Skip to content

Commit

Permalink
chore(workflows): DEVOPS-2557: update github workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@verdel
verdel committed Sep 9, 2022
1 parent 2346c13 commit ebed12e
Showing 1 changed file with 19 additions and 2 deletions.
21 changes: 19 additions & 2 deletions .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ jobs:
deploy:
name: Build
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
environment:
name: production
url: https://images.csssr.com
Expand Down Expand Up @@ -35,12 +38,26 @@ jobs:
HOST: http://master.csssr-images.csssr.cloud
IMGPROXY_HOST: https://images.csssr.com

- name: Import secrets
id: secrets
uses: hashicorp/vault-action@v2.4.0
with:
url: https://vault.csssr.com:8200
jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}}
role: s3-cdn-upload
method: jwt
exportEnv: false
secrets: |
aws/sts/s3-cdn-upload access_key | AWS_ACCESS_KEY_ID ;
aws/sts/s3-cdn-upload secret_key | AWS_SECRET_ACCESS_KEY ;
aws/sts/s3-cdn-upload security_token | AWS_SESSION_TOKEN ;
- name: Deploy
uses: ./actions/deploy-static-site/v1beta1
with:
auth: ${{ secrets.CDN_UPLOAD_SECRET }}
auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}'
token: ${{ secrets.GITHUB_TOKEN }}
site-type: mpa
project-id: csssr-images
files: ./csssr_images/example
no-previous-files: "true"
no-previous-files: 'true'

0 comments on commit ebed12e

Please sign in to comment.