From 3af859d03aac7034d97263133ab893ac16c2c416 Mon Sep 17 00:00:00 2001
From: Nikhil Manglore <nmanglor@amazon.com>
Date: Wed, 24 Sep 2025 21:01:03 +0000
Subject: [PATCH 1/2] Package and push binaries to S3 buckets

Signed-off-by: Nikhil Manglore <nmanglor@amazon.com>
---
 .github/workflows/ci.yml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 14998d2..e4b7e5c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -160,6 +160,40 @@ jobs:
           echo "linux_distro=$distro" >> "$GITHUB_OUTPUT"
           echo "version_major_minor=$major_minor" >> "$GITHUB_OUTPUT"
     
+      - name: Configure AWS credentials
+        if: env.IS_PULL != 'true'
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: us-west-2
+          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+
+      - name: Extract and package module .so files
+        run: |
+          CONTAINER_ID=$(docker create "${{ env.DOCKER_REPO_NAME }}")
+          mkdir -p modules-temp
+          docker cp "$CONTAINER_ID:/usr/lib/valkey/libjson.so" modules-temp/
+          docker cp "$CONTAINER_ID:/usr/lib/valkey/libvalkey_bloom.so" modules-temp/
+          docker cp "$CONTAINER_ID:/usr/lib/valkey/libsearch.so" modules-temp/
+          docker cp "$CONTAINER_ID:/usr/lib/valkey/libvalkey_ldap.so" modules-temp/
+          docker rm "$CONTAINER_ID"
+          
+          VERSION="${{ matrix.version.name }}"
+          ARCH=$(echo "${{ matrix.platform }}" | cut -d'/' -f2)
+          PACKAGE_NAME="valkey-bundle-modules-${VERSION}-linux-${ARCH}"
+          
+          mkdir -p "${PACKAGE_NAME}/lib"
+          cp -v modules-temp/*.so "${PACKAGE_NAME}/lib/"
+          
+          tar -czvf "${PACKAGE_NAME}.tar.gz" "${PACKAGE_NAME}"
+          sha256sum "${PACKAGE_NAME}.tar.gz" > "${PACKAGE_NAME}.tar.gz.sha256"
+          
+          mkdir -p packages-files
+          cp -v "${PACKAGE_NAME}.tar.gz"* packages-files/
+
+      - name: Upload modules to S3
+        if: env.IS_PULL != 'true'
+        run: aws s3 sync packages-files s3://${{ secrets.AWS_S3_BUCKET }}/valkey-bundle/releases/
+
       - name: Upload digest for version-distro combination
         uses: actions/upload-artifact@v4
         with:

From 34ab23bfb19a39b60318812fe4d7ec8a0625ada3 Mon Sep 17 00:00:00 2001
From: Nikhil Manglore <nmanglor@amazon.com>
Date: Thu, 25 Sep 2025 08:04:37 +0000
Subject: [PATCH 2/2] Add OIDC Credentials

Signed-off-by: Nikhil Manglore <nmanglor@amazon.com>
---
 .github/workflows/ci.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e4b7e5c..715df49 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -12,6 +12,10 @@ on:
 env:
   IS_PULL: ${{ github.event_name == 'pull_request' }}
 
+permissions:
+  id-token: write
+  contents: read
+
 defaults:
   run:
     shell: 'bash -Eeuo pipefail -x {0}'