fix: always set AWS region for AWS-related actions

Author: jfroche

.github/actions/build-ami/action.yml

@@ -54,6 +54,7 @@ runs:
         POSTGRES_MAJOR_VERSION: ${{ inputs.postgres_version }}
         AWS_MAX_ATTEMPTS: 10
         AWS_RETRY_MODE: adaptive
+        AWS_REGION: ${{ inputs.region }}
       run: |
         nix run .#build-ami -- stage1 \
           -var "git-head-version=${{ inputs.git_sha }}" \
@@ -73,6 +74,7 @@ runs:
         PACKER_EXECUTION_ID: ${{ env.EXECUTION_ID }}
         AWS_MAX_ATTEMPTS: 10
         AWS_RETRY_MODE: adaptive
+        AWS_REGION: ${{ inputs.region }}
       run: |
         nix run .#build-ami -- stage2 \
           -var "git-head-version=${{ inputs.git_sha }}" \

.github/actions/nix-install-ephemeral/action.yml

@@ -5,6 +5,10 @@ inputs:
     description: 'Whether to push build outputs to the Nix binary cache'
     required: false
     default: 'false'
+  aws-region:
+    description: 'AWS region for the Nix binary cache S3 bucket'
+    required: false
+    default: 'us-east-1'
 runs:
   using: 'composite'
   steps:
@@ -13,7 +17,7 @@ runs:
       if: ${{ inputs.push-to-cache == 'true' }}
       with:
         role-to-assume: ${{ env.DEV_AWS_ROLE }}
-        aws-region: "us-east-1"
+        aws-region: ${{ inputs.aws-region }}
         output-credentials: true
         role-duration-seconds: 7200
     - name: Setup AWS credentials for Nix

.github/workflows/testinfra-ami-build.yml

@@ -73,6 +73,7 @@ jobs:
         uses: ./.github/actions/nix-install-ephemeral
         with:
           push-to-cache: 'true'
+          aws-region: "ap-southeast-1"
         env:
           DEV_AWS_ROLE: ${{ secrets.DEV_AWS_ROLE }}
           NIX_SIGN_SECRET_KEY: ${{ secrets.NIX_SIGN_SECRET_KEY }}