Publish CloudFormation Templates #215
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish CloudFormation Templates | |
on: | |
# Workflow Dispatch can be used to manually trigger a build | |
workflow_dispatch: | |
branches: [master] | |
# Workflow run will trigger build for new commits to master which pass the test workflow | |
workflow_run: | |
workflows: ["Test CloudFormation Templates"] | |
branches: [master] | |
types: | |
- completed | |
jobs: | |
publish: | |
runs-on: ubuntu-latest | |
name: Publish ./tools/cloudformation-template | |
# Additional permissions required to assume AWS Role on GitHub Hosted runner | |
# Allows the JWT to be requested from GitHub's OIDC provider | |
permissions: | |
id-token: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
role-to-assume: arn:aws:iam::440514240447:role/GitHubActionsFlexeraPublicPolicyTemplatesAccessRole | |
aws-region: us-east-2 # flexera-cloudformation-public S3 bucket is in us-east-2 | |
- name: Copy CloudFormation Templates to S3 | |
run: | | |
aws s3 cp ./tools/cloudformation-template/releases/ s3://flexera-cloudformation-public/ --recursive --exclude "*" --include "*.template" --acl public-read | |
aws s3 cp ./tools/cloudformation-template/FlexeraAutomationPolicies.template s3://flexera-cloudformation-public/FlexeraAutomationPolicies_latest.template --acl public-read |