fix: assume IAM role before running `cloudposse/github-action-atmos-g…

…et-setting` (#86) * assume IAM role before running github-action-atmos-get-setting * Update action.yml --------- Co-authored-by: Igor Rodionov <[email protected]>
cloudposse · Aug 28, 2024 · db8aef7 · db8aef7
1 parent 85cbbac
commit db8aef7
Showing 1 changed file with 8 additions and 9 deletions.
diff --git a/action.yml b/action.yml
@@ -107,6 +107,14 @@ runs:
           suzuki-shunsuke/tfcmt:
             tag: v4.11.0  
 
+    - name: Configure Plan AWS Credentials
+      uses: aws-actions/[email protected]
+      with:
+        aws-region: ${{ steps.config.outputs.aws-region }}
+        role-to-assume: ${{ steps.config.outputs.terraform-plan-role }}
+        role-session-name: "atmos-terraform-plan-gitops"
+        mask-aws-account-id: "no"
+
     - name: Get atmos settings
       uses: cloudposse/github-action-atmos-get-setting@v1
       id: component
@@ -172,15 +180,6 @@ runs:
         echo "step_summary_file=${STEP_SUMMARY_FILE}" >> $GITHUB_OUTPUT
         echo "issue_file=${ISSUE_SUMMARY_FILE}" >> $GITHUB_OUTPUT
 
-    - name: Configure Plan AWS Credentials
-      if: ${{ fromJson(steps.component.outputs.settings).enabled }}
-      uses: aws-actions/[email protected]
-      with:
-        aws-region: ${{ steps.config.outputs.aws-region }}
-        role-to-assume: ${{ steps.config.outputs.terraform-plan-role }}
-        role-session-name: "atmos-terraform-plan-gitops"
-        mask-aws-account-id: "no"
-
     - name: Cache .terraform
       id: cache
       uses: actions/cache@v4