AJR/TechradarDev
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated action to upload to new S3-Bucket authenticating against AWS via OIDC

Browse Source
This commit is contained in:
Fabrizio Branca
2024-03-01 14:48:03 +01:00
parent 1a89da8f11
commit 42bf84f91f
1 changed files with 63 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
.github/workflows/main.yml vendored
View File

@@ -7,6 +7,7 @@ on:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
@@ -22,50 +23,75 @@ jobs:
with:
name: build
path: build
deploy:
runs-on: ubuntu-20.04
if: github.ref == 'refs/heads/main'
deploy-test:
runs-on: ubuntu-latest
needs: build
environment:
name: techradar
url: https://www.aoe.com/techradar/index.html
url: http://techradar-test-aoe.s3-website.eu-central-1.amazonaws.com/techradar/index.html
permissions:
id-token: write
contents: read
steps:
- name: Download Artifact
uses: actions/download-artifact@v3
with:
name: build
path: build
- uses: jakejarvis/s3-sync-action@master
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
args: --acl public-read
env:
AWS_S3_BUCKET: "techradar.aoe.com"
AWS_ACCESS_KEY_ID: ${{ secrets.ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.ACCESS_SECRET }}
AWS_REGION: "eu-central-1"
SOURCE_DIR: "build"
DEST_DIR: "techradar"
deploy-dev:
runs-on: ubuntu-20.04
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
needs: build
environment:
name: techradar-next
url: http://techradar-next.aoe.com.s3.eu-central-1.amazonaws.com/techradar/index.html
steps:
- run: echo "WARNING! THIS DEPLOYS A STAGING ENV, RERUN THIS JOB TO GET YOUR CHANGES DEPLOYED TO STAGING"
- name: Download Artifact
uses: actions/download-artifact@v3
with:
name: build
path: build
- uses: jakejarvis/s3-sync-action@master
with:
args: --acl public-read
env:
AWS_S3_BUCKET: "techradar-next.aoe.com"
AWS_ACCESS_KEY_ID: ${{ secrets.ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.ACCESS_SECRET }}
AWS_REGION: "eu-central-1"
SOURCE_DIR: "build"
DEST_DIR: "techradar"
aws-region: eu-central-1
role-to-assume: arn:aws:iam::511165248623:role/github_techradar
role-session-name: GitHubActions
- run: 'aws s3 sync --delete s3://techradar-test-aoe/techradar/'
# deploy:
# runs-on: ubuntu-20.04
# if: github.ref == 'refs/heads/main'
# needs: build
# environment:
# name: techradar
# url: https://www.aoe.com/techradar/index.html
# steps:
# - name: Download Artifact
# uses: actions/download-artifact@v3
# with:
# name: build
# path: build
# - uses: jakejarvis/s3-sync-action@master
# with:
# args: --acl public-read
# env:
# AWS_S3_BUCKET: "techradar.aoe.com"
# AWS_ACCESS_KEY_ID: ${{ secrets.ACCESS_KEY }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.ACCESS_SECRET }}
# AWS_REGION: "eu-central-1"
# SOURCE_DIR: "build"
# DEST_DIR: "techradar"
#
# deploy-dev:
# runs-on: ubuntu-20.04
# if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
# needs: build
# environment:
# name: techradar-next
# url: http://techradar-next.aoe.com.s3.eu-central-1.amazonaws.com/techradar/index.html
# steps:
# - run: echo "WARNING! THIS DEPLOYS A STAGING ENV, RERUN THIS JOB TO GET YOUR CHANGES DEPLOYED TO STAGING"
# - name: Download Artifact
# uses: actions/download-artifact@v3
# with:
# name: build
# path: build
# - uses: jakejarvis/s3-sync-action@master
# with:
# args: --acl public-read
# env:
# AWS_S3_BUCKET: "techradar-next.aoe.com"
# AWS_ACCESS_KEY_ID: ${{ secrets.ACCESS_KEY }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.ACCESS_SECRET }}
# AWS_REGION: "eu-central-1"
# SOURCE_DIR: "build"
# DEST_DIR: "techradar"