diff --git a/.github/workflows/test_coverage_with_tokens.yml b/.github/workflows/test_coverage_with_tokens.yml index 3dadb00c..66cd62cc 100644 --- a/.github/workflows/test_coverage_with_tokens.yml +++ b/.github/workflows/test_coverage_with_tokens.yml @@ -42,11 +42,6 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - - run: | - OUTPUT=$(aws cognito-idp "${{ secrets.COGNITO_INIT }}" --user-pool-id "${{ secrets.COGNITO_USER_POOL_ID }}" --client-id "${{ secrets.COGNITO_CLIENT_ID }}" --auth-flow "${{ secrets.COGNITO_AUTH_FLOW }}" --auth-parameters USERNAME="${{ secrets.COGNITO_USERNAME }}",PASSWORD=${{ secrets.COGNITO_PASSWORD }}) - echo ACCESS_TOKEN=$(echo "$OUTPUT" | jq -r '.AuthenticationResult.AccessToken' | sed 's/^"\(.*\)"$/\1/') >> $GITHUB_OUTPUT - echo ID_TOKEN=$(echo "$OUTPUT" | jq -r '.AuthenticationResult.IdToken' | sed 's/^"\(.*\)"$/\1/') >> $GITHUB_OUTPUT - name: Setup Python uses: actions/setup-python@v4 @@ -59,13 +54,16 @@ jobs: - name: Install requirements_dev.txt run: pip install -r requirements_dev.txt + + - name: Retrieve Cognito Tokens from AWS Secrets Manager + run: | + echo "CRIPT_TOKEN=$(aws secretsmanager get-secret-value --secret-id Pipelines_CognitoAccessToken --query SecretString --output text)" >> $GITHUB_ENV + echo "CRIPT_STORAGE_TOKEN=$(aws secretsmanager get-secret-value --secret-id Pipelines_CognitoIdToken --query SecretString --output text)" >> $GITHUB_ENV - name: Test Coverage run: pytest tests/api/test_api.py env: - ACCESS_TOKEN: ${{ steps.cognito-token.outputs.ACCESS_TOKEN }} - ID_TOKEN: ${{ steps.cognito-token.outputs.ID_TOKEN }} CRIPT_HOST: https://lb-stage.mycriptapp.org/ - CRIPT_TOKEN: $ACCESS_TOKEN - CRIPT_STORAGE_TOKEN: $ID_TOKEN + CRIPT_TOKEN: ${{ env.CRIPT_TOKEN }} + CRIPT_STORAGE_TOKEN: ${{ env.CRIPT_STORAGE_TOKEN }} CRIPT_TESTS: True