Use assume-role with OIDC authenticate docs push to S3 #5702
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Docs Preview | |
| on: | |
| push: | |
| branches: | |
| jobs: | |
| publish-preview: | |
| name: Publish docs preview | |
| runs-on: ubuntu-latest | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.DOCS_AWS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.DOCS_AWS_SECRET }} | |
| AWS_REGION: "us-east-1" | |
| ALGOLIA_ADMIN_API_KEY: ${{ secrets.ALGOLIA_ADMIN_API_KEY }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/cache@v2 | |
| with: | |
| path: | | |
| ~/.cargo/registry | |
| ~/.cargo/git | |
| target | |
| key: ${{ runner.os }}-cargo-check-${{ hashFiles('**/Cargo.lock') }} | |
| ### Setup dependencies | |
| - uses: actions/setup-python@v2 | |
| name: Install Python | |
| with: | |
| python-version: "3.7" | |
| - name: Install Ruby + gems | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| ruby-version: 2.4 | |
| working-directory: "languages/ruby" | |
| - name: Install yard | |
| run: gem install yard | |
| - name: Install Rust stable toolchain | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - name: Setup Node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "18" | |
| ### Build Rust WASM target | |
| - name: Add WebAssembly target | |
| run: rustup target add wasm32-unknown-unknown | |
| - name: Install wasm-pack | |
| run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh | |
| - name: Build Rust WASM | |
| run: make wasm-build | |
| ### Build Python package | |
| - name: Build Python | |
| run: make python-build | |
| ### Build docs | |
| - name: Setup Hugo | |
| uses: peaceiris/actions-hugo@v2 | |
| with: | |
| hugo-version: '0.79.1' | |
| - name: Get branch name (branch) | |
| if: github.event_name != 'pull_request' | |
| shell: bash | |
| run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV | |
| - name: Get branch name (pull request) | |
| if: github.event_name == 'pull_request' | |
| shell: bash | |
| run: echo "BRANCH_NAME=$(echo ${GITHUB_HEAD_REF} | tr / -)" >> $GITHUB_ENV | |
| - name: download s3-deploy package | |
| run: | | |
| wget https://github.com/bep/s3deploy/releases/download/v2.4.0/s3deploy_2.4.0_Linux-64bit.deb | |
| sudo dpkg -i s3deploy_2.4.0_Linux-64bit.deb | |
| # This step flakes sometime as in this run: | |
| # https://github.com/osohq/oso/runs/4743006731?check_suite_focus=true | |
| # This slows down releasing. | |
| # Try to retry, and get some more info about why the flake is happening. | |
| - name: Build docs for CI preview | |
| uses: nick-invision/retry@v2 | |
| with: | |
| max_attempts: 2 | |
| timeout_minutes: 4 | |
| command: make -C docs deploy-ci DOCS_TAG=${{ env.BRANCH_NAME }} | |
| on_retry_command: ls docs/examples/quickstart/ruby |