Merge pull request #16232 from mozilla/pull-legal-docs #35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Upload files in assets/product-icons & assets/legal to stage and prod S3 buckets for CDN distribution | |
| # | |
| # Requirements: | |
| # 1. Github OIDC Provider in destination AWS account - https://github.com/aws-actions/configure-aws-credentials | |
| # 2. IAM Role with write access to destination bucket paths, scoped to the repository running the action | |
| name: "CDN Asset Upload" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'assets/**/' | |
| jobs: | |
| Upload-assets-to-CDN: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: "Checkout repository" | |
| uses: actions/checkout@v4 | |
| - name: "Configure Stage AWS credentials" | |
| uses: aws-actions/configure-aws-credentials@master | |
| with: | |
| aws-region: us-east-1 | |
| role-to-assume: arn:aws:iam::142069644989:role/fxa-content-cdn-stage-asset-upload | |
| role-session-name: CDNAssetUpload | |
| - name: "Asset upload to stage CDN S3 bucket" | |
| run: | | |
| aws s3 sync --cache-control 'public,max-age=86400' --exclude "*" --include "*.svg" --include "*.png" assets/product-icons s3://fxa-content-cdn-stage-distbucket-bpquvfnty86g/product-icons | |
| aws s3 sync --cache-control 'public,max-age=86400' --exclude "*" --include "*.svg" --include "*.png" assets/other s3://fxa-content-cdn-stage-distbucket-bpquvfnty86g/other | |
| aws s3 sync --cache-control 'public,max-age=86400' --exclude "*" --include "*.pdf" --content-disposition attachment assets/legal s3://fxa-content-cdn-stage-distbucket-bpquvfnty86g/legal | |
| - name: Configure Production AWS credentials | |
| uses: aws-actions/configure-aws-credentials@master | |
| with: | |
| aws-region: us-west-2 | |
| role-to-assume: arn:aws:iam::361527076523:role/fxa-content-cdn-prod-asset-upload | |
| role-session-name: CDNAssetUpload | |
| - name: "Asset upload to production CDN S3 bucket" | |
| run: | | |
| aws s3 sync --cache-control 'public,max-age=86400' --exclude "*" --include "*.svg" --include "*.png" assets/product-icons s3://fxa-content-cdn-prod-distbucket-gqg70i8xqycy/product-icons | |
| aws s3 sync --cache-control 'public,max-age=86400' --exclude "*" --include "*.svg" --include "*.png" assets/other s3://fxa-content-cdn-prod-distbucket-gqg70i8xqycy/other | |
| aws s3 sync --cache-control 'public,max-age=86400' --exclude "*" --include "*.pdf" --content-disposition attachment assets/legal s3://fxa-content-cdn-prod-distbucket-gqg70i8xqycy/legal | |
| - name: "Post to fxa-team Slack channel" | |
| uses: slackapi/[email protected] | |
| with: | |
| channel-id: 'CLV3KMZ8B' | |
| slack-message: "New assets have been uploaded to CDN: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |