|
7 | 7 | # As defined by the Taskfile's DIST_DIR variable |
8 | 8 | DIST_DIR: dist |
9 | 9 | # The project's folder on Arduino's download server for uploading builds |
10 | | - AWS_PLUGIN_TARGET: /arduino-fwuploader/plugins/ |
| 10 | + AWS_PLUGIN_TARGET: /arduino-fwuploader/plugins/uno-r4-wifi-fwuploader-plugin/ |
| 11 | + AWS_REGION: "us-east-1" |
11 | 12 | ARTIFACT_PREFIX: dist- |
12 | 13 |
|
13 | 14 | on: |
@@ -187,9 +188,11 @@ jobs: |
187 | 188 |
|
188 | 189 | create-release: |
189 | 190 | runs-on: ubuntu-latest |
| 191 | + environment: production |
190 | 192 | needs: notarize-macos |
191 | 193 | permissions: |
192 | 194 | contents: write |
| 195 | + id-token: write # This is required for requesting the JWT |
193 | 196 |
|
194 | 197 | steps: |
195 | 198 | - name: Checkout # we need package_index.template |
@@ -247,12 +250,12 @@ jobs: |
247 | 250 | # (all the files we need are in the DIST_DIR root) |
248 | 251 | artifacts: ${{ env.DIST_DIR }}/* |
249 | 252 |
|
| 253 | + - name: configure aws credentials |
| 254 | + uses: aws-actions/configure-aws-credentials@v4 |
| 255 | + with: |
| 256 | + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} |
| 257 | + role-session-name: "github_${{ env.PROJECT_NAME }}" |
| 258 | + aws-region: ${{ env.AWS_REGION }} |
| 259 | + |
250 | 260 | - name: Upload release files on Arduino downloads servers |
251 | | - uses: docker://plugins/s3 |
252 | | - env: |
253 | | - PLUGIN_SOURCE: "${{ env.DIST_DIR }}/*" |
254 | | - PLUGIN_TARGET: ${{ env.AWS_PLUGIN_TARGET }} |
255 | | - PLUGIN_STRIP_PREFIX: "${{ env.DIST_DIR }}/" |
256 | | - PLUGIN_BUCKET: ${{ secrets.DOWNLOADS_BUCKET }} |
257 | | - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} |
258 | | - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| 261 | + run: aws s3 sync ${{ env.DIST_DIR }} s3://${{ secrets.DOWNLOADS_BUCKET }}${{ env.AWS_PLUGIN_TARGET }} |
0 commit comments