@@ -8,19 +8,11 @@ permissions:
88 contents : read
99
1010env :
11- AWS_DEFAULT_REGION : us-east-1
1211 SAM_CLI_DEV : 1
1312 SAM_CLI_TELEMETRY : 0
1413 SAM_CLI_CONTAINER_CONNECTION_TIMEOUT : 60
15- NODE_VERSION : " 22.21.1"
16- AWS_S3 : " AWS_S3_TESTING"
17- AWS_ECR : " AWS_ECR_TESTING"
18- CARGO_LAMBDA_VERSION : " v0.17.1"
1914 NOSE_PARAMETERIZED_NO_WARN : 1
20- BY_CANARY : true
2115 UV_PYTHON : python3.11
22- CREDENTIAL_DISTRIBUTION_LAMBDA_ARN : ${{ secrets.CREDENTIAL_DISTRIBUTION_LAMBDA_ARN }}
23- ACCOUNT_RESET_LAMBDA_ARN : ${{ secrets.ACCOUNT_RESET_LAMBDA_ARN }}
2416
2517jobs :
2618 debug-layer-tests :
@@ -40,18 +32,14 @@ jobs:
4032 uses : aws-actions/configure-aws-credentials@v5
4133 with :
4234 role-to-assume : ${{ secrets.OIDC_ROLE_ARN }}
43- aws-region : us-east-1
35+ aws-region : us-west-2
4436
4537 - name : Set up Python
4638 uses : actions/setup-python@v6
4739 with :
4840 python-version : |
4941 3.11
5042 3.9
51- 3.10
52- 3.12
53- 3.13
54- 3.14
5543
5644name : Setup Docker runtime
5745 run : |
6452 - name : Initialize project
6553 run : make init
6654
67- - name : Get testing resources and credentials
68- run : |
69- test_env_var=$(python3.11 tests/get_testing_resources.py skip_role_deletion)
70-
71- if [ $? -ne 0 ]; then
72- test_env_var=$(python3.11 tests/get_testing_resources.py)
73- if [ $? -ne 0 ]; then
74- echo "Failed to acquire credentials or test resources."
75- exit 1
76- fi
77- fi
78-
79- echo "CI_ACCESS_ROLE_AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> $GITHUB_ENV
80- echo "CI_ACCESS_ROLE_AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> $GITHUB_ENV
81- echo "CI_ACCESS_ROLE_AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN" >> $GITHUB_ENV
82-
83- TEST_ACCESS_KEY_ID=$(echo "$test_env_var" | jq -j ".accessKeyID")
84- TEST_SECRET_ACCESS_KEY=$(echo "$test_env_var" | jq -j ".secretAccessKey")
85- TEST_SESSION_TOKEN=$(echo "$test_env_var" | jq -j ".sessionToken")
86- TEST_TASK_TOKEN=$(echo "$test_env_var" | jq -j ".taskToken")
87-
88- echo "::add-mask::$TEST_ACCESS_KEY_ID"
89- echo "::add-mask::$TEST_SECRET_ACCESS_KEY"
90- echo "::add-mask::$TEST_SESSION_TOKEN"
91- echo "::add-mask::$TEST_TASK_TOKEN"
92-
93- echo "AWS_ACCESS_KEY_ID=$TEST_ACCESS_KEY_ID" >> $GITHUB_ENV
94- echo "AWS_SECRET_ACCESS_KEY=$TEST_SECRET_ACCESS_KEY" >> $GITHUB_ENV
95- echo "AWS_SESSION_TOKEN=$TEST_SESSION_TOKEN" >> $GITHUB_ENV
96- echo "TASK_TOKEN=$TEST_TASK_TOKEN" >> $GITHUB_ENV
97-
98- echo "AWS_S3_TESTING=$(echo "$test_env_var" | jq -j ".TestBucketName")" >> $GITHUB_ENV
99- echo "AWS_ECR_TESTING=$(echo "$test_env_var" | jq -j ".TestECRURI")" >> $GITHUB_ENV
100- echo "AWS_KMS_KEY=$(echo "$test_env_var" | jq -j ".TestKMSKeyArn")" >> $GITHUB_ENV
101- echo "AWS_SIGNING_PROFILE_NAME=$(echo "$test_env_var" | jq -j ".TestSigningProfileName")" >> $GITHUB_ENV
102- echo "AWS_SIGNING_PROFILE_VERSION_ARN=$(echo "$test_env_var" | jq -j ".TestSigningProfileARN")" >> $GITHUB_ENV
103-
10455 - name : Login to Public ECR
10556 run : |
10657 aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
@@ -143,19 +94,3 @@ jobs:
14394 path : |
14495 full_test_output.log
14596 TEST_REPORT-integration-local-invoke-docker.json
146-
147- name : Reset test account
148- if : always()
149- run : |
150- export AWS_ACCESS_KEY_ID=$CI_ACCESS_ROLE_AWS_ACCESS_KEY_ID
151- export AWS_SECRET_ACCESS_KEY=$CI_ACCESS_ROLE_AWS_SECRET_ACCESS_KEY
152- export AWS_SESSION_TOKEN=$CI_ACCESS_ROLE_AWS_SESSION_TOKEN
153-
154- aws lambda invoke \
155- --function-name "$ACCOUNT_RESET_LAMBDA_ARN" \
156- --payload "{\"taskToken\": \"$TASK_TOKEN\", \"output\": \"{}\"}" \
157- ./lambda-output.txt \
158- --region us-west-2 \
159- --cli-binary-format raw-in-base64-out
160-
161- cat ./lambda-output.txt
0 commit comments