modernisation-platform icon indicating copy to clipboard operation
modernisation-platform copied to clipboard

Published 20 hours ago verified publisher icon ministryofjustice

Update sprinkler actions workflow to test OIDC

Open davidkelliott opened this issue 2 years ago • 1 comments

User Story

Update the sprinkler github actions workflow file to use the new OIDC provider to test this works before rolling out to other accounts.

https://github.com/ministryofjustice/modernisation-platform-environments/blob/main/.github/workflows/sprinkler.yml

See branch here for spike implementation - https://github.com/ministryofjustice/modernisation-platform-environments/blob/features/oidc/.github/workflows/sprinkler.yml

And readme here - https://github.com/ministryofjustice/modernisation-platform/files/9140446/open-id-connect-with-terraform.md

Both the plan and apply jobs should be updated to use the OIDC provider, and the AWS credentials removed from the environment variables.

User Type(s)

Member users using the workflow

Value

Allows credentials to be replaced with the OIDC provider temporary credentials for more secure actions.

Questions / Assumptions / Hypothesis

Definition of done

  • [ ] update the workflow file
  • [ ] another team member has reviewed

Reference

How to write good user stories

davidkelliott avatar Jul 20 '22 11:07 davidkelliott

https://github.com/ministryofjustice/modernisation-platform/issues/1975

davidkelliott avatar Jul 21 '22 10:07 davidkelliott

https://github.com/ministryofjustice/modernisation-platform-environments/pull/874 Actions and files updated here

davidkelliott avatar Sep 22 '22 13:09 davidkelliott