fix: improve S3 environment variable validation and streamline upload logic

Victor Santos · Victor Santos · commit a0477fa50b66 · 2026-02-09T10:39:50.000-03:00
- Changed the validation for S3 environment variables to exit on error instead of warning, ensuring the script halts if required variables are missing.
- Removed the S3_ENABLED flag, simplifying the upload logic for APK and RPM packages by directly checking for the presence of files.
- Enhanced clarity in the RPM upload section by consolidating the upload and metadata regeneration steps.
diff --git a/upload_to_cloudsmith.sh b/upload_to_cloudsmith.sh
@@ -17,15 +17,12 @@ validate_s3_env() {
     [ -z "$AWS_SECRET_ACCESS_KEY" ] && missing+=("AWS_SECRET_ACCESS_KEY")
     
     if [ ${#missing[@]} -gt 0 ]; then
-        echo "Warning: Missing environment variables for S3 uploads: ${missing[*]}"
-        echo "S3 upload steps will be skipped."
-        return 1
+        echo "Error: Missing required environment variables for S3 uploads: ${missing[*]}"
+        exit 1
     fi
-    return 0
 }
 
-S3_ENABLED=false
-validate_s3_env && S3_ENABLED=true
+validate_s3_env
 
 # ============================================
 # APK - Upload to Cloudsmith (keep until S3 is validated)
@@ -38,7 +35,7 @@ done
 # ============================================
 # APK - Upload to S3 and generate APKINDEX
 # ============================================
-if ls *.apk 1> /dev/null 2>&1 && [ "$S3_ENABLED" = "true" ]; then
+if ls *.apk 1> /dev/null 2>&1; then
     echo "Processing APK packages..."
     
     # Create local directory structure
@@ -122,24 +119,22 @@ done
 # ============================================
 # RPM - Upload to S3 and regenerate repo metadata
 # ============================================
-if [ "$S3_ENABLED" = "true" ]; then
-    for i in *.rpm; do
-        [ -f "$i" ] || break
-        
-        # Sign the RPM package
-        rpmsign --addsign --key-id="$INFISICAL_CLI_REPO_SIGNING_KEY_ID" "$i"
-        
-        # Upload to S3
-        aws s3 cp "$i" "s3://$INFISICAL_CLI_S3_BUCKET/rpm/Packages/"
-    done
+for i in *.rpm; do
+    [ -f "$i" ] || break
+    
+    # Sign the RPM package
+    rpmsign --addsign --key-id="$INFISICAL_CLI_REPO_SIGNING_KEY_ID" "$i"
+    
+    # Upload to S3
+    aws s3 cp "$i" "s3://$INFISICAL_CLI_S3_BUCKET/rpm/Packages/"
+done
 
-    # Regenerate RPM repository metadata with mkrepo
-    # Note: mkrepo uses boto3 which automatically reads AWS_ACCESS_KEY_ID and
-    # AWS_SECRET_ACCESS_KEY from environment variables set in the workflow
-    if ls *.rpm 1> /dev/null 2>&1; then
-        export GPG_SIGN_KEY=$INFISICAL_CLI_REPO_SIGNING_KEY_ID
-        mkrepo "s3://$INFISICAL_CLI_S3_BUCKET/rpm" \
-            --s3-region="us-east-1" \
-            --sign
-    fi
+# Regenerate RPM repository metadata with mkrepo
+# Note: mkrepo uses boto3 which automatically reads AWS_ACCESS_KEY_ID and
+# AWS_SECRET_ACCESS_KEY from environment variables set in the workflow
+if ls *.rpm 1> /dev/null 2>&1; then
+    export GPG_SIGN_KEY=$INFISICAL_CLI_REPO_SIGNING_KEY_ID
+    mkrepo "s3://$INFISICAL_CLI_S3_BUCKET/rpm" \
+        --s3-region="us-east-1" \
+        --sign
 fi
