From 90e056a64beddaa6f124390b64108716ce01e10b Mon Sep 17 00:00:00 2001
From: Chris Wright <chris@dxw.com>
Date: Mon, 18 Nov 2024 17:53:02 +0000
Subject: [PATCH] [FCL-447] Fix workflow OIDC secret names

* Staging and production have different roles to assume
---
 .github/workflows/deploy-production.yml | 2 +-
 .github/workflows/deploy.yml            | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml
index a50c44e..1b048cb 100644
--- a/.github/workflows/deploy-production.yml
+++ b/.github/workflows/deploy-production.yml
@@ -20,7 +20,7 @@ jobs:
       - uses: aws-actions/setup-sam@v2
       - uses: aws-actions/configure-aws-credentials@v4
         with:
-          role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }}
+          role-to-assume: ${{ secrets.AWS_OIDC_PRODUCTION_ROLE_ARN }}
           aws-region: eu-west-2
       - run: sam build --use-container -m requirements/base.txt
       - run: >
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 6bbb75f..370def2 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -19,7 +19,7 @@ jobs:
       - uses: aws-actions/setup-sam@v2
       - uses: aws-actions/configure-aws-credentials@v4
         with:
-          role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }}
+          role-to-assume: ${{ secrets.AWS_OIDC_STAGING_ROLE_ARN }}
           aws-region: eu-west-2
       - run: sam build --use-container -m requirements/base.txt
       - run: >