From 6f328a6c08167ef069dc58ecab3975b4ec0bb5f7 Mon Sep 17 00:00:00 2001
From: ben-harvey <benjaminriderharvey@gmail.com>
Date: Thu, 25 Apr 2024 13:55:22 -0400
Subject: [PATCH] fail assuming DSO role

---
 action.yml | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/action.yml b/action.yml
index 6103e2c..6906e09 100644
--- a/action.yml
+++ b/action.yml
@@ -50,13 +50,11 @@ runs:
         steps.run-command.outputs.start-time != '' &&
         inputs.oidc-role != ''
       continue-on-error: true # allow the job to succeed when this and subsequent steps fail. that way we don't block the calling workflow by failing this action when the command succceeds but one of our steps fails
-      # uses: aws-actions/configure-aws-credentials@v4
-      # with:
-      #   role-to-assume: ${{ inputs.oidc-role}}
-      #   role-session-name: ${{ inputs.oidc-role-session-name }}
-      #   aws-region: ${{ inputs.aws-region }}
-      shell: bash
-      run: exit 1
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-to-assume: ${{ inputs.oidc-role}}
+        role-session-name: ${{ inputs.oidc-role-session-name }}
+        aws-region: ${{ inputs.aws-region }}
 
     - name: Warn on failure
       if: ${{ !cancelled() && steps.get-oidc-creds.outcome == 'failure' }}
@@ -71,13 +69,15 @@ runs:
         steps.run-command.outputs.start-time != '' &&
         (inputs.oidc-role != '' && steps.get-oidc-creds.outcome == 'success')
       continue-on-error: true
-      uses: aws-actions/configure-aws-credentials@v4
-      with:
-        role-to-assume: arn:aws:iam::${{ inputs.aws-account-id}}:role/delegatedadmin/developer/ct-cmcs-mac-fc-dso-metrics-report-events-role
-        role-session-name: ${{ inputs.oidc-role-session-name }}
-        aws-region: ${{ inputs.aws-region }}
-        role-chaining: true
-        role-skip-session-tagging: true
+      # uses: aws-actions/configure-aws-credentials@v4
+      # with:
+      #   role-to-assume: arn:aws:iam::${{ inputs.aws-account-id}}:role/delegatedadmin/developer/ct-cmcs-mac-fc-dso-metrics-report-events-role
+      #   role-session-name: ${{ inputs.oidc-role-session-name }}
+      #   aws-region: ${{ inputs.aws-region }}
+      #   role-chaining: true
+      #   role-skip-session-tagging: true
+      shell: bash
+      run: exit 1
 
     - name: Warn on failure
       if: ${{ !cancelled() && steps.assume-dso-role.outcome == 'failure' }}