ENG-7519: Fix broken workflow (#232)

* Update README

* Update release workflow

.github/workflows/release.yml

@@ -15,10 +15,23 @@ jobs:
       - uses: actions/setup-go@v2
         with:
             go-version: '1.13'
+
+      - uses: actions/setup-python@v2
+        with:
+          python-version: '3.6'
+
+      - name: Run Poetry Image
+        uses: abatilo/[email protected]
+        with:
+          poetry-version: '1.0'
+
+      - name: Publish Python SDK
+        working-directory: ./sdk/python
+        run: poetry publish -u ${{ secrets.PYPI_USERNAME }} -p ${{ secrets.PYPI_PASSWORD }} --build
 
-      - name : Get release version
+      - name : Get Release Version
         id: get_version
-        run: echo ::set-env name=RELEASE_VERSION::$(echo ${GITHUB_REF:10})
+        run: echo "RELEASE_VERSION=$(echo ${GITHUB_REF:10})" >> $GITHUB_ENV
 
       - name: Release Authenticator Binaries
         uses: goreleaser/goreleaser-action@v1
@@ -28,16 +41,7 @@ jobs:
           args: release --rm-dist
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Publish Python SDK
-        uses: abatilo/[email protected]
-        with:
-            python_version: 3.7.8
-            poetry_version: 1.0
-            working_directory: ./sdk/python/
-            args: publish --build
-        env:
-          POETRY_HTTP_BASIC_PYPI_USERNAME: ${{ secrets.PYPI_USERNAME }}
-          POETRY_HTTP_BASIC_PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
+
       - name: Publish Authenticator Docker Image
         uses: elgohr/Publish-Docker-Github-Action@master
         with:

README.md

@@ -13,7 +13,7 @@ Its aim is to prevent data breaches, and to help you detect them promptly if the
 
 ----
 
-**Please note**: We take Approzium's security and our users' trust very seriously. If you believe you have found a security issue in Approzium, _please responsibly disclose_ by contacting us at [[email protected]](mailto:[email protected]).
+**Please note**: We take Approzium's security and our user's trust very seriously. If you believe you have found a security issue in Approzium, _please responsibly disclose_ by contacting us at [[email protected]](mailto:[email protected]).
 
 See the [SECURITY](.github/SECURITY.md) guide for more details.
 
@@ -68,13 +68,19 @@ To run the tests, first you will need to:
     "Version": "2012-10-17",
     "Statement": [
         {
-            "Action": "secretsmanager:*",
             "Effect": "Allow",
-            "Resource": "*"
+            "Action": [
+                "secretsmanager:CreateSecret",
+                "secretsmanager:GetSecretValue",
+                "secretsmanager:UpdateSecret",
+                "secretsmanager:DeleteSecret",
+                "secretsmanager:PutSecretValue"
+            ],
+            "Resource": "arn:aws:secretsmanager:us-east-2:<some-account-id>:secret:approzium/*"
         },
         {
-            "Action": "sts:AssumeRole",
             "Effect": "Allow",
+            "Action": "sts:AssumeRole",
             "Resource": "arn:aws:iam::<some-account-id>:role/ApproziumTestAssumableRole"
         }
     ]

sdk/python/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "poetry.masonry.api"
 
 [tool.poetry]
 name = "approzium"
-version = "0.2.0"
+version = "0.2.3"
 description = "Approzium SDK provides Approzium database authentiation for Python"
 authors = ["Cyral <[email protected]>"]
 homepage = "https://github.com/cyralinc/approzium"