Skip to content
/ tencentcloud-oidc-auth Public

About GitHub Action for authenticating to Tencent Cloud with GitHub Actions OIDC tokens.

License

MIT license
4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

everpcpc/tencentcloud-oidc-auth

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
1 Branch3 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

everpcpceverpcpc
feat: log userid after authentication
Apr 30, 2024
98765a2 · Apr 30, 2024

History

7 Commits
.github/workflows
.github/workflows
May 19, 2023
dist
dist
Apr 30, 2024
src
src
Apr 30, 2024
.gitignore
.gitignore
May 18, 2023
LICENSE
LICENSE
May 18, 2023
README.md
README.md
May 19, 2023
action.yml
action.yml
Apr 30, 2024
package.json
package.json
Apr 30, 2024
tsconfig.json
tsconfig.json
May 18, 2023
yarn.lock
yarn.lock
Apr 30, 2024

Repository files navigation

tencentcloud-oidc-auth

GitHub Action for authenticating to Tencent Cloud with GitHub Actions OIDC tokens.

Usage

jobs:
  job-id:
    # ...
    permissions:
      id-token: write
    steps:
      - uses: everpcpc/tencentcloud-oidc-auth@v1
        with:
          role-arn: qcs::cam::uin/1234567890:roleName/role-name
          role-session-name: github-actions-test
          oidc-provider-id: github
          role-duration-seconds: 3600
          audience: sts.tencentcloudapi.com
          region: ap-guangzhou
      - run: pip install tccli
      - run: tccli sts GetCallerIdentity

Inputs

  • role-arn: Required. The ARN of the role to assume.
  • oidc-provider-id: Required. The name of the OIDC provider to use for authentication.
  • role-session-name: Optional. The session name to use when assuming the role, default to github-actions-<orgName>-<repoName>.
  • role-duration-seconds: Optional. The duration, in seconds, of the role session, default to 3600.
  • audience: Optional. The intended audience (also known as client ID) of the OIDC token, default to sts.tencentcloudapi.com.
  • region: Optional. The region of the role to assume, default to ap-guangzhou.
  • mask-account-id: Optional. Whether to mask the account ID in the output, default to true.

Output Environment Variables

  • TENCENTCLOUD_SECRET_ID: The access key ID of the temporary credentials.
  • TENCENTCLOUD_SECRET_KEY: The secret access key of the temporary credentials.
  • TENCENTCLOUD_SECURITY_TOKEN: The session token of the temporary credentials, for pulumi-tencentcloud.
  • TENCENTCLOUD_TOKEN: The session token of the temporary credentials, for tencentcloud-cli.
  • TENCENTCLOUD_REGION: The region to use when calling Tencent Cloud APIs.

About

About GitHub Action for authenticating to Tencent Cloud with GitHub Actions OIDC tokens.

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

v1 Latest
May 18, 2023

Packages

No packages published

Languages