From cf6e7f2371f37df55f72ccab026a9d6f7464b5c3 Mon Sep 17 00:00:00 2001 From: Cyril Rohr Date: Tue, 21 May 2024 16:52:36 +0000 Subject: [PATCH 1/2] Allow to use existing AWS credentials even on RunsOn, by setting RUNS_ON_RUNNER_NAME="" --- README.md | 1 + src/custom/backend.ts | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a653acb..6669cd7 100644 --- a/README.md +++ b/README.md @@ -42,5 +42,6 @@ Be aware of S3 transfer costs if your runners are not in the same AWS region as ## Special environment variables * `RUNS_ON_S3_BUCKET_CACHE`: if set, the action will use this bucket to store the cache. +* `RUNS_ON_RUNNER_NAME`: if set to `""` and running from RunsOn, the action will not ignore AWS credentials from the environment, if any. * `RUNS_ON_S3_FORCE_PATH_STYLE` or `AWS_S3_FORCE_PATH_STYLE`: if one of those environment variables equals the string `"true"`, then the S3 client will be configured to force the path style. diff --git a/src/custom/backend.ts b/src/custom/backend.ts index 28edba2..cb01941 100644 --- a/src/custom/backend.ts +++ b/src/custom/backend.ts @@ -26,7 +26,7 @@ export interface ArtifactCacheEntry { // if executing from RunsOn, unset any existing AWS env variables so that we can use the IAM instance profile for credentials // see unsetCredentials() in https://github.com/aws-actions/configure-aws-credentials/blob/v4.0.2/src/helpers.ts#L44 -if (process.env.RUNS_ON_RUNNER_NAME) { +if (process.env.RUNS_ON_RUNNER_NAME && process.env.RUNS_ON_RUNNER_NAME !== "") { delete process.env.AWS_ACCESS_KEY_ID; delete process.env.AWS_SECRET_ACCESS_KEY; delete process.env.AWS_SESSION_TOKEN; From 70d7646a111f8df5478b86975c94ed672302c89a Mon Sep 17 00:00:00 2001 From: Cyril Rohr Date: Tue, 21 May 2024 16:53:32 +0000 Subject: [PATCH 2/2] build --- dist/restore/index.js | 2 +- dist/save/index.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dist/restore/index.js b/dist/restore/index.js index 359ee36..4a2f3fe 100644 --- a/dist/restore/index.js +++ b/dist/restore/index.js @@ -93775,7 +93775,7 @@ const lib_storage_1 = __nccwpck_require__(3087); const downloadUtils_1 = __nccwpck_require__(6968); // if executing from RunsOn, unset any existing AWS env variables so that we can use the IAM instance profile for credentials // see unsetCredentials() in https://github.com/aws-actions/configure-aws-credentials/blob/v4.0.2/src/helpers.ts#L44 -if (process.env.RUNS_ON_RUNNER_NAME) { +if (process.env.RUNS_ON_RUNNER_NAME && process.env.RUNS_ON_RUNNER_NAME !== "") { delete process.env.AWS_ACCESS_KEY_ID; delete process.env.AWS_SECRET_ACCESS_KEY; delete process.env.AWS_SESSION_TOKEN; diff --git a/dist/save/index.js b/dist/save/index.js index 9fee3a6..ed920df 100644 --- a/dist/save/index.js +++ b/dist/save/index.js @@ -93775,7 +93775,7 @@ const lib_storage_1 = __nccwpck_require__(3087); const downloadUtils_1 = __nccwpck_require__(6968); // if executing from RunsOn, unset any existing AWS env variables so that we can use the IAM instance profile for credentials // see unsetCredentials() in https://github.com/aws-actions/configure-aws-credentials/blob/v4.0.2/src/helpers.ts#L44 -if (process.env.RUNS_ON_RUNNER_NAME) { +if (process.env.RUNS_ON_RUNNER_NAME && process.env.RUNS_ON_RUNNER_NAME !== "") { delete process.env.AWS_ACCESS_KEY_ID; delete process.env.AWS_SECRET_ACCESS_KEY; delete process.env.AWS_SESSION_TOKEN;