feat(platform/codecommit): add token support in config_js and update …

…docs (#18496)
renovatebot · Oct 24, 2022 · 4c528e1 · 4c528e1
1 parent c4a3a7a
commit 4c528e1
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 14 deletions.
diff --git a/lib/modules/platform/codecommit/index.md b/lib/modules/platform/codecommit/index.md
@@ -12,18 +12,21 @@ Let Renovate use AWS CodeCommit access keys by doing one of the following:
 
 1. Set a Renovate configuration file - config.js and set:
 
-   - `endpoint:` the url endpoint e.g `https://git-codecommit.us-east-1.amazonaws.com/`
-   - `username:` AWS IAM access key id
-   - `password:` AWS Secret access key
-
-2. Set environment variables:
-   - `AWS_REGION:` the region e.g `us-east-1`
-   - `AWS_ACCESS_KEY_ID:` your IAM Access key id
-   - `AWS_SECRET_ACCESS_KEY:` your IAM Secret access key id
-
----
-
-- `AWS_SESSION_TOKEN`: your AWS Session token if you have one
+   ```
+   username: AWS IAM access key id
+   password: AWS Secret access key
+   endpoint: the url endpoint e.g https://git-codecommit.us-east-1.amazonaws.com/
+   token: AWS session token, if you have one
+   ```
+
+2. Set up the environment with all required AWS environment variables for authentication, e.g:
+
+   ```
+   AWS_ACCESS_KEY_ID: AWS IAM access key id
+   AWS_SECRET_ACCESS_KEY: AWS Secret access key
+   AWS_REGION: the AWS region e.g us-east-1
+   AWS_SESSION_TOKEN: AWS session token, if you have one
+   ```
 
 ## AWS IAM security policies
 

diff --git a/lib/modules/platform/codecommit/index.ts b/lib/modules/platform/codecommit/index.ts
@@ -59,17 +59,19 @@ export async function initPlatform({
   endpoint,
   username,
   password,
+  token: awsToken,
 }: PlatformParams): Promise<PlatformResult> {
   let accessKeyId = username;
   let secretAccessKey = password;
-  let region;
+  let region: string | undefined;
 
   if (!accessKeyId) {
     accessKeyId = process.env.AWS_ACCESS_KEY_ID;
   }
   if (!secretAccessKey) {
     secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
   }
+
   if (endpoint) {
     const regionReg = regEx(/.*codecommit\.(?<region>.+)\.amazonaws\.com/);
     const codeCommitMatch = regionReg.exec(endpoint);
@@ -91,7 +93,7 @@ export async function initPlatform({
   const credentials: Credentials = {
     accessKeyId,
     secretAccessKey,
-    sessionToken: process.env.AWS_SESSION_TOKEN,
+    sessionToken: awsToken ?? process.env.AWS_SESSION_TOKEN,
   };
   config.credentials = credentials;