From f4cdd8d0a440e8fcdaf5820be653a606af3c568f Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 20:59:44 -0500 Subject: [PATCH 01/13] split out diarization and download --- .github/workflows/python-app.yml | 2 +- db/migrate_s3_path.py | 31 +++++++++++++++++++ db/queries.py | 11 +++++-- ...slate_meetings.py => download_meetings.py} | 16 +++++----- flows/transcribe_meetings.py | 16 ++++++++++ src/aws.py | 19 ++++++++++++ src/models/meeting.py | 7 ++++- src/run_diarization.py | 7 +++-- src/videos.py | 2 -- tasks/diarize.py | 25 +++++++++++++-- tasks/meetings.py | 2 +- 11 files changed, 119 insertions(+), 19 deletions(-) create mode 100644 db/migrate_s3_path.py rename flows/{translate_meetings.py => download_meetings.py} (53%) create mode 100644 flows/transcribe_meetings.py diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index bf68001..c69e587 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -46,4 +46,4 @@ jobs: - name: Run Diarization run: | - /opt/poetry-venv/bin/python -m flows.translate_meetings + /opt/poetry-venv/bin/python -m flows.transcribe_meetings diff --git a/db/migrate_s3_path.py b/db/migrate_s3_path.py new file mode 100644 index 0000000..243a89c --- /dev/null +++ b/db/migrate_s3_path.py @@ -0,0 +1,31 @@ +""" +Migration script to add s3_path field to existing meeting records. +""" + +from dyntastic import A +from src.models.meeting import Meeting + + +def migrate_s3_path(): + """ + Add s3_path field to all existing meeting records that don't have it. + """ + print("Starting migration to add s3_path field to existing meetings...") + + # Get all meetings + meetings = Meeting.scan() + updated_count = 0 + + for meeting in meetings: + # Check if s3_path field exists and is None + if not hasattr(meeting, "s3_path") or meeting.s3_path is None: + print(f"Updating meeting: {meeting.meeting} ({meeting.date})") + meeting.s3_path = None + meeting.save() + updated_count += 1 + + print(f"Migration complete. Updated {updated_count} meetings.") + + +if __name__ == "__main__": + migrate_s3_path() diff --git a/db/queries.py b/db/queries.py index 98fa026..027ccec 100644 --- a/db/queries.py +++ b/db/queries.py @@ -4,7 +4,9 @@ from src.models.meeting import Meeting -def get_meetings(days: int = 7, video: Optional[bool] = None) -> List[Meeting]: +def get_meetings( + days: int = 7, video: Optional[bool] = None, s3_path: Optional[bool] = None +) -> List[Meeting]: """ Get meetings that occurred in the past number of days from now. """ @@ -13,6 +15,11 @@ def get_meetings(days: int = 7, video: Optional[bool] = None) -> List[Meeting]: meetings = Meeting.scan( A.date >= target_date, ) - meetings_list = [m for m in meetings if (video is None or bool(m.video) == video)] + meetings_list = [ + m + for m in meetings + if (video is None or bool(m.video) == video) + and (s3_path is None or bool(m.s3_path) == s3_path) + ] return list(meetings_list) diff --git a/flows/translate_meetings.py b/flows/download_meetings.py similarity index 53% rename from flows/translate_meetings.py rename to flows/download_meetings.py index 9916b59..38fa26e 100644 --- a/flows/translate_meetings.py +++ b/flows/download_meetings.py @@ -1,21 +1,21 @@ from prefect import flow from db.queries import get_meetings -from tasks.diarize import diarize_meeting +from tasks.diarize import download_video_and_put_in_s3 from tasks.meetings import register_meetings -@flow(log_prints=True) -def translate_meetings(): +# @flow(log_prints=True) +def download_meetings(): new_meetings = register_meetings() print(f"Registered {len(new_meetings)} new meetings") - meetings_to_diarize = get_meetings(video=True) - print(f"Found {len(meetings_to_diarize)} meetings to diarize") - for meeting in meetings_to_diarize: - diarize_meeting(meeting) + meetings_to_download = get_meetings(days=7, video=True, s3_path=False) + print(f"Found {len(meetings_to_download)} meetings to download") + for meeting in meetings_to_download: + download_video_and_put_in_s3(meeting) # new_subtitled_video_pages = await create_subtitled_video_pages(new_transcribed_meetings) # new_translated_meetings = await translate_transcriptions(new_transcribed_meetings) if __name__ == "__main__": - translate_meetings() + download_meetings() diff --git a/flows/transcribe_meetings.py b/flows/transcribe_meetings.py new file mode 100644 index 0000000..b980684 --- /dev/null +++ b/flows/transcribe_meetings.py @@ -0,0 +1,16 @@ +from prefect import flow + +from db.queries import get_meetings +from tasks.diarize import diarize_meeting + + +@flow(log_prints=True) +def transcribe_meetings(): + meetings_to_diarize = get_meetings(video=True, s3_path=True) + print(f"Found {len(meetings_to_diarize)} meetings to diarize") + for meeting in meetings_to_diarize: + diarize_meeting(meeting) + + +if __name__ == "__main__": + transcribe_meetings() diff --git a/src/aws.py b/src/aws.py index 29f255f..22b4a33 100644 --- a/src/aws.py +++ b/src/aws.py @@ -1,4 +1,5 @@ import os +from pathlib import Path import boto3 from botocore.exceptions import ClientError, NoCredentialsError, PartialCredentialsError @@ -52,3 +53,21 @@ def save_content_to_s3(content, bucket_name, s3_key, content_type): region = s3_client.meta.region_name url = f"https://{bucket_name}.s3.{region}.amazonaws.com/{s3_key}" return HttpUrl(url) + + +def get_video_from_s3(bucket_name, s3_path): + try: + # Create output directory if it doesn't exist + output_dir = Path("data/video") + output_dir.mkdir(parents=True, exist_ok=True) + + # Define output path + output_path = output_dir / Path(s3_path).name + + # Download file from S3 + s3_client.download_file(bucket_name, s3_path, str(output_path)) + print(f"Downloaded {s3_path} from S3 to {output_path}") + return output_path + except ClientError as e: + print(f"Failed to get video from S3: {str(e)}") + return None diff --git a/src/models/meeting.py b/src/models/meeting.py index fee0070..569be03 100644 --- a/src/models/meeting.py +++ b/src/models/meeting.py @@ -5,7 +5,7 @@ from typing import Optional from dyntastic import Dyntastic -from pydantic import BaseModel, Field, HttpUrl +from pydantic import BaseModel, Field, HttpUrl, ConfigDict from datetime import datetime from typing import List @@ -18,6 +18,8 @@ class Meeting(Dyntastic): __table_name__ = "tgov-meeting" __hash_key__ = "clip_id" + model_config = ConfigDict(extra="ignore") + clip_id: Optional[str] = Field(None, description="Granicus clip ID") meeting: str = Field(description="Name of the meeting") date: datetime = Field(description="Date and time of the meeting") @@ -30,6 +32,9 @@ class Meeting(Dyntastic): subtitles: Optional[List[HttpUrl]] = Field( None, description="URLs to the meeting subtitle tracks" ) + s3_path: Optional[str] = Field( + default=None, description="S3 path to the meeting video" + ) def __str__(self) -> str: """String representation of the meeting""" diff --git a/src/run_diarization.py b/src/run_diarization.py index cabf281..2612ac8 100644 --- a/src/run_diarization.py +++ b/src/run_diarization.py @@ -4,7 +4,7 @@ from pathlib import Path from src.aws import save_content_to_s3 -from src.models.meeting import GranicusPlayerPage +from src.models.meeting import GranicusPlayerPage, Meeting from src.granicus import get_video_player from src.videos import download_file, transcribe_video_with_diarization @@ -38,7 +38,7 @@ def download_video(file_name: str, video_url: str): return video_file -def run_diarization(video_file: Path): +def run_diarization(video_file: Path, meeting: Meeting): transcription_dir = Path("data/transcripts") transcription = asyncio.run( @@ -51,6 +51,9 @@ def run_diarization(video_file: Path): f"{FOLDER_NAME}/{video_file.name}.json", "application/json", ) + meeting.transcripts = [f"{FOLDER_NAME}/{video_file.name}.json"] + meeting.save() + print(transcription) diff --git a/src/videos.py b/src/videos.py index 56b9c7f..0186beb 100644 --- a/src/videos.py +++ b/src/videos.py @@ -79,8 +79,6 @@ def download_file(url: str, output_path: Path): ) print(f"Download complete: {url}") - # Add to S3 - upload_to_s3(output_path, BUCKET_NAME, f"{FOLDER_NAME}/{output_path.name}") return output_path diff --git a/tasks/diarize.py b/tasks/diarize.py index 43250f8..6236d13 100644 --- a/tasks/diarize.py +++ b/tasks/diarize.py @@ -1,14 +1,35 @@ +import os +from src.aws import get_video_from_s3, upload_to_s3 