1.0.0 • Published 2 years ago
taf-auth v1.0.0
taf-auth
Service for fetching auth0 tokens for TAF API
Environments
Environment | AWS Account | App URL |
---|---|---|
development | dazn-taf-dev | api.taf.dazn-dev.com |
testing | dazn-taf-test | api.taf.dazn-test.com |
staging | dazn-taf-stage | api.taf.dazn-stage.com |
production | dazn-taf-prod | api.taf.indazn.com |
Deploy to development and testing env
serverless
development - npm run sls:deploy:dev
testing - npm run sls:deploy:test
ecr
development - npm run docker:deploy:dev
testing - npm run docker:deploy:test
###How to use docker image in GHA pipeline
Images per taf env
Environment | Image |
---|---|
development | 707907454361.dkr.ecr.eu-central-1.amazonaws.com/taf-auth:latest-dev |
testing | 707907454361.dkr.ecr.eu-central-1.amazonaws.com/taf-auth:latest-testing |
staging | 707907454361.dkr.ecr.eu-central-1.amazonaws.com/taf-auth:latest-staging |
production | 707907454361.dkr.ecr.eu-central-1.amazonaws.com/taf-auth:latest |
Secrets name per taf env (use production)
Environment | GHA |
---|---|
development | GLOBAL_TAF_SECRET_DEV |
testing | GLOBAL_TAF_SECRET_TEST |
staging | GLOBAL_TAF_SECRET_STAGE |
production | GLOBAL_TAF_SECRET |
How to use docker image in Drone or GHA
jobs:
ecr-auth:
name: Authenticate in ECR
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
ecr-password: ${{ steps.ecr-auth.outputs.pwd }}
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
role-to-assume: ${{ env.ROLE_TO_ASSUME }}
- name: Login to ECR
id: ecr-auth
run: echo "::set-output name=pwd::$(aws ecr get-login-password)"
taf-auth:
name: Authenticate in TAF
runs-on: ubuntu-latest
timeout-minutes: 5
needs: ecr-auth
container:
image: 707907454361.dkr.ecr.eu-central-1.amazonaws.com/taf-auth:latest
credentials:
username: AWS
password: ${{ needs.ecr-auth.outputs.ecr-password }}
env:
GLOBAL_TAF_SECRET: ${{ secrets.GLOBAL_TAF_SECRET }}
steps:
- name: Authenticate
run: /bin/taf-auth.sh
- name: Upload taf credentials
uses: actions/upload-artifact@v2
with:
name: taf_creds
path: ./.taf_creds
You should see env var TAF_AUTH_TOKEN in your code (for example process.env.TAF_AUTH_TOKEN in node.js).
Read more
To learn more about the passwords go on and read more
1.0.0
2 years ago