58 lines
1.7 KiB
YAML
58 lines
1.7 KiB
YAML
name: release
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
reason:
|
|
description: 'the reason for triggering this workflow'
|
|
required: false
|
|
default: 'manually publish the pre-built ecr images'
|
|
jobs:
|
|
ecr_images:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
id-token: write
|
|
contents: read
|
|
env:
|
|
iam_role_to_assume: ${{ secrets.ROLE_ARN }}
|
|
steps:
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Configure AWS Credentials
|
|
if: ${{ env.iam_role_to_assume != '' }}
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
role-to-assume: ${{ env.iam_role_to_assume }}
|
|
aws-region: us-east-1
|
|
- name: Build and Publish
|
|
run: |-
|
|
cd scripts
|
|
bash push-to-ecr.sh
|
|
cfn_templates:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
id-token: write
|
|
needs: ecr_images
|
|
env:
|
|
iam_role_to_assume: ${{ secrets.ROLE_ARN }}
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Configure AWS Credentials
|
|
if: ${{ env.iam_role_to_assume != '' }}
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
role-to-assume: ${{ env.iam_role_to_assume }}
|
|
aws-region: us-east-1
|
|
- name: Copy Deployment Templates to S3
|
|
env:
|
|
S3_BUCKET: ${{ secrets.ASSET_BUCKET }}
|
|
S3_PREFIX: bedrock-access-gateway/latest/
|
|
run: aws s3 sync deployment/ s3://$S3_BUCKET/$S3_PREFIX --acl public-read |