mirror of
https://github.com/wavetermdev/waveterm.git
synced 2024-12-22 16:48:23 +01:00
b7d01c0403
## New release workflow Build Helper will now automatically create a draft GitHub Release after it finishes its builds. It will upload a copy of the build artifacts to this release for easy access. When a version is ready to be published, edit the GitHub Release and publish it. This will trigger a workflow to publish the artifacts to our releases feed. ## Moved artifacts scripts to Taskfile The scripts formerly located at `scripts/artifacts` have been moved to the Taskfile. They can now be found at `artifacts:*`. ## Moved releases readme to `RELEASES.md` Updated the releases readme with step-by-step instructions and moved it from `scripts/artifacts` to `RELEASES.md` ## Created new AWS identities for artifact upload and publishing This narrows the scopes of the AWS identities used by the workflows to upload and publish artifacts. The Build Helper workflow now only has permission to put files into the artifacts bucket. The Publish Release workflow only has permission to get files from the artifacts bucket and put them into the releases bucket.
26 lines
918 B
YAML
26 lines
918 B
YAML
# Workflow to copy artifacts from the staging bucket to the release bucket when a new GitHub Release is published.
|
|
|
|
name: Publish Release
|
|
run-name: Publish ${{ github.ref_name }}
|
|
on:
|
|
release:
|
|
types: [published]
|
|
jobs:
|
|
publish:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install Task
|
|
uses: arduino/setup-task@v2
|
|
with:
|
|
version: 3.x
|
|
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Publish from staging
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
run: "task artifacts:publish:${{ github.ref_name }}"
|
|
env:
|
|
AWS_ACCESS_KEY_ID: "${{ secrets.PUBLISHER_KEY_ID }}"
|
|
AWS_SECRET_ACCESS_KEY: "${{ secrets.PUBLISHER_KEY_SECRET }}"
|
|
AWS_DEFAULT_REGION: us-west-2
|
|
shell: bash
|