rinne
v0.1.0
Published
Manages AWS access keys in GitHub Actions Secrets
Downloads
5
Readme
Rinne
Synopsis
rinne [--config CONFPATH] [--jpath JPATH]... bootstrap [CDK-OPTION]... [ENVIRONMENT]...
rinne [--config CONFPATH] [--jpath JPATH]... deploy [CDK-OPTION]...
Descriprion
Rinne manages AWS access keys in GitHub Actions Secrets and configures automated access key rotation.
Configuration
Rinne reads configuraion file written in Jsonnet templating language. The configuration file must represent a JSON object in the following structure:
{
# See also https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_core.StackProps.html#properties
env: {
region: 'us-east-1', # optional
account: 123456789012, # optional
},
stackName: 'stack-name', # optional, default: "Rinne"
description: '...', # optional
tags: { # optional
Key: 'Value',
# ...
}
githubToken: {
# Rinne will obtain GitHub token from this SSM parameter
parameter: '/parameter/name',
keyId: '1234abcd-12ab-34cd-56ef-1234567890ab', # optional
},
repositories: {
'owner/repo': {
# Managed policies to attach
managed_policies: [
'arn:aws:iam::aws:policy/...',
# ...
],
# Inline policies to attach
policies: {
name: [
# IAM statements
{
Action: '...',
Resource: 'arn:...',
},
# ...
],
# ...
}
},
# ...
},
}
Further reading
- Sei Seino, "時載りリンネ! (1) はじまりの本" (Tokinori Rinne! 1: Hajimari no Hon), ISBN 9784044732011