taf-auth v1.0.0

taf-auth

Service for fetching auth0 tokens for TAF API

Environments

Deploy to development and testing env

serverless

development - npm run sls:deploy:dev
testing - npm run sls:deploy:test

ecr

development - npm run docker:deploy:dev
testing - npm run docker:deploy:test

###How to use docker image in GHA pipeline

Images per taf env

Secrets name per taf env (use production)

How to use docker image in Drone or GHA

jobs:
  ecr-auth:
    name: Authenticate in ECR
    runs-on: ubuntu-latest
    timeout-minutes: 5
    outputs:
      ecr-password: ${{ steps.ecr-auth.outputs.pwd }}

    steps:
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ env.AWS_REGION }}
          role-to-assume: ${{ env.ROLE_TO_ASSUME }}

      - name: Login to ECR
        id: ecr-auth
        run: echo "::set-output name=pwd::$(aws ecr get-login-password)"

  taf-auth:
    name: Authenticate in TAF
    runs-on: ubuntu-latest
    timeout-minutes: 5
    needs: ecr-auth
    container:
      image: 707907454361.dkr.ecr.eu-central-1.amazonaws.com/taf-auth:latest
      credentials:
        username: AWS
        password: ${{ needs.ecr-auth.outputs.ecr-password }}
    env:
      GLOBAL_TAF_SECRET: ${{ secrets.GLOBAL_TAF_SECRET }}
    steps:
      - name: Authenticate
        run: /bin/taf-auth.sh

      - name: Upload taf credentials
        uses: actions/upload-artifact@v2
        with:
          name: taf_creds
          path: ./.taf_creds

You should see env var TAF_AUTH_TOKEN in your code (for example process.env.TAF_AUTH_TOKEN in node.js).

Read more

To learn more about the passwords go on and read more