Check code freshness #14

	name: Check code freshness

	on:
	workflow_dispatch:
	schedule:
	- cron: "0 5 * * 1"

	jobs:
	check:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: read
	steps:
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	aws-region: us-east-2
	role-to-assume: arn:aws:iam::561178107736:role/DevOps-GitHubOidcFederatedRole
	role-session-name: GitHubActions-CheckCodeFreshness
	- name: Find stale parameters
	run: \|
	threshold=$(date --date="90 days ago" +%FT%H:%M:%SZ)

	json=$(aws ssm describe-parameters --region us-east-1 --parameter-filters Key=Name,Option=Contains,Values=pkg)
	echo "$json"

	if [ ! -z "$json" ]; then
	list=$(echo $json \| jq --raw-output -c --arg d "$threshold" '.Parameters[] \| select( .Name \| contains("/prx/prod/Spire/")) \| select(.LastModifiedDate < $d) \| .Name')
	echo $list

	# aws ses send-email \
	# --region us-east-1 \
	# --from "${{secrets.MAIL_FROM}}" \
	# --to "[email protected]" \
	# --subject "Code Freshness Report" \
	# --text "$list"

	next_token=$(echo $json \| jq -r ".NextToken")
	if [ -z "$next_token" ]; then
	echo "! Some parameters were not included in the list"
	fi
	fi

Provide feedback