 +10,8 @@ jobs: uses: ./.github/workflows/app-build.yml with: path: 'nightly' + secrets: + AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.AWS_REGION }} diff --git a/.github/workflows/app-weekly.yml b/.github/workflows/app-weekly.yml index 4f0c5452d9..12eccc4036 100644 --- a/.github/workflows/app-weekly.yml +++ b/.github/workflows/app-weekly.yml @@ -10,3 +10,8 @@ jobs: uses: ./.github/workflows/app-build.yml with: path: 'weekly' + secrets: + AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.AWS_REGION }}