Skip to content
This repository was archived by the owner on Aug 30, 2023. It is now read-only.

require user to acknowledge bucket security advise before proceeding #39

Merged
merged 1 commit into from
Sep 16, 2021
Merged

require user to acknowledge bucket security advise before proceeding #39

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/pr-workflow.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ jobs:
cd deployment
aws s3 mb s3://$DIST_OUTPUT_BUCKET-$REGION --region $REGION
aws s3 mb s3://$TEMPLATE_OUTPUT_BUCKET --region $REGION
./build-s3-dist.sh --template-bucket ${TEMPLATE_OUTPUT_BUCKET} --code-bucket ${DIST_OUTPUT_BUCKET} --version ${VERSION} --region ${REGION} | tee >( awk '/Without existing MIE deployment/{getline; print}' >template )
echo y | ./build-s3-dist.sh --template-bucket ${TEMPLATE_OUTPUT_BUCKET} --code-bucket ${DIST_OUTPUT_BUCKET} --version ${VERSION} --region ${REGION} | tee >( awk '/Without existing MIE deployment/{getline; print}' >template )

- name: Deploy stack
run: |
Expand Down
27 changes: 24 additions & 3 deletions deployment/build-s3-dist.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -367,9 +367,30 @@ if [ "$global_bucket" != "solutions-reference" ] && [ "$global_bucket" != "solut
fi
# Copy deployment assets to distribution buckets
cd "$build_dir"/ || exit 1
echo "Copying the prepared distribution to:"
echo "s3://$global_bucket/aws-content-analysis/$version/"
echo "s3://${regional_bucket}-${region}/aws-content-analysis/$version/"

echo "*******************************************************************************"
echo "*******************************************************************************"
echo "********** I M P O R T A N T **********"
echo "*******************************************************************************"
echo "** You are about to upload templates and code to S3. Please confirm that **"
echo "** buckets ${bucket}-reference and ${bucket}-${region} are appropriately **"
echo "** secured (not world-writeable, public access blocked) before continuing. **"
echo "*******************************************************************************"
echo "*******************************************************************************"
echo "PROCEED WITH UPLOAD? (y/n) [n]: "
read input
if [ "$input" != "y" ] ; then
echo "Upload aborted."
exit
fi

echo "=========================================================================="
echo "Deploying $solution_name version $version to bucket $bucket-$region"
echo "=========================================================================="
echo "Templates: ${bucket}-reference/$solution_name/$version/"
echo "Lambda code: ${bucket}-${region}/$solution_name/$version/"
echo "---"

set -x
aws s3 sync $global_dist_dir s3://$global_bucket/aws-content-analysis/$version/ $(if [ ! -z $profile ]; then echo "--profile $profile"; fi)
aws s3 sync $regional_dist_dir s3://${regional_bucket}-${region}/aws-content-analysis/$version/ $(if [ ! -z $profile ]; then echo "--profile $profile"; fi)
Expand Down