with statement for secrets

mtln · Oct 24, 2024 · 5cf75dc · 5cf75dc
1 parent b8c8f58
commit 5cf75dc
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 4 deletions.
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
@@ -16,4 +16,9 @@ jobs:
 
       # Run your local action file
       - name: Run local Quarto GHP Action
+        with:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_REGION: ${{ secrets.AWS_REGION }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_CLOUDFRONT_DISTRIBUTION_ID: $${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }}
         uses: ./quarto-ghp
diff --git a/quarto-ghp/action.yaml b/quarto-ghp/action.yaml
@@ -13,6 +13,22 @@ inputs:
     description: 'GitHub token'
     default: ${{ github.token }}
     required: false
+  aws_access_key_id :
+    description: 'AWS Access Key ID'
+    default: ${{ secrets.AWS_ACCESS_KEY_ID }}
+    required: false
+  aws_secret_access_key:
+    description: 'AWS Secret Access Key'
+    default: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    required: false
+  aws_region:
+    description: 'AWS Region'
+    default: ${{ secrets.AWS_REGION }}
+    required: false
+  aws_cloudfront_distribution_id:
+    description: 'AWS CloudFront Distribution ID'
+    default: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }}
+    required: false
   publish_branch:
     description: 'Branch name to publish docs to'
     required: false
@@ -80,14 +96,14 @@ runs:
 
     - name: Configure AWS Credentials
       run: |
-        aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws configure set region ${{ secrets.AWS_REGION }}
+        aws configure set aws_access_key_id ${{ inputs.aws_access_key_id }}
+        aws configure set aws_secret_access_key ${{ inputs.aws_secret_access_key }}
+        aws configure set region ${{ inputs.aws_region }}
 
     - name: Copy docs to S3
       run: |
         aws s3 cp ./_docs s3://matlon-website/ --recursive
 
     - name: Invalidate CloudFront Cache
       run: |
-        aws cloudfront create-invalidation --distribution-id $${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*"
+        aws cloudfront create-invalidation --distribution-id ${{ inputs.cloudfront_distribution_id }} --paths "/*"