forked from aws/copilot-cli
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: move buildspecs to .release folder (aws#1318)
<!-- Provide summary of changes --> Adds sanitized buildspecs to .release folder, and adds the Amazon ECS public key. Don't merge this yet. #### Testing - [x] Test changes to buildspec_integ.yml (Build run [here](https://us-west-2.console.aws.amazon.com/codesuite/codebuild/228594825426/projects/copilotcliIntegAndEndToEndT-DlmaFtB63tQO/build/copilotcliIntegAndEndToEndT-DlmaFtB63tQO%3A17e005da-7f47-4ea8-a29b-106c9617e698/?region=us-west-2)) - [x] Test changes to buildspec_stage.yml (Build run [here](https://us-west-2.console.aws.amazon.com/codesuite/codebuild/228594825426/projects/copilotcliStagingStagingPro-Znkymr6IIYb0/build/copilotcliStagingStagingPro-Znkymr6IIYb0%3A8a018f97-2bac-4c06-a768-d351ba4ec2b7/phase?region=us-west-2)) - [x] Test changes to buildspc_sign.yml (Build run [here](https://us-west-2.console.aws.amazon.com/codesuite/codebuild/228594825426/projects/copilotcliSigningCodeSignin-vY23bgoNI6f0/build/copilotcliSigningCodeSignin-vY23bgoNI6f0%3Acfc59bae-2bb2-499a-aaf2-dc2e4dc6ea54?region=us-west-2). Failed at PGP verification because key is not yet present in repo. ) <!-- Issue number, if available. E.g. "Fixes aws#31", "Addresses aws#42, 77" --> By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
- Loading branch information
Showing
7 changed files
with
255 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,97 @@ | ||
| -----BEGIN PGP PUBLIC KEY BLOCK----- | ||
| Version: GnuPG v2.0.18 (GNU/Linux) | ||
|
|
||
| mQINBFq1SasBEADliGcT1NVJ1ydfN8DqebYYe9ne3dt6jqKFmKowLmm6LLGJe7HU | ||
| jGtqhCWRDkN+qPpHqdArRgDZAtn2pXY5fEipHgar4CP8QgRnRMO2fl74lmavr4Vg | ||
| 7K/KH8VHlq2uRw32/B94XLEgRbGTMdWFdKuxoPCttBQaMj3LGn6Pe+6xVWRkChQu | ||
| BoQAhjBQ+bEm0kNy0LjNgjNlnL3UMAG56t8E3LANIgGgEnpNsB1UwfWluPoGZoTx | ||
| N+6pHBJrKIL/1v/ETU4FXpYw2zvhWNahxeNRnoYj3uycHkeliCrw4kj0+skizBgO | ||
| 2K7oVX8Oc3j5+ZilhL/qDLXmUCb2az5cMM1mOoF8EKX5HaNuq1KfwJxqXE6NNIcO | ||
| lFTrT7QwD5fMNld3FanLgv/ZnIrsSaqJOL6zRSq8O4LN1OWBVbndExk2Kr+5kFxn | ||
| 5lBPgfPgRj5hQ+KTHMa9Y8Z7yUc64BJiN6F9Nl7FJuSsfqbdkvRLsQRbcBG9qxX3 | ||
| rJAEhieJzVMEUNl+EgeCkxj5xuSkNU7zw2c3hQZqEcrADLV+hvFJktOz9Gm6xzbq | ||
| lTnWWCz4xrIWtuEBA2qE+MlDheVd78a3gIsEaSTfQq0osYXaQbvlnSWOoc1y/5Zb | ||
