Brano Zarnovican

@jakejscott that command is giving a different fingerprint because you take the first cert of the chain, not the last as doc suggests. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html > If you see more than...

FYI, even after 12h+ since the change, I'm still getting two different cert chains from the same hostname. Simple test: ```bash while true; do echo | openssl s_client -servername token.actions.githubusercontent.com...

The issue was fixed some time ago ``` $ docker run -it --rm heartexlabs/label-studio:20250627.123412-ls-release-1-20-0-fb90125be find -name "botocore*-info" ./.venv/lib/python3.12/site-packages/botocore-1.31.58.dist-info ``` ``` $ docker run -it --rm heartexlabs/label-studio:20250722.104138-ls-release-1-21-0-631d17fb7 find -name "botocore*-info" ./.venv/lib/python3.12/site-packages/botocore-1.39.3.dist-info...

Your usecase can be workarounded with `regex()`. Replace last 6 chars ``` > "${regex("(.*).{6}$", "arn:aws:secretsmanager:us-east-1:123456789012:secret:path/to/secret-name-fbghts")[0]}??????" "arn:aws:secretsmanager:us-east-1:123456789012:secret:path/to/secret-name-??????" ``` Replace everything after the last "-" ``` > "${regex("(.*-).*$", "arn:aws:secretsmanager:us-east-1:123456789012:secret:path/to/secret-name-fbghts")[0]}??????" "arn:aws:secretsmanager:us-east-1:123456789012:secret:path/to/secret-name-??????" ``` Re:...