From 4fafe33f81ec7cfb5034cbc08c65830ce4604bf2 Mon Sep 17 00:00:00 2001
From: jandroav <jandroav@icloud.com>
Date: Fri, 9 Feb 2024 15:14:44 +0100
Subject: [PATCH 1/2] chore(release-published.yml): configure AWS credentials
 to upload files to S3 bucket feat(release-published.yml): add step to
 configure AWS credentials using aws-actions/configure-aws-credentials action
 refactor(release-published.yml): remove hardcoded AWS credentials and use
 secrets for AWS access key, secret access key, and region

---
 .github/workflows/release-published.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml
index 1b8d66be..8a3a5cc0 100644
--- a/.github/workflows/release-published.yml
+++ b/.github/workflows/release-published.yml
@@ -21,11 +21,13 @@ jobs:
           path: liquibase-neo4j
           repository: "liquibase/liquibase-neo4j"
 
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_PROD_GITHUB_OIDC_ROLE_ARN_BUILD_LOGIC }}
+          aws-region: us-east-1
+
       - name: Upload to s3
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.LIQUIBASEORIGIN_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.LIQUIBASEORIGIN_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: us-east-1
         # aws s3 sync syncs directories and S3 prefixes.
         run: |
           aws s3 sync liquibase-neo4j/src/main/resources/www.liquibase.org/xml/ns/neo4j/ s3://liquibaseorg-origin/xml/ns/neo4j/ --content-type application/octet-stream --only-show-errors

From c91cf2fac079681d2632515618a9ea82c74e1b11 Mon Sep 17 00:00:00 2001
From: jandroav <jandroav@icloud.com>
Date: Fri, 9 Feb 2024 15:15:00 +0100
Subject: [PATCH 2/2] chore(release-published.yml): remove unnecessary
 environment variables for AWS credentials refactor(release-published.yml):
 simplify the process of uploading index.htm file to S3

---
 .github/workflows/release-published.yml | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml
index 8a3a5cc0..10cbf572 100644
--- a/.github/workflows/release-published.yml
+++ b/.github/workflows/release-published.yml
@@ -32,10 +32,6 @@ jobs:
         run: |
           aws s3 sync liquibase-neo4j/src/main/resources/www.liquibase.org/xml/ns/neo4j/ s3://liquibaseorg-origin/xml/ns/neo4j/ --content-type application/octet-stream --only-show-errors
       - name: Index.htm file upload
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.LIQUIBASEORIGIN_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.LIQUIBASEORIGIN_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: us-east-1
         # List all xsd and htm files in repository. Copy index.htm to temporary folder
         # Add links for all xsd files to index.htm file (except liquibase-neo4j-latest.xsd and index.htm)
         # Sync index.htm with the s3