|
11 | 11 | PYTHON_VERSION: "3.7"
|
12 | 12 | MCUBOOT_PATH: ${{ github.workspace }}/mcuboot
|
13 | 13 | IMGTOOL_PACKING_PATH: ${{ github.workspace }}/imgtool-packing
|
| 14 | + AWS_REGION: "us-east-1" |
14 | 15 |
|
15 | 16 | on:
|
16 | 17 | push:
|
@@ -265,7 +266,11 @@ jobs:
|
265 | 266 |
|
266 | 267 | create-release:
|
267 | 268 | runs-on: ubuntu-latest
|
| 269 | + environment: production |
268 | 270 | needs: [build, build-crosscompile, notarize-macos]
|
| 271 | + permissions: |
| 272 | + contents: write |
| 273 | + id-token: write # This is required for requesting the JWT |
269 | 274 |
|
270 | 275 | steps:
|
271 | 276 | - name: Checkout repository # we need package_index.template
|
@@ -323,12 +328,12 @@ jobs:
|
323 | 328 | # (all the files we need are in the DIST_DIR root)
|
324 | 329 | artifacts: ${{ env.DIST_DIR }}/*
|
325 | 330 |
|
| 331 | + - name: configure aws credentials |
| 332 | + uses: aws-actions/configure-aws-credentials@v4 |
| 333 | + with: |
| 334 | + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} |
| 335 | + role-session-name: "github_${{ env.PROJECT_NAME }}" |
| 336 | + aws-region: ${{ env.AWS_REGION }} |
| 337 | + |
326 | 338 | - name: Upload release files on Arduino downloads servers
|
327 |
| - uses: docker://plugins/s3 |
328 |
| - env: |
329 |
| - PLUGIN_SOURCE: "${{ env.DIST_DIR }}/*" |
330 |
| - PLUGIN_TARGET: ${{ env.AWS_PLUGIN_TARGET }} |
331 |
| - PLUGIN_STRIP_PREFIX: "${{ env.DIST_DIR }}/" |
332 |
| - PLUGIN_BUCKET: ${{ secrets.DOWNLOADS_BUCKET }} |
333 |
| - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} |
334 |
| - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| 339 | + run: aws s3 sync ${{ env.DIST_DIR }} s3://${{ secrets.DOWNLOADS_BUCKET }}${{ env.AWS_PLUGIN_TARGET }} |
0 commit comments