-
Notifications
You must be signed in to change notification settings - Fork 32
35 lines (31 loc) · 1.4 KB
/
cfn-publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
name: Publish CloudFormation Templates
on:
# Workflow Dispatch can be used to manually trigger a build
workflow_dispatch:
branches: [master]
# Workflow run will trigger build for new commits to master which pass the test workflow
workflow_run:
workflows: ["Test CloudFormation Templates"]
branches: [master]
types:
- completed
jobs:
publish:
runs-on: ubuntu-latest
name: Publish ./tools/cloudformation-template
# Additional permissions required to assume AWS Role on GitHub Hosted runner
# Allows the JWT to be requested from GitHub's OIDC provider
permissions:
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::440514240447:role/GitHubActionsFlexeraPublicPolicyTemplatesAccessRole
aws-region: us-east-2 # flexera-cloudformation-public S3 bucket is in us-east-2
- name: Copy CloudFormation Templates to S3
run: |
aws s3 cp ./tools/cloudformation-template/releases/ s3://flexera-cloudformation-public/ --recursive --exclude "*" --include "*.template" --acl public-read
aws s3 cp ./tools/cloudformation-template/FlexeraAutomationPolicies.template s3://flexera-cloudformation-public/FlexeraAutomationPolicies_latest.template --acl public-read