signal-works/ice
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
ice/.github/workflows/deploy-scripts.yml
Deco Vander 2cda43edc9 Fix S3 upload: remove ACL parameters for bucket without ACL support 
- Removed --acl public-read parameters from GitHub Action
- S3 bucket policy handles public access instead of ACLs
- Should resolve AccessControlListNotSupported error
2025-07-03 00:11:08 -04:00

67 lines
2.3 KiB
YAML
Raw Blame History

name: Deploy Scripts to S3
on:
push:
branches: [ main ]
paths:
- 'scripts/**'
- '.github/workflows/deploy-scripts.yml'
workflow_dispatch:
permissions:
id-token: write
contents: read
jobs:
deploy-scripts:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Configure AWS credentials using OIDC
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
aws-region: ${{ secrets.AWS_REGION }}
role-session-name: icewatch-deploy-scripts
- name: Upload deployment script to S3
run: |
# Upload the main deployment script
aws s3 cp scripts/deploy.sh s3://${{ secrets.S3_BUCKET_NAME }}/scripts/deploy.sh \
--content-type "text/plain" \
--cache-control "max-age=300" \
--metadata-directive REPLACE \
--metadata "version=$(git rev-parse --short HEAD),updated=$(date -u +%Y-%m-%dT%H:%M:%SZ)"
# Upload systemd service file
aws s3 cp scripts/icewatch.service s3://${{ secrets.S3_BUCKET_NAME }}/scripts/icewatch.service \
--content-type "text/plain" \
--cache-control "max-age=3600"
# Upload Caddyfile
aws s3 cp scripts/Caddyfile s3://${{ secrets.S3_BUCKET_NAME }}/scripts/Caddyfile \
--content-type "text/plain" \
--cache-control "max-age=3600"
echo "✅ Scripts uploaded successfully!"
echo "📁 Deploy script URL: https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh"
- name: Update README with current URLs
run: |
# Update README with current S3 URLs
sed -i "s|curl -sSL.*deploy.sh|curl -sSL https://${{ secrets.S3_BUCKET_NAME }}.s3.amazonaws.com/scripts/deploy.sh|g" README.md
# Check if README was modified
if git diff --quiet README.md; then
echo "No README updates needed"
else
echo "README updated with new S3 URLs"
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git add README.md
git commit -m "Update deployment URLs [skip ci]"
git push
fi
Reference in a new issue View git blame Copy permalink