-
Notifications
You must be signed in to change notification settings - Fork 1
47 lines (42 loc) · 1.13 KB
/
push.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
name: Push
on:
pull_request:
jobs:
check_permission:
name: Check permissions
runs-on: ubuntu-latest
outputs:
can-write: ${{ steps.check.outputs.can-write }}
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
steps:
- id: check
run: |
# If the AWS_ACCESS_KEY_ID secret is MIA we can't run tests
if [[ -z "$AWS_ACCESS_KEY_ID" ]]; then
echo "can-write=false" >> $GITHUB_OUTPUT
else
echo "can-write=true" >> $GITHUB_OUTPUT
fi
tests:
name: Run tests
uses: ./.github/workflows/tests.yaml
secrets: inherit
upload:
name: Upload SAM assets
needs: [tests, check_permission]
if: needs.check_permission.outputs.can-write == 'true'
uses: ./.github/workflows/upload.yaml
permissions:
id-token: write
secrets: inherit
with:
s3_bucket_prefix: "observeinc-"
integration:
name: Run integration tests
needs: upload
uses: ./.github/workflows/integration.yaml
secrets: inherit
with:
s3_bucket_prefix: "observeinc-"
release_version: ${{ needs.upload.outputs.release_version }}