diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index f8a1559..f6c4548 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -101,9 +101,9 @@ jobs: endpoint: https://localhost:8000 skip-tls-verify: true - - name: Fetch roxctl and run roxctl central whoami + - name: Install roxctl + uses: stackrox/roxctl-installer-action@v1 + + - name: Check the current user with roxctl run: | - curl -k -u admin:${ROX_PASSWORD} https://localhost:8000/api/cli/download/roxctl-linux --output ./roxctl - chmod +x ./roxctl - echo $ROX_ENDPOINT - ./roxctl central whoami + roxctl central whoami diff --git a/README.md b/README.md index 0a79baa..e639d53 100644 --- a/README.md +++ b/README.md @@ -47,8 +47,9 @@ permissions: Before being able to exchange tokens, the ACS Central instance needs to be configured to allow exchanging tokens originating from GitHub Action workflow runs. -At the current time, this only works via API, see the sample configuration below: +For more information on how to configure this, follow the [RHACS documentation](https://docs.openshift.com/acs/4.4/operating/manage-user-access/configure-short-lived-access.html). +Below is a sample configuration via API you can use: ```bash curl \ https:///v1/auth/m2m \ @@ -97,11 +98,17 @@ After the central login step has succeeded, the following environment variables For verifying everything works correctly, the example below can be used: ```yaml - - name: Central Login + - name: Login to Central uses: stackrox/central-login@v1 with: endpoint: https://:443 + - name: Install roxctl from Central + uses: stackrox/roxctl-installer-action@v1 + with: + central-endpoint: https://${{ env.ROX_ENDPOINT }} + central-token: ${{ env.ROX_API_TOKEN }} + - name: roxctl central whoami run: | roxctl central whoami