Skip to content
aws-deploy

specify HeadObject action in bucket policy #95

Sign in to view logs

specify HeadObject action in bucket policy

specify HeadObject action in bucket policy #95

Workflow file for this run

.github/workflows/deploy.yaml at 4ef0634
name: aws-deploy
on:
push:
branches: [ '*' ]
tags: [ 'v[0-9]+\.[0-9]+\.[0-9]+' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.9
- uses: pre-commit/action@v3.0.0
jinja-lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install jinja libraries
run: |
python -m pip install --upgrade jinja2==3.0.1
- name: Install jinja linter tool
run: git clone --single-branch https://github.com/drm/jinja2-lint.git /tmp/jinja2-lint && pushd /tmp/jinja2-lint && git checkout 75dcd5a
- name: Execute jinja linter
run: find . -type f -name "*.j2" -exec /tmp/jinja2-lint/j2lint.py '{}' +
deploy:
name: Upload to Amazon S3
runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') }}
needs: [ "pre-commit", "jinja-lint" ]
permissions:
id-token: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Assume AWS Role
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: us-east-1
role-to-assume: arn:aws:iam::745159704268:role/sagebase-github-oidc-cfn-template-deploy
role-session-name: GitHubActions-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }}
role-duration-seconds: 900
- name: Copy files with the AWS CLI
run: |
aws s3 cp templates s3://bootstrap-awss3cloudformationbucket-19qromfd235z9/${{ github.event.repository.name }}/${{ github.ref_name }}/ --recursive