Open
Description
Description:
I'm experiencing an issue with the aws-actions/[email protected] GitHub Action where secrets are not being set in the rendered ECS task definition unless I also specify environment-variables, even if it's just a placeholder.
Problem:
When I specify secrets without any environment-variables, the secrets do not appear in the rendered task definition. Here's the configuration that fails to set the secrets:
(ubuntu-latest)
- name: Render Amazon ECS task definition
id: render-frontend-container
uses: aws-actions/[email protected]
with:
task-definition: rendered-task-def.json
container-name: frontend
image: "${{ steps.ecr-login.outputs.registry }}/${{ env.IMAGE_REPOSITORY }}:${{ inputs.IMAGE_VERSION }}"
secrets: |
JWT_SECRET=${{ needs.setup.outputs.SSM_PREFIX }}/JWT_SECRET
SENTRY_AUTH_TOKEN=${{ needs.setup.outputs.SSM_PREFIX }}/SENTRY_AUTH_TOKEN
Workaround:
If I add an environment-variables section - even with just a dummy variable - the secrets are correctly set:
(ubuntu-latest)
- name: Render Amazon ECS task definition
id: render-frontend-container
uses: aws-actions/[email protected]
with:
task-definition: rendered-task-def.json
container-name: frontend
image: "${{ steps.ecr-login.outputs.registry }}/${{ env.IMAGE_REPOSITORY }}:${{ inputs.IMAGE_VERSION }}"
environment-variables: |
DUMMY_VAR=placeholder
secrets: |
JWT_SECRET=${{ needs.setup.outputs.SSM_PREFIX }}/JWT_SECRET
SENTRY_AUTH_TOKEN=${{ needs.setup.outputs.SSM_PREFIX }}/SENTRY_AUTH_TOKEN
Metadata
Metadata
Assignees
Labels
No labels