Update deploy.yml

CSSE6400 · May 1, 2024 · 16d077e · 16d077e
1 parent 3ddde31
commit 16d077e
Showing 1 changed file with 25 additions and 19 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -9,26 +9,32 @@ on:
 
 jobs:
   deploy:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
 
-    - name: Use Node.js 20.x
-      uses: actions/setup-node@v3
-      with:
-        node-version: 20.x
+    runs-on: ubuntu-latest
 
-    - name: Mask sensitive inputs
-      uses: levibostian/action-hide-sensitive-inputs@v1
+    steps:
+      - name: Configure AWS credentials
+        id: aws-credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
 
-    - name: Set AWS Credentials as Environment Variables and Save to File
-      run: |
-        echo "$AWS_CREDENTIALS" > credentials.txt
-        export AWS_ACCESS_KEY_ID=$(grep -oP '(?<=AWS_ACCESS_KEY_ID=)\S+' credentials.txt)
-        export AWS_SECRET_ACCESS_KEY=$(grep -oP '(?<=AWS_SECRET_ACCESS_KEY=)\S+' credentials.txt)
-        export AWS_SESSION_TOKEN=$(grep -oP '(?<=AWS_SESSION_TOKEN=)\S+' credentials.txt)
+      - name: Mask AWS credentials
+        run: |
+          echo "AWS_ACCESS_KEY_ID=${{ steps.aws-credentials.outputs.access_key_id }}" | sed 's/./\*/g' >> $GITHUB_ENV
+          echo "AWS_SECRET_ACCESS_KEY=${{ steps.aws-credentials.outputs.secret_access_key }}" | sed 's/./\*/g' >> $GITHUB_ENV
+          echo "AWS_SESSION_TOKEN=${{ steps.aws-credentials.outputs.session_token }}" | sed 's/./\*/g' >> $GITHUB_ENV
 
-    - name: Deploy to AWS
-      run: |
-        terraform init
-        terraform apply -auto-approve
+      - name: Use Node.js 20.x
+        uses: actions/setup-node@v3
+        with:
+          node-version: 20.x
+
+      - name: Deploy to AWS
+        run: |
+          echo "${{ github.event.inputs.awsCredentials }}" | sed 's/./\*/g' > credentials.txt
+          export $(cat credentials.txt | xargs)
+          echo "::add-mask::$(cat credentials.txt)"
+          ./deploy.sh