From 686a2648a67fea478a8ea512a5d8c2bb3f7ae572 Mon Sep 17 00:00:00 2001 From: mikereiddigital Date: Thu, 27 Jun 2024 14:22:59 +0100 Subject: [PATCH 1/2] Redacts the account_number from the env output of the nuke workflow. --- .github/workflows/nuke-redeploy.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/nuke-redeploy.yml b/.github/workflows/nuke-redeploy.yml index 0474ae55c65..c3603be849b 100644 --- a/.github/workflows/nuke-redeploy.yml +++ b/.github/workflows/nuke-redeploy.yml @@ -55,7 +55,10 @@ jobs: uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e --arg account_name "${ACCOUNT_NAME}" '.account_ids[$account_name]' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e --arg account_name "${ACCOUNT_NAME}" '.account_ids[$account_name]' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$BACKEND_NUMBER" + echo "BACKEND_NUMBER=${BACKEND_NUMBER}" >> $GITHUB_ENV - name: configure aws credentials uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 From 2b9b419e9655c17835824952ee90e399f08508ed Mon Sep 17 00:00:00 2001 From: mikereiddigital Date: Thu, 27 Jun 2024 15:38:31 +0100 Subject: [PATCH 2/2] Adds redact to account_number in awsnuke workflows. --- .github/workflows/awsnuke.yml | 10 ++++++++-- .github/workflows/nuke-redeploy.yml | 4 ++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/awsnuke.yml b/.github/workflows/awsnuke.yml index fd4b659f8c6..ecfc91749ef 100644 --- a/.github/workflows/awsnuke.yml +++ b/.github/workflows/awsnuke.yml @@ -65,7 +65,10 @@ jobs: - name: Checkout Repository uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e --arg account_name "${ACCOUNT_NAME}" '.account_ids[$account_name]' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e --arg account_name "${ACCOUNT_NAME}" '.account_ids[$account_name]' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo "ACCOUNT_NUMBER=${ACCOUNT_NUMBER}" >> $GITHUB_ENV - name: configure aws credentials uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 with: @@ -142,7 +145,10 @@ jobs: - name: Checkout Repository uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e --arg account_name "${ACCOUNT_NAME}" '.account_ids[$account_name]' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e --arg account_name "${ACCOUNT_NAME}" '.account_ids[$account_name]' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo "ACCOUNT_NUMBER=${ACCOUNT_NUMBER}" >> $GITHUB_ENV - name: Setup Nuke Account String run: | accounts_str='' diff --git a/.github/workflows/nuke-redeploy.yml b/.github/workflows/nuke-redeploy.yml index c3603be849b..bb49d850d2d 100644 --- a/.github/workflows/nuke-redeploy.yml +++ b/.github/workflows/nuke-redeploy.yml @@ -57,8 +57,8 @@ jobs: - name: Set Account Number run: | ACCOUNT_NUMBER=$(jq -r -e --arg account_name "${ACCOUNT_NAME}" '.account_ids[$account_name]' <<< $ENVIRONMENT_MANAGEMENT) - echo "::add-mask::$BACKEND_NUMBER" - echo "BACKEND_NUMBER=${BACKEND_NUMBER}" >> $GITHUB_ENV + echo "::add-mask::$ACCOUNT_NUMBER" + echo "ACCOUNT_NUMBER=${ACCOUNT_NUMBER}" >> $GITHUB_ENV - name: configure aws credentials uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1