issues
search
HathorNetwork
/
hathor-explorer-service
MIT License
1
stars
3
forks
source link
ci: setup IAM Roles and AWS Secrets Manager integration
#329
Closed
luislhl
closed
1 month ago
luislhl
commented
2 months ago
Acceptance Criteria
Stop using secrets stored in Github, and get them from AWS Secrets Manager
Create a separate Composite Actions and a Reusable Workflow to be reused in jobs:
setup-python
and
deploy-reusable
Use
https://github.com/aws-actions/configure-aws-credentials
to get temporary AWS Credentials for the job, instead of using permanent credentials stored in Github. The roles that will be assumed by Github Actions for this are being created in
https://github.com/HathorNetwork/ops-tools/pull/872
TODO
[x] Remove the secrets from Github
Security Checklist
[ ] Make sure you do not include new dependencies in the project unless strictly necessary and do not include dev-dependencies as production ones. More dependencies increase the possibility of one of them being hijacked and affecting us.
Acceptance Criteria
setup-python
anddeploy-reusable
TODO
Security Checklist