TCLOUD-4780: Setting permissions for id-token to write #5
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Preview Create/Update | |
| on: | |
| create: | |
| branches-ignore: | |
| - 'main' | |
| - 'develop' | |
| - 'tinymce/**' | |
| - 'release/**' | |
| - 'archived/**' | |
| push: | |
| branches-ignore: | |
| - 'main' | |
| - 'develop' | |
| - 'tinymce/**' | |
| - 'release/**' | |
| - 'archived/**' | |
| # Need ID token write permission to use OIDC | |
| permissions: | |
| id-token: write | |
| jobs: | |
| build: | |
| name: Update Docs Preview | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - name: Checkout branch | |
| uses: actions/checkout@v5 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v5 | |
| with: | |
| cache: 'yarn' | |
| node-version: 24 | |
| - name: Install dependencies | |
| run: yarn install | |
| - name: Build Website | |
| run: yarn antora ./antora-playbook.yml | |
| - name: Rename sitemap.xml | |
| run: | | |
| mv ./build/site/sitemap.xml ./build/site/antora-sitemap.xml | |
| - name: Convert branch into subdomain | |
| id: get-subdomain | |
| working-directory: ./.github/workflows/scripts | |
| run: | | |
| node ./branch-to-subdomain.js >> $GITHUB_OUTPUT | |
| - name: configure aws credentials | |
| uses: aws-actions/[email protected] | |
| with: | |
| role-to-assume: arn:aws:iam::327995277200:role/staging-docs-preview-update | |
| role-session-name: docs-preview-update | |
| aws-region: us-east-2 | |
| - name: Upload website preview to S3 | |
| run: | | |
| aws s3 sync --delete ./build/site s3://tiny-cloud-antora-docs-preview/${SUBDOMAIN}/docs | |
| env: | |
| SUBDOMAIN: ${{ steps.get-subdomain.outputs.subdomain }} |