Uploaded image for project: 'Container Tools'
  1. Container Tools
  2. RUN-4145

Implement OIDC Authentication Steps in Workflow

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • RUN 284

      Update GitHub Actions YAML with OIDC permissions and AWS Auth Step Description: Modify the existing .github/workflows file to enable OpenID Connect (OIDC) authentication. This involves updating the job permissions and inserting the standard AWS authentication action to replace the legacy Cirrus logic.

      Tasks:

      • Locate the target job in the workflow YAML.
      • Add the required permissions block to the job:
        YAML
         
        permissions:
        id-token: write
        contents: read
      • Insert the aws-actions/configure-aws-credentials step before any build commands.
      • Configure the step to accept role-to-assume (we will use a variable reference here, e.g., ${{ secrets.AWS_ROLE_ARN }}{}).

      Acceptance Criteria:

      • [ ] Workflow syntax is valid and passes linting.
      • [ ] The permissions block is correctly correctly positioned at the job level.
      • [ ] The aws-actions/configure-aws-credentials step is present in the execution order.

              rh-ee-tizhou Tim Zhou
              rh-ee-tizhou Tim Zhou
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: