From b033340c258fc386877bd1544d4655b5ffbff67d Mon Sep 17 00:00:00 2001
From: Jari Voutilainen <jari-pekka.voutilainen@gofore.com>
Date: Mon, 17 Feb 2025 10:51:37 +0200
Subject: [PATCH] Allow cloudstorage to use test role in aws

---
 cdk/bin/opendata.ts            | 1 +
 cdk/lib/ci-test-stack-props.ts | 3 ++-
 cdk/lib/ci-test-stack.ts       | 4 +++-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/cdk/bin/opendata.ts b/cdk/bin/opendata.ts
index 67b26e3860..0cb815bfd6 100644
--- a/cdk/bin/opendata.ts
+++ b/cdk/bin/opendata.ts
@@ -732,5 +732,6 @@ const ciTestStackBeta = new CiTestStack(app, 'CiTestStack-beta', {
   },
   githubOrg: "vrk-kpa",
   githubRepo: "opendata",
+  githubRepo2: "ckanext-cloudstorage",
   testBucketName: "avoindata-ci-test-bucket"
 })
diff --git a/cdk/lib/ci-test-stack-props.ts b/cdk/lib/ci-test-stack-props.ts
index e91532a071..a329f0ae44 100644
--- a/cdk/lib/ci-test-stack-props.ts
+++ b/cdk/lib/ci-test-stack-props.ts
@@ -3,5 +3,6 @@ import {StackProps} from "aws-cdk-lib";
 export interface CiTestStackProps extends StackProps {
   testBucketName: string,
   githubOrg: string,
-  githubRepo: string
+  githubRepo: string,
+  githubRepo2: string
 }
diff --git a/cdk/lib/ci-test-stack.ts b/cdk/lib/ci-test-stack.ts
index 2f00ef40a0..a81ff0901e 100644
--- a/cdk/lib/ci-test-stack.ts
+++ b/cdk/lib/ci-test-stack.ts
@@ -27,7 +27,9 @@ export class CiTestStack extends Stack {
     const testRole = new aws_iam.Role(this, 'TestRole', {
       assumedBy: new aws_iam.WebIdentityPrincipal(oidcProviderArn, {
           StringLike: {
-            "token.actions.githubusercontent.com:sub": `repo:${props.githubOrg}/${props.githubRepo}:*`
+            "token.actions.githubusercontent.com:sub": [
+              `repo:${props.githubOrg}/${props.githubRepo}:*`,
+              `repo:${props.githubOrg}/${props.githubRepo2}:*`]
           }
       })
     })