| zizHTJIhLtUyls9WisP2s0emeHZicVMfW61EgPrJAiupgc7kyZvFt4YwfwARAQAB | ||
| tCRBbWF6b24gRUNTIDxlY3Mtc2VjdXJpdHlAYW1hem9uLmNvbT6JAjkEEwECACMF | ||
| Alq1SasCGwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRC86dmkLVF4T9iF | ||
| EACEnkm1dNXsWUx34R3c0vamHrPxvfkyI1FlEUen8D1huX9xy6jCEROHWEp0rjGK | ||
| 4QDPgM93sWJ+s1UAKg214QRVzft0y9/DdR+twApA0fzyuavIthGd6+03jAAo6udY | ||
| DE+cZC3P7XBbDiYEWk4XAF9I1JjB8hTZUgvXBL046JhGeM17+crgUyQeetkiOQem | ||
| LbsbXQ40Bd9V7zf7XJraFd8VrwNUwNb+9KFtgAsc9rk+YIT/PEf+YOPysgcxI4sT | ||
| WghtyCulVnuGoskgDv4v73PALU0ieUrvvQVqWMRvhVx10X90J7cC1KOyhlEQQ1aF | ||
| TgmQjmXexVTwIBm8LvysFK6YXM41KjOrlz3+6xBIm/qebFyLUnf4WoiuOplAaJhK | ||
| 9pRY+XEnGNxdtN4D26Kd0F+PLkm3Tr3Hy3b1Ok34FlGrKVHUq1TZD7cvMnnNKEEL | ||
| TUcKX+1mV3an16nmAg/my1JSUt6BNK2rJpY1s/kkSGSEXQ4zuF2IGCpvBFhYAlt5 | ||
| Un5zwqkwwQR3/n2kwAoDzonJcehDw/C/cGos5D0aIU7IK2X2aTD3+pA7Mx3IMe2h | ||
| qmYqRt9X42yF1PIEVRneBRJ3HDezAgJrNh0GQWRQkhIxgz6/cTR+ekr5TptVszS9 | ||
| few2GpI5bCgBKBisZIssT89aw7mAKWut0Gcm4qM9/yK61YkCHAQQAQIABgUCWuMv | ||
| RgAKCRAeK9FezRNpCuDWD/4mmnA+oeeVU+a/uV6ywHwjlSpl4Pqnq5Wkd3sGzelw | ||
| +nwFXsF1Fuzew8u3ltXX6uSo6XD7SBnhD+579hta04C3ipjQ5wSjQeBydpeWwHzb | ||
| tAh9khW0ZYyG6H3jHOb9ImS+eCaXooHdgk2dY/rUD2onfv9VtVUvO9yZrMAxxYHg | ||
| dQw2uF3QmAEKjSAimoJukkS9RzTYGOfbd4QmxL2QLs5QAfJCRWfHh31TNcXg6ghI | ||
| XqGZAogGgudGsCWPlC+zcaG8dDROFirQauT8owklfYJKq3u1YnyCTWfcfdhJF5Fc | ||
| lGe/sOwMMHAWBPqvlDYdbVMFS9qhnLmEXqZoPT2cdw2e8GOoAPN5PxOv9C5sEIvO | ||
| Q1JiqqSmC3C/ux6gPY/ifWCJG8MA4R8xmlWRSv4LbnYhofUdkUTP5O8FVAxjw5Zb | ||
| GYglb4np6+Ojc3V47X1Qe/vWO+gXzOWNsjhuwvZz5BMmY6/udGrMNCAJbKkh3+/Z | ||
| 1RVVOTWP2ia4sEHA0nNAIH7vYtwjMmFiZo/UcLgtwpAb79/jV7G4i16dq0qUQlCF | ||
| i3JVdwGWHpif/DM2DY1Y7Bve+pj8Xubq72LEDCC0gyA8IMThonzrOutdgXM3YeqR | ||
| NJCHvtnwo8qbIaimyY3+t4y6KU90g1vbj2cDR3Og36eP61MU5gIhotoXKOxnSvVA | ||
| A7kCDQRatUmrARAAxNPvVwreJ2yAiFcUpdRlVhsuOgnxvs1QgsIw3H7+Pacr9Hpe | ||
| 8uftYZqdC82KeSKhpHq7c8gMTMucIINtH25x9BCc73E33EjCL9Lqov1TL7+QkgHe | ||
| T+JIhZwdD8Mx2K+LVVVu/aWkNrfMuNwyDUciSI4D5QHa8T+F8fgN4OTpwYjirzel | ||
| 5yoICMr9hVcbzDNv/ozKCxjx+XKgnFc3wrnDfJfntfDAT7ecwbUTL+viQKJ646s+ | ||
| psiqXRYtVvYInEhLVrJ0aV6zHFoigE/Bils6/g7ru1Q6CEHqEw++APs5CcE8VzJu | ||
| WAGSVHZgun5Y9N4quR/M9Vm+IPMhTxrAg7rOvyRN9cAXfeSMf77I+XTifigNