https://github.com/chrispsheehan/just-aws-oidc-action
This GitHub Action sets up just, authenticates to AWS via OIDC, and runs a specified just recipe — useful for clean, repeatable, script-based workflows in infrastructure, DevOps, and CI/CD pipelines.
https://github.com/chrispsheehan/just-aws-oidc-action
aws cicd just oidc
Last synced: 5 months ago
JSON representation
This GitHub Action sets up just, authenticates to AWS via OIDC, and runs a specified just recipe — useful for clean, repeatable, script-based workflows in infrastructure, DevOps, and CI/CD pipelines.
- Host: GitHub
- URL: https://github.com/chrispsheehan/just-aws-oidc-action
- Owner: chrispsheehan
- License: mit
- Created: 2025-05-16T15:45:14.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2026-01-26T15:03:52.000Z (5 months ago)
- Last Synced: 2026-01-27T03:56:12.790Z (5 months ago)
- Topics: aws, cicd, just, oidc
- Homepage:
- Size: 15.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Execute Just Command with AWS OIDC
This GitHub Action sets up [`just`](https://github.com/casey/just), authenticates to AWS via OIDC, and runs a specified **just recipe** — useful for clean, repeatable, script-based workflows in infrastructure, DevOps, and CI/CD pipelines.
---
## 🚀 Features
- Installs a specific version of [`just`](https://github.com/casey/just)
- Configures AWS credentials using GitHub OIDC
- Executes any `just` command (recipe)
- Captures and returns the final line of output as an action output
---
## 📥 Inputs
| Name | Description | Required | Default |
|--------------------|--------------------------------------------------|----------|--------------|
| `just_version` | Version of `just` to install | ❌ | `1.0.0` |
| `aws_region` | AWS region | ❌ | `eu-west-2` |
| `aws_oidc_role_arn`| ARN of the IAM role to assume via OIDC | ✅ | — |
| `just_action` | The `just` recipe to execute | ✅ | — |
| `mask_result` | Use to mask value in CI | ❌ | `false` |
---
## 📤 Outputs
| Name | Description |
|----------------|--------------------------------------------|
| `just_outputs` | Output of the `just` command (last line) |
---
## 🛠 Example Usage
```just
lambda-get-version:
#!/usr/bin/env bash
aws lambda get-alias \
--function-name "$FUNCTION_NAME" --name "$ALIAS_NAME" \
--query 'FunctionVersion' --output text
```
```yaml
jobs:
run-just:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- name: get lambda version
id: lambda-get-version
uses: chrispsheehan/just-aws-oidc-action@0.1.2
env:
FUNCTION_NAME: dev-lambda-function
ALIAS_NAME: dev
with:
aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
just_action: lambda-get-version
- name: read output from script
run: |
echo "Script output: ${{ steps.lambda-get-version.outputs.just_outputs }}"
VERSION="${{ steps.lambda-get-version.outputs.just_outputs }}"
echo "Parsed VERSION=$VERSION"
```
```just
get-secret:
#!/usr/bin/env bash
echo secret_key_or_id
```
```yaml
jobs:
run-just:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- name: get secret
id: get-secret
uses: chrispsheehan/just-aws-oidc-action@0.1.2
with:
aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
just_action: get-secret
- name: read output from script
run: |
echo "Script output will appear *** in CI logs: ${{ steps.get-secret.outputs.just_outputs }}"
```