1+ name : Sync package
2+
3+ on :
4+ push :
5+ branches : [ "main" ]
6+ env :
7+ AWS_REGION : " us-west-2"
8+
9+ # permission can be added at job level or workflow level
10+ permissions :
11+ id-token : write # This is required for requesting the JWT
12+ contents : read # This is required for actions/checkout
13+
14+ jobs :
15+ on-success :
16+ runs-on : ubuntu-latest
17+ strategy :
18+ fail-fast : false
19+ matrix :
20+ python-version : ["3.13"]
21+
22+ steps :
23+ - uses : actions/checkout@v5
24+ - name : Set up Python ${{ matrix.python-version }}
25+ uses : actions/setup-python@v6
26+ with :
27+ python-version : ${{ matrix.python-version }}
28+ - name : Install Hatch
29+ run : |
30+ python -m pip install --upgrade hatch
31+ name : Build distribution
32+ run : hatch build
33+ - name : configure aws credentials
34+ uses : aws-actions/configure-aws-credentials@v4
35+ with :
36+ role-to-assume : " ${{ secrets.ACTIONS_SYNC_ROLE_NAME }}"
37+ role-session-name : gh-python
38+ aws-region : ${{ env.AWS_REGION }}
39+ - name : Get tar gz name
40+ id : tar_gz_name
41+ run : |
42+ TAR_GZ_NAME=$(ls *.tar.gz)
43+ echo "tar_gz_name=$TAR_GZ_NAME" >> $GITHUB_OUTPUT
44+ working-directory : dist
45+ - name : Copy tar gz build file to s3
46+ run : |
47+ aws s3 cp ./dist/${{steps.tar_gz_name.outputs.tar_gz_name}} \
48+ s3://${{ secrets.S3_BUCKET_NAME }}/
49+ name : commit tar gz to Gitfarm
50+ run : |
51+ aws lambda invoke \
52+ --function-name ${{ secrets.SYNC_LAMBDA_ARN }} \
53+ --payload '{"gitFarmRepo":"${{ secrets.GITFARM_LAN_SDK_REPO }}","gitFarmBranch":"${{ secrets.GITFARM_LAN_SDK_BRANCH }}","gitFarmFilepath":"${{ steps.tar_gz_name.outputs.tar_gz_name }}","s3Bucket":"${{ secrets.S3_BUCKET_NAME }}","s3FilePath":"${{ steps.tar_gz_name.outputs.tar_gz_name }}"}' \
54+ --cli-binary-format raw-in-base64-out \
55+ output.txt
56+ name : Check for error in lambda invoke
57+ id : check_text_tar_gz
58+ run : |
59+ if grep -q "Error" output.txt; then
60+ cat output.txt
61+ exit 1
62+ fi
0 commit comments