From 2696bf8cf35ca51b5147f6d462a1a9acea63097a Mon Sep 17 00:00:00 2001
From: Felix Moessbauer <felix.moessbauer@siemens.com>
Date: Mon, 20 Nov 2023 14:59:33 +0100
Subject: bitbake: fetch2/aws: forward env-vars used in gitlab-ci K8s

This patch adds the following variables to the allow-list, which are
used in the "IAM roles for AWS when using the GitLab chart":

- AWS_ROLE_ARN
- AWS_WEB_IDENTITY_TOKEN_FILE

These variables are set in the CI job environment and are needed to
access the sstate cache artifacts in a connected S3 bucket.

[1] https://docs.gitlab.com/charts/advanced/external-object-storage/aws-iam-roles.html

Reported-by: Zhi Bin Dong <zhibin.dong@siemens.com>
(Bitbake rev: c534526ea73805ee7cc16f3168b05ece10e0c03c)

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 bitbake/lib/bb/fetch2/__init__.py | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'bitbake/lib/bb/fetch2')

diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py
index 35e9ca96b7..22a2f80107 100644
--- a/bitbake/lib/bb/fetch2/__init__.py
+++ b/bitbake/lib/bb/fetch2/__init__.py
@@ -872,6 +872,8 @@ FETCH_EXPORT_VARS = ['HOME', 'PATH',
                      'AWS_PROFILE',
                      'AWS_ACCESS_KEY_ID',
                      'AWS_SECRET_ACCESS_KEY',
+                     'AWS_ROLE_ARN',
+                     'AWS_WEB_IDENTITY_TOKEN_FILE',
                      'AWS_DEFAULT_REGION',
                      'GIT_CACHE_PATH',
                      'REMOTE_CONTAINERS_IPC',
-- 
cgit v1.2.3-54-g00ecf