Skip to content

Commit

Permalink
Merge pull request #46 from rrigato/dev
Browse files Browse the repository at this point in the history 
correct permissions for pipeline
  • Loading branch information
@rrigato
rrigato authored Apr 21, 2024
2 parents b4303e7 + d05f846 commit 284ad2c
Showing 1 changed file with 12 additions and 8 deletions.
20 changes: 12 additions & 8 deletions .github/workflows/homepage_update.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ on:

jobs:
deploy-website-source-files:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
name: web source files to s3
defaults:
Expand All @@ -25,32 +28,33 @@ jobs:

- run: npm run build

- name: script-execution-permissions
run: chmod +x '../.github/scripts/homepage_source_files.sh'

- name: assume-github-actions-role
uses: aws-actions/configure-aws-credentials@v4
with:
audience: sts.amazonaws.com
aws-region: ${{vars.REGION_NAME}}
role-to-assume: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID}}:role/${{secrets.PIPELINE_ROLE_NAME}}

- name: script-execution-permissions
run: chmod +x '../.github/scripts/homepage_source_files.sh'

- name: upload-webpack-artifacts
shell: bash
env:
AWS_ACCESS_KEY_ID: ${{secrets.PERSISTANT_STORAGE_ID}}
AWS_DEFAULT_REGION: ${{vars.REGION_NAME}}
AWS_SECRET_ACCESS_KEY: ${{secrets.PERSISTANT_STORAGE_KEY}}
run: '../.github/scripts/homepage_source_files.sh'



publish-commit-artifact:
needs: deploy-website-source-files
runs-on: ubuntu-latest
name: favicon to s3 bucket
env:
ORCHESTRATION_SCRIPT: './.github/scripts/orchestrate_artifacts.sh'
needs: deploy-website-source-files
name: favicon to s3 bucket
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest

steps:
- name: checkout-current-branch
Expand Down

0 comments on commit 284ad2c

Please sign in to comment.