Commit 971bea8

authored

Merge pull request #991 from per1234/conditional-aws-upload

Skip publishing releases to AWS if credentials not configured

2 parents 4532c38 + dfc288d commit 971bea8Copy full SHA for 971bea8

File tree

2 files changed

+49

-7

lines changed

.github/workflows
- publish-go-nightly-task.yml
- release-go-task.yml

2 files changed

+49

-7

lines changed

`‎.github/workflows/publish-go-nightly-task.yml‎`

Lines changed: 42 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -219,36 +219,71 @@ jobs:`
`219`	`219`	`overwrite: true`
`220`	`220`	`path: ${{ env.DIST_DIR }}/${{ env.PACKAGE_FILENAME }}`
`221`	`221`
	`222`	`+ checksums:`
	`223`	`+ needs: notarize-macos`
	`224`	`+ runs-on: ubuntu-latest`
	`225`	`+ permissions:`
	`226`	`+ contents: read`
	`227`	`+`
	`228`	`+ steps:`
	`229`	`+ - name: Set environment variables`
	`230`	`+ run: \|`
	`231`	`+ # See: https://docs.github.com/actions/reference/workflows-and-actions/workflow-commands#setting-an-environment-variable`
	`232`	`+ TAG="nightly-$(date -u +"%Y%m%d")"`
	`233`	`+ echo "CHECKSUM_FILE_PATH=${{ runner.temp }}/${TAG}-checksums.txt" >>"$GITHUB_ENV"`
	`234`	`+ echo "TAG=$TAG" >>"$GITHUB_ENV"`
	`235`	`+`
	`236`	`+ - name: Download artifacts`
	`237`	`+ uses: actions/download-artifact@v6`
	`238`	`+ with:`
	`239`	`+ merge-multiple: true`
	`240`	`+ path: ${{ env.DIST_DIR }}`
	`241`	`+ pattern: ${{ env.ARTIFACT_PREFIX }}*`
	`242`	`+`
	`243`	`+ - name: Create checksum file`
	`244`	`+ working-directory: ${{ env.DIST_DIR }}`
	`245`	`+ run: \|`
	`246`	`+ sha256sum ${{ env.PROJECT_NAME }}_${{ env.TAG }}* >"${{ env.CHECKSUM_FILE_PATH }}"`
	`247`	`+`
	`248`	`+ - name: Upload checksum artifact`
	`249`	`+ uses: actions/upload-artifact@v5`
	`250`	`+ with:`
	`251`	`+ if-no-files-found: error`
	`252`	`+ name: ${{ env.ARTIFACT_PREFIX }}checksums`
	`253`	`+ path: ${{ env.CHECKSUM_FILE_PATH }}`
	`254`	`+`
`222`	`255`	`publish-nightly:`
`223`	`256`	`runs-on: ubuntu-latest`
`224`	`257`	`environment: production`
`225`		`- needs: notarize-macos`
	`258`	`+ needs: checksums`
`226`	`259`	`permissions:`
`227`	`260`	`contents: write`
`228`	`261`	`id-token: write # This is required for requesting the JWT`
`229`	`262`
`230`	`263`	`steps:`
	`264`	`+ - name: Determine whether publishing to AWS is possible`
	`265`	`+ id: aws-determination`
	`266`	`+ run: \|`
	`267`	`+ echo "publish=${{ secrets.AWS_ROLE_TO_ASSUME != '' }}" >>$GITHUB_OUTPUT`
	`268`	`+`
`231`	`269`	`- name: Download artifact`
	`270`	`+ if: steps.aws-determination.outputs.publish == 'true'`
`232`	`271`	`uses: actions/download-artifact@v6`
`233`	`272`	`with:`
`234`	`273`	`pattern: ${{ env.ARTIFACT_PREFIX }}*`
`235`	`274`	`merge-multiple: true`
`236`	`275`	`path: ${{ env.DIST_DIR }}`
`237`	`276`
`238`		`- - name: Create checksum file`
`239`		`- working-directory: ${{ env.DIST_DIR }}`
`240`		`- run: \|`
`241`		`- TAG="nightly-$(date -u +"%Y%m%d")"`
`242`		`- sha256sum ${{ env.PROJECT_NAME }}_${TAG}* >${TAG}-checksums.txt`
`243`		`-`
`244`	`277`	`- name: configure aws credentials`
	`278`	`+ if: steps.aws-determination.outputs.publish == 'true'`
`245`	`279`	`uses: aws-actions/configure-aws-credentials@v5`
`246`	`280`	`with:`
`247`	`281`	`role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}`
`248`	`282`	`role-session-name: "github_${{ env.PROJECT_NAME }}"`
`249`	`283`	`aws-region: ${{ env.AWS_REGION }}`
`250`	`284`
`251`	`285`	`- name: Upload release files on Arduino downloads servers`
	`286`	`+ if: steps.aws-determination.outputs.publish == 'true'`
`252`	`287`	`run: \|`
`253`	`288`	`aws s3 sync \`
`254`	`289`	`${{ env.DIST_DIR }} \`

`‎.github/workflows/release-go-task.yml‎`

Lines changed: 7 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -221,6 +221,11 @@ jobs:`
`221`	`221`	`id-token: write # This is required for requesting the JWT`
`222`	`222`
`223`	`223`	`steps:`
	`224`	`+ - name: Determine whether publishing to AWS is possible`
	`225`	`+ id: aws-determination`
	`226`	`+ run: \|`
	`227`	`+ echo "publish=${{ secrets.AWS_ROLE_TO_ASSUME != '' }}" >>$GITHUB_OUTPUT`
	`228`	`+`
`224`	`229`	`- name: Download artifact`
`225`	`230`	`uses: actions/download-artifact@v6`
`226`	`231`	`with:`
`@@ -275,13 +280,15 @@ jobs:`
`275`	`280`	`artifacts: ${{ env.DIST_DIR }}/*`
`276`	`281`
`277`	`282`	`- name: configure aws credentials`
	`283`	`+ if: steps.aws-determination.outputs.publish == 'true'`
`278`	`284`	`uses: aws-actions/configure-aws-credentials@v5`
`279`	`285`	`with:`
`280`	`286`	`role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}`
`281`	`287`	`role-session-name: "github_${{ env.PROJECT_NAME }}"`
`282`	`288`	`aws-region: ${{ env.AWS_REGION }}`
`283`	`289`
`284`	`290`	`- name: Upload release files on Arduino downloads servers`
	`291`	`+ if: steps.aws-determination.outputs.publish == 'true'`
`285`	`292`	`run: \|`
`286`	`293`	`aws s3 sync \`
`287`	`294`	`${{ env.DIST_DIR }} \`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit 971bea8

File tree

2 files changed

2 files changed

`‎.github/workflows/publish-go-nightly-task.yml‎`

`‎.github/workflows/release-go-task.yml‎`

0 commit comments