Skip to content
Snippets Groups Projects
Unverified Commit 4c528e1a authored by Philip's avatar Philip Committed by GitHub
Browse files

feat(platform/codecommit): add token support in config_js and update docs (#18496)

parent c4a3a7ae
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
lib/modules/platform/codecommit/index.md
+ 15
12
View file @ 4c528e1a
...@@ -12,18 +12,21 @@ Let Renovate use AWS CodeCommit access keys by doing one of the following: ...@@ -12,18 +12,21 @@ Let Renovate use AWS CodeCommit access keys by doing one of the following:
1. Set a Renovate configuration file - config.js and set: 1. Set a Renovate configuration file - config.js and set:
- `endpoint:` the url endpoint e.g `https://git-codecommit.us-east-1.amazonaws.com/` ```
- `username:` AWS IAM access key id username: AWS IAM access key id
- `password:` AWS Secret access key password: AWS Secret access key
endpoint: the url endpoint e.g https://git-codecommit.us-east-1.amazonaws.com/
2. Set environment variables: token: AWS session token, if you have one
- `AWS_REGION:` the region e.g `us-east-1` ```
- `AWS_ACCESS_KEY_ID:` your IAM Access key id
- `AWS_SECRET_ACCESS_KEY:` your IAM Secret access key id
--- 2. Set up the environment with all required AWS environment variables for authentication, e.g:
- `AWS_SESSION_TOKEN`: your AWS Session token if you have one ```
AWS_ACCESS_KEY_ID: AWS IAM access key id
AWS_SECRET_ACCESS_KEY: AWS Secret access key
AWS_REGION: the AWS region e.g us-east-1
AWS_SESSION_TOKEN: AWS session token, if you have one
```
## AWS IAM security policies ## AWS IAM security policies
......
lib/modules/platform/codecommit/index.ts
+ 4
2
View file @ 4c528e1a
...@@ -59,10 +59,11 @@ export async function initPlatform({ ...@@ -59,10 +59,11 @@ export async function initPlatform({
endpoint, endpoint,
username, username,
password, password,
token: awsToken,
}: PlatformParams): Promise<PlatformResult> { }: PlatformParams): Promise<PlatformResult> {
let accessKeyId = username; let accessKeyId = username;
let secretAccessKey = password; let secretAccessKey = password;
let region; let region: string | undefined;
if (!accessKeyId) { if (!accessKeyId) {
accessKeyId = process.env.AWS_ACCESS_KEY_ID; accessKeyId = process.env.AWS_ACCESS_KEY_ID;
...@@ -70,6 +71,7 @@ export async function initPlatform({ ...@@ -70,6 +71,7 @@ export async function initPlatform({
if (!secretAccessKey) { if (!secretAccessKey) {
secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY; secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
} }
if (endpoint) { if (endpoint) {
const regionReg = regEx(/.*codecommit\.(?<region>.+)\.amazonaws\.com/); const regionReg = regEx(/.*codecommit\.(?<region>.+)\.amazonaws\.com/);
const codeCommitMatch = regionReg.exec(endpoint); const codeCommitMatch = regionReg.exec(endpoint);
...@@ -91,7 +93,7 @@ export async function initPlatform({ ...@@ -91,7 +93,7 @@ export async function initPlatform({
const credentials: Credentials = { const credentials: Credentials = {
accessKeyId, accessKeyId,
secretAccessKey, secretAccessKey,
sessionToken: process.env.AWS_SESSION_TOKEN, sessionToken: awsToken ?? process.env.AWS_SESSION_TOKEN,
}; };
config.credentials = credentials; config.credentials = credentials;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment