build(deps): bump @aws-sdk/client-secrets-manager from 3.716.0 to 3.721.0 #751
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'build-test' | |
on: # rebuild any PRs and main branch changes | |
pull_request: | |
push: | |
branches: | |
- main | |
- 'releases/*' | |
jobs: | |
build: # make sure build/ci work properly | |
if: github.actor != 'dependabot[bot]' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set Node.js 16.x | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn install --frozen-lockfile | |
- name: Build | |
run: yarn all | |
test: # make sure the action works on a clean machine without building | |
if: github.actor != 'dependabot[bot]' | |
runs-on: ubuntu-latest | |
env: | |
AWS_ACCESS_KEY_ID: dummy | |
AWS_SECRET_ACCESS_KEY: dummy | |
AWS_REGION: us-east-1 | |
AWS_SECRETS_MANAGER_ENDPOINT_URL: http://localhost:4566 | |
services: | |
localstack: | |
image: localstack/localstack | |
env: | |
SERVICES: secretsmanager | |
ports: | |
- 4566:4566 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup some sample credentials | |
run: | | |
aws --endpoint-url="$AWS_SECRETS_MANAGER_ENDPOINT_URL" secretsmanager create-secret \ | |
--name mysecret --secret-string '{"SECRET_KEY":"SECRET_VALUE","SECRET_KEY2":"SECRET_VALUE2"}' | |
- name: Configure AWS Secrets Manager | |
id: secrets | |
uses: ./ | |
with: | |
secret-id: mysecret | |
exporters: env,output,file | |
- name: Check environment variables are set | |
run: | | |
if [ -z "$SECRET_KEY" ]; then | |
echo "SECRET_KEY is not set" | |
exit 1 | |
fi | |
if [ -z "$SECRET_KEY2" ]; then | |
echo "SECRET_KEY2 is not set" | |
exit 1 | |
fi | |
- name: Check output variables are set | |
run: | | |
if [ "${{ steps.secrets.outputs.SECRET_KEY }}" != "SECRET_VALUE" ]; then | |
echo "SECRET_KEY is not set" | |
exit 1 | |
fi | |
if [ "${{ steps.secrets.outputs.SECRET_KEY2 }}" != "SECRET_VALUE2" ]; then | |
echo "SECRET_KEY2 is not set" | |
exit 1 | |
fi | |
- name: Check file is set | |
run: | | |
EXPECTED_FILE_CONTENT="SECRET_KEY=SECRET_VALUE | |
SECRET_KEY2=SECRET_VALUE2" | |
IFS= read -rd '' ACTUAL_FILE_CONTENT < ./.env || true | |
if [ "$EXPECTED_FILE_CONTENT" != "$ACTUAL_FILE_CONTENT" ]; then | |
echo -e "Env file is not what was expected" | |
diff -u <(echo "$EXPECTED_FILE_CONTENT") <(echo "$ACTUAL_FILE_CONTENT") | |
exit 1 | |
fi |