From b94523def66bc2cf6519f2f328f47b5301c0d91d Mon Sep 17 00:00:00 2001
From: Andrew Hsu <xuzuan@gmail.com>
Date: Tue, 11 Jun 2024 21:52:35 -0500
Subject: [PATCH] gha: fix backport-command type-branch job to retrieve aws sm
 token

There are 2 jobs defined in this file and initially access to AWS SM was
added to just the first one. This commit adds it to the second job,
"type-branch", as well since it needs to also access secret.

(cherry picked from commit 1f020af34af28f7ea42f98c401c8062ab212d436)
---
 .github/workflows/backport-command.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/.github/workflows/backport-command.yml b/.github/workflows/backport-command.yml
index e02c7456a80b4..eab81d0c7f152 100644
--- a/.github/workflows/backport-command.yml
+++ b/.github/workflows/backport-command.yml
@@ -78,6 +78,20 @@ jobs:
       - name: checkout
         uses: actions/checkout@v4
 
+      - name: configure aws credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_SM_READONLY_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SM_READONLY_SECRET_ACCESS_KEY }}
+          aws-region: us-west-2
+
+      - name: get secrets from aws sm
+        uses: aws-actions/aws-secretsmanager-get-secrets@v2
+        with:
+          secret-ids: |
+            ,sdlc/prod/github/actions_bot_token
+          parse-json-secrets: true
+
       - name: Get user
         env:
           GITHUB_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }}