GitHub repository metadata exporter #750

	name: GitHub repository metadata exporter
	on:
	workflow_dispatch:
	schedule:
	- cron: "20 7 * * *"

	permissions:
	id-token: write
	contents: read
	issues: read
	pull-requests: read
	security-events: read

	jobs:
	export-data:
	runs-on: ubuntu-latest
	steps:
	- name: Audit DNS requests
	uses: cds-snc/dns-proxy-action@2aee21aebfddefac5839497648a36a9f84342d8b
	env:
	DNS_PROXY_FORWARDTOSENTINEL: "true"
	DNS_PROXY_LOGANALYTICSWORKSPACEID: ${{ secrets.LOG_ANALYTICS_WORKSPACE_ID }}
	DNS_PROXY_LOGANALYTICSSHAREDKEY: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }}
	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- name: Configure AWS credentials using OIDC
	uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1
	with:
	role-to-assume: arn:aws:iam::739275439843:role/data-lake-github-data-export
	role-session-name: GithubDataExport
	aws-region: ca-central-1
	- name: Export Data
	uses: cds-snc/github-repository-metadata-exporter@9a1f3a278fbde200c2b90c3e409a61ebda208fdc
	with:
	github-app-id: ${{ secrets.SRE_BOT_RO_APP_ID }}
	github-app-installation-id: ${{ secrets.SRE_BOT_RO_INSTALLATION_ID }}
	github-app-private-key: ${{ secrets.SRE_BOT_RO_PRIVATE_KEY }}
	log-analytics-workspace-id: ${{ secrets.LOG_ANALYTICS_WORKSPACE_ID }}
	log-analytics-workspace-key: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }}
	s3-bucket: ${{ secrets.DATA_LAKE_GITHUB_METADATA_EXPORT_S3_BUCKET }}
	aws-region: ${{ secrets.DATA_LAKE_GITHUB_METADATA_EXPORT_AWS_REGION }}

Provide feedback