tiennm99/miti99bot
1
0
Fork 0
mirror of https://github.com/tiennm99/miti99bot.git synced 2026-06-08 04:17:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(deploy): pass BotOwnerID and AdminUserIDs from samconfig.toml in CI

Browse Source 
CI's --parameter-overrides replaces (not merges with) samconfig.toml's
parameter_overrides, so BOT_OWNER_ID was empty in the deployed Lambda.
deploynotify silently skipped sending the post-deploy DM, and all
Protected/Private commands were denied.

Extract the values from samconfig.toml at deploy time so the file
remains the single source of truth for non-secret deploy params.

Also add 'stats' to samconfig.toml's ModulesCSV so local `sam deploy`
doesn't regress the stats module.
This commit is contained in:
tiennm99
2026-05-22 15:39:42 +07:00
parent db8ee9c49b
commit 85579e56ef
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/deploy.yml
+6 -1
View File
@@ -54,7 +54,12 @@ jobs:
--name "/miti99bot/${STACK_ENV}/cron-shared-secret" \
--with-decryption --query Parameter.Value --output text)
echo "::add-mask::$CRON_SECRET"
OVERRIDES="CronSharedSecret=$CRON_SECRET"
# Extract non-secret deploy params from samconfig.toml so it stays
# the single source of truth (CI's --parameter-overrides replaces,
# not merges with, samconfig.toml values).
BOT_OWNER_ID=$(sed -n 's/.*BotOwnerID=\\"\\([^\\]*\\)\\".*/\1/p' samconfig.toml)
ADMIN_USER_IDS=$(sed -n 's/.*AdminUserIDs=\\"\\([^\\]*\\)\\".*/\1/p' samconfig.toml)
OVERRIDES="CronSharedSecret=$CRON_SECRET BotOwnerID=$BOT_OWNER_ID AdminUserIDs=$ADMIN_USER_IDS"
if [ -n "$ALERT_EMAIL" ]; then
OVERRIDES="$OVERRIDES AlertEmail=$ALERT_EMAIL"
fi
samconfig.toml
+1 -1
View File
@@ -13,7 +13,7 @@ resolve_s3 = true
s3_prefix = "miti99bot"
# Secrets MUST live in SSM Parameter Store (see aws/README.md). Never put
# them here — this file is committed.
parameter_overrides = "StackEnv=\"prod\" ModulesCSV=\"util,misc,wordle,loldle,lolschedule,twentyq,trading\" BotOwnerID=\"1064111334\" AdminUserIDs=\"1064111334\" LambdaAdapterLayerArn=\"arn:aws:lambda:ap-southeast-1:753240598075:layer:LambdaAdapterLayerArm64:25\" AlertEmail=\"minhtienit99@gmail.com\""
parameter_overrides = "StackEnv=\"prod\" ModulesCSV=\"util,misc,wordle,loldle,lolschedule,twentyq,trading,stats\" BotOwnerID=\"1064111334\" AdminUserIDs=\"1064111334\" LambdaAdapterLayerArn=\"arn:aws:lambda:ap-southeast-1:753240598075:layer:LambdaAdapterLayerArm64:25\" AlertEmail=\"minhtienit99@gmail.com\""
image_repositories = []
[default.validate.parameters]