from src.run_diarization import download_video, run_diarization from prefect import task from src.models.meeting import Meeting +BUCKET_NAME = os.getenv("S3_BUCKET") +FOLDER_NAME = "videos" + + +# @task +def download_video_and_put_in_s3(meeting: Meeting): + video_file = download_video(f"{meeting.meeting}_{meeting.date}", str(meeting.video)) + if video_file: + print(f"Uploading video to S3: {video_file}") + s3_path = f"{FOLDER_NAME}/{video_file.name}" + upload_to_s3(video_file, BUCKET_NAME, f"{FOLDER_NAME}/{video_file.name}") + print(f"Uploaded video to S3: {s3_path}") + print("Saving meeting.") + meeting.s3_path = s3_path + meeting.save() + else: + print("Video file not found") + + @task def diarize_meeting(meeting: Meeting): - video_file = download_video(f"{meeting.meeting}_{meeting.date}", str(meeting.video)) + video_file = get_video_from_s3(BUCKET_NAME, meeting.s3_path) if video_file: - run_diarization(video_file) + run_diarization(video_file, meeting) else: print("Video file not found") # TODO: Update meeting with transcript location diff --git a/tasks/meetings.py b/tasks/meetings.py index 161d40d..7bdfbb2 100644 --- a/tasks/meetings.py +++ b/tasks/meetings.py @@ -10,7 +10,7 @@ from src.models.meeting import Meeting -@task +# @task def register_meetings() -> List[Meeting]: # TODO: accept max_limit parameter tgov_meetings = asyncio.run(get_tgov_meetings()) From 3f511e9fe75497608de724a850a4852971dbbd41 Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 21:00:48 -0500 Subject: [PATCH 02/13] fix action --- .github/workflows/python-app.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index c69e587..327d946 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -2,7 +2,7 @@ name: Build/run tgov on: push: - branches: [ "main", "deploy-lambda", "test-flows" ] + branches: [ "main", "diarize-flow" ] pull_request: branches: [ "main" ] From bc185e68457a957ef6d3756f11deb41353370b43 Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 22:14:06 -0500 Subject: [PATCH 03/13] try ue1 --- .github/workflows/python-app.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 327d946..0e14c6b 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -42,7 +42,7 @@ jobs: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }} - aws-region: us-east-2 + aws-region: us-east-1 - name: Run Diarization run: | From d95563dd19edc6570574c426cdd2194d6ee43580 Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 22:24:06 -0500 Subject: [PATCH 04/13] faster to aws --- .github/workflows/python-app.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 0e14c6b..edb77a9 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -23,19 +23,19 @@ jobs: uses: actions/setup-python@v3 with: python-version: "3.11" - - name: Install dependencies - run: | - set -ex - sudo apt-get update - sudo apt-get install --no-install-suggests --no-install-recommends --yes python3-venv gcc libpython3-dev ffmpeg - sudo apt-get clean - sudo rm -rf /var/lib/apt/lists/* - python3 -m venv "${POETRY_VENV}" - $POETRY_VENV/bin/pip install -U pip setuptools - $POETRY_VENV/bin/pip install "poetry==${POETRY_VERSION}" - /opt/poetry-venv/bin/poetry config virtualenvs.create false - /opt/poetry-venv/bin/poetry install - /opt/poetry-venv/bin/poetry env info + # - name: Install dependencies + # run: | + # set -ex + # sudo apt-get update + # sudo apt-get install --no-install-suggests --no-install-recommends --yes python3-venv gcc libpython3-dev ffmpeg + # sudo apt-get clean + # sudo rm -rf /var/lib/apt/lists/* + # python3 -m venv "${POETRY_VENV}" + # $POETRY_VENV/bin/pip install -U pip setuptools + # $POETRY_VENV/bin/pip install "poetry==${POETRY_VERSION}" + # /opt/poetry-venv/bin/poetry config virtualenvs.create false + # /opt/poetry-venv/bin/poetry install + # /opt/poetry-venv/bin/poetry env info - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: From 21c6e4461d00c17c4fe22a012da94171a94b65bb Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 22:26:26 -0500 Subject: [PATCH 05/13] put it back --- .github/workflows/python-app.yml | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index edb77a9..b912a49 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -23,19 +23,21 @@ jobs: uses: actions/setup-python@v3 with: python-version: "3.11" - # - name: Install dependencies - # run: | - # set -ex - # sudo apt-get update - # sudo apt-get install --no-install-suggests --no-install-recommends --yes python3-venv gcc libpython3-dev ffmpeg - # sudo apt-get clean - # sudo rm -rf /var/lib/apt/lists/* - # python3 -m venv "${POETRY_VENV}" - # $POETRY_VENV/bin/pip install -U pip setuptools - # $POETRY_VENV/bin/pip install "poetry==${POETRY_VERSION}" - # /opt/poetry-venv/bin/poetry config virtualenvs.create false - # /opt/poetry-venv/bin/poetry install - # /opt/poetry-venv/bin/poetry env info + + - name: Install dependencies + run: | + set -ex + sudo apt-get update + sudo apt-get install --no-install-suggests --no-install-recommends --yes python3-venv gcc libpython3-dev ffmpeg + sudo apt-get clean + sudo rm -rf /var/lib/apt/lists/* + python3 -m venv "${POETRY_VENV}" + $POETRY_VENV/bin/pip install -U pip setuptools + $POETRY_VENV/bin/pip install "poetry==${POETRY_VERSION}" + /opt/poetry-venv/bin/poetry config virtualenvs.create false + /opt/poetry-venv/bin/poetry install + /opt/poetry-venv/bin/poetry env info + - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: From 07724a18a15d521729a81940d0c4a2d04492c491 Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 22:30:43 -0500 Subject: [PATCH 06/13] ue2 --- .github/workflows/python-app.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index b912a49..4efce82 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -44,7 +44,7 @@ jobs: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }} - aws-region: us-east-1 + aws-region: us-east-2 - name: Run Diarization run: | From 43d24a9429fb9014b9efc86106fdc67aa420ec0d Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 22:54:37 -0500 Subject: [PATCH 07/13] fix bucket name --- .github/workflows/python-app.yml | 2 ++ flows/transcribe_meetings.py | 7 ++++++- tasks/diarize.py | 7 +++++++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 4efce82..70dc895 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -16,6 +16,8 @@ jobs: env: POETRY_VERSION: "1.3.2" POETRY_VENV: "/opt/poetry-venv" + S3_BUCKET: ${{ secrets.S3_BUCKET }} + AWS_DEFAULT_REGION: us-east-2 steps: - uses: actions/checkout@v4 diff --git a/flows/transcribe_meetings.py b/flows/transcribe_meetings.py index b980684..6ac9536 100644 --- a/flows/transcribe_meetings.py +++ b/flows/transcribe_meetings.py @@ -1,14 +1,19 @@ from prefect import flow +import os from db.queries import get_meetings -from tasks.diarize import diarize_meeting +from tasks.diarize import diarize_meeting, BUCKET_NAME @flow(log_prints=True) def transcribe_meetings(): + print(f"S3_BUCKET environment variable: {os.getenv('S3_BUCKET')}") + print(f"BUCKET_NAME from tasks.diarize: {BUCKET_NAME}") + meetings_to_diarize = get_meetings(video=True, s3_path=True) print(f"Found {len(meetings_to_diarize)} meetings to diarize") for meeting in meetings_to_diarize: + print(f"Processing meeting: {meeting.meeting} with s3_path: {meeting.s3_path}") diarize_meeting(meeting) diff --git a/tasks/diarize.py b/tasks/diarize.py index 6236d13..5396b38 100644 --- a/tasks/diarize.py +++ b/tasks/diarize.py @@ -27,6 +27,13 @@ def download_video_and_put_in_s3(meeting: Meeting): @task def diarize_meeting(meeting: Meeting): + if BUCKET_NAME is None: + raise ValueError("S3_BUCKET environment variable is not set") + + if meeting.s3_path is None: + print(f"Meeting {meeting.meeting} has no s3_path, skipping") + return + video_file = get_video_from_s3(BUCKET_NAME, meeting.s3_path) if video_file: run_diarization(video_file, meeting) From f52f57ab77d03dc343ed6d06c234fbc09d56487a Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Mon, 23 Jun 2025 23:33:45 -0500 Subject: [PATCH 08/13] json dumps dict --- src/models/meeting.py | 2 +- src/run_diarization.py | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/models/meeting.py b/src/models/meeting.py index 569be03..fa6cf2d 100644 --- a/src/models/meeting.py +++ b/src/models/meeting.py @@ -26,7 +26,7 @@ class Meeting(Dyntastic): duration: str = Field(description="Duration of the meeting") agenda: