feat: trigger internal release (#1577) #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Upload Verified Artifacts to S3 | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'deps/finch-core' | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| upload-artifacts: | |
| name: Upload Artifacts to S3 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| submodules: recursive | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 | |
| with: | |
| aws-region: ${{ secrets.REGION }} | |
| role-to-assume: ${{ secrets.ROLE }} | |
| role-session-name: update-latest-os-artifacts-in-s3 | |
| - name: Update latest base OS artifact information in S3 | |
| run: | | |
| # Update the latest verified base OS artifact information in S3 | |
| echo "Uploading the verified base OS artifact information to S3" | |
| # Extract updated artifact information | |
| source deps/finch-core/deps/full-os.conf | |
| # Create manifest file to hold artifact information | |
| MANIFEST_FILE="latest-os-artifacts.json" | |
| echo '{ | |
| "aarch64": { | |
| "filename": "'$AARCH64_ARTIFACT'", | |
| "sha512sum": "'$AARCH64_512_DIGEST'" | |
| }, | |
| "x86_64": { | |
| "filename": "'$X86_64_ARTIFACT'", | |
| "sha512sum": "'$X86_64_512_DIGEST'" | |
| } | |
| }' > $MANIFEST_FILE | |
| # Upload to S3 | |
| aws s3 cp $MANIFEST_FILE s3://${{ secrets.ARTIFACT_BUCKET_NAME }}/manifest/latest-os-artifacts.json --content-type "application/json" | |
| - name: Update latest rootfs information in S3 | |
| run: | | |
| # Update the latest verified rootfs information in S3 | |
| echo "Uploading the latest verified rootfs information in S3" | |
| # Extract updated artifact information | |
| source deps/finch-core/deps/rootfs.conf | |
| # Create manifest file to hold artifact information | |
| MANIFEST_FILE="latest-rootfs-artifacts.json" | |
| echo '{ | |
| "filename": "'$X86_64_ARTIFACT'", | |
| "sha512sum": "'$X86_64_512_DIGEST'" | |
| }' > $MANIFEST_FILE | |
| # Upload to S3 | |
| aws s3 cp $MANIFEST_FILE s3://${{ secrets.ARTIFACT_BUCKET_NAME }}/manifest/latest-rootfs-artifacts.json --content-type "application/json" |