11---
22name : publish-casper-node-launcher
3+ permissions :
4+ contents : read
5+ id-token : write
36
47on :
58 push :
1821
1922 steps :
2023 - uses : actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
24+ with :
25+ key : ${{ matrix.code_name }}
26+
27+ - name : Configure AWS credentials
28+ uses : aws-actions/configure-aws-credentials@v4
29+ with :
30+ role-to-assume : ${{ secrets.AWS_ACCESS_ROLE_REPO }}
31+ role-session-name : GitHub_to_AWS_via_FederatedOIDC
32+ aws-region : ${{ secrets.AWS_ACCESS_REGION_REPO }}
2133
2234 - name : Install deps
2335 run : |
@@ -44,23 +56,16 @@ jobs:
4456
4557 - name : Upload binaries to repo
4658 env :
47- AWS_SECRET_ACCESS_KEY : ${{ secrets.APTLY_SECRET_KEY }}
48- AWS_ACCESS_KEY_ID : ${{ secrets.APTLY_ACCESS_KEY }}
49- PLUGIN_REPO_NAME : ${{ secrets.APTLY_REPO }}
50- PLUGIN_REGION : ${{ secrets.APTLY_REGION }}
59+ PLUGIN_REPO_NAME : ${{ secrets.AWS_BUCKET_REPO }}
60+ PLUGIN_REGION : ${{ secrets.AWS_ACCESS_REGION_REPO }}
5161 PLUGIN_GPG_KEY : ${{ secrets.APTLY_GPG_KEY }}
5262 PLUGIN_GPG_PASS : ${{ secrets.APTLY_GPG_PASS }}
53- PLUGIN_ACL : ' public-read '
63+ PLUGIN_ACL : ' private '
5464 PLUGIN_PREFIX : ' releases'
5565 PLUGIN_DEB_PATH : ' ./target/debian'
5666 PLUGIN_OS_CODENAME : ${{ matrix.code_name }}
5767 run : ./ci/publish_deb_to_repo.sh
5868
59- - name : Invalidate cloudfront
60- uses : chetan/invalidate-cloudfront-action@c384d5f09592318a77b1e5c0c8d4772317e48b25 # v2.4
61- env :
62- DISTRIBUTION : ${{ secrets.APTLY_DIST_ID }}
63- PATHS : " /*"
64- AWS_REGION : ${{ secrets.APTLY_REGION }}
65- AWS_ACCESS_KEY_ID : ${{ secrets.APTLY_ACCESS_KEY }}
66- AWS_SECRET_ACCESS_KEY : ${{ secrets.APTLY_SECRET_KEY }}
69+ - name : Invalidate CloudFront cache
70+ run : |
71+ aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_REPO }} --paths "/*"
0 commit comments