Optional[HttpUrl] = Field(None, description="URL to the meeting agenda") video: Optional[HttpUrl] = Field(None, description="URL to the meeting video") - transcripts: Optional[List[HttpUrl]] = Field( + transcripts: Optional[List[str]] = Field( None, description="URLs to the meeting transcripts" ) subtitles: Optional[List[HttpUrl]] = Field( diff --git a/src/run_diarization.py b/src/run_diarization.py index 2612ac8..13b10e0 100644 --- a/src/run_diarization.py +++ b/src/run_diarization.py @@ -1,5 +1,6 @@ import asyncio import os +import json from pathlib import Path @@ -45,8 +46,10 @@ def run_diarization(video_file: Path, meeting: Meeting): transcribe_video_with_diarization(video_file, transcription_dir) ) # Add transcript to S3 + # Convert dictionary to JSON string before saving + transcription_json = json.dumps(transcription, indent=2, ensure_ascii=False) save_content_to_s3( - transcription, + transcription_json, BUCKET_NAME, f"{FOLDER_NAME}/{video_file.name}.json", "application/json", From 43c4000dd1fc768406aa9d6e07a40691f84abb2e Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Tue, 24 Jun 2025 16:02:07 -0500 Subject: [PATCH 09/13] update to IAM role --- .github/workflows/python-app.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 70dc895..15e2377 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -43,9 +43,7 @@ jobs: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }} + role-to-assume: arn:aws:iam::480103772849:role/GitHubCFTRole aws-region: us-east-2 - name: Run Diarization From a80f8cae1904f7a3af4b830a537a31b98e26dd2c Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Tue, 24 Jun 2025 16:14:12 -0500 Subject: [PATCH 10/13] update to IAM role --- .github/workflows/python-app.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 15e2377..d67e0b9 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -43,7 +43,7 @@ jobs: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: - role-to-assume: arn:aws:iam::480103772849:role/GitHubCFTRole + role-to-assume: arn:aws:iam::480103772849:role/GithubCFTRole aws-region: us-east-2 - name: Run Diarization From f52a31b0b854f956efa6648db5865839813e702e Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Tue, 24 Jun 2025 16:16:51 -0500 Subject: [PATCH 11/13] update action --- .github/workflows/python-app.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index d67e0b9..79e7126 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -7,7 +7,8 @@ on: branches: [ "main" ] permissions: - contents: read + contents: read + id-token: write # This is required for requesting the JWT jobs: build: @@ -18,7 +19,6 @@ jobs: POETRY_VENV: "/opt/poetry-venv" S3_BUCKET: ${{ secrets.S3_BUCKET }} AWS_DEFAULT_REGION: us-east-2 - steps: - uses: actions/checkout@v4 - name: Set up Python 3.11 @@ -41,7 +41,7 @@ jobs: /opt/poetry-venv/bin/poetry env info - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 with: role-to-assume: arn:aws:iam::480103772849:role/GithubCFTRole aws-region: us-east-2 From 262a3c8eedc7e5c11fd17853d67a194280db7238 Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Tue, 24 Jun 2025 16:28:50 -0500 Subject: [PATCH 12/13] update aud --- .github/workflows/python-app.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 79e7126..6705153 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -7,8 +7,8 @@ on: branches: [ "main" ] permissions: + id-token: write contents: read - id-token: write # This is required for requesting the JWT jobs: build: @@ -45,6 +45,7 @@ jobs: with: role-to-assume: arn:aws:iam::480103772849:role/GithubCFTRole aws-region: us-east-2 + aud: http://sts.amazonaws.com/ - name: Run Diarization run: | From f7e86afe86de89d690daba23056b0a960655c587 Mon Sep 17 00:00:00 2001 From: Kendall Werts Date: Wed, 25 Jun 2025 15:59:37 -0500 Subject: [PATCH 13/13] try audience --- .github/workflows/python-app.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 6705153..3d19e52 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -45,7 +45,7 @@ jobs: with: role-to-assume: arn:aws:iam::480103772849:role/GithubCFTRole aws-region: us-east-2 - aud: http://sts.amazonaws.com/ + audience: sts.amazonaws.com - name: Run Diarization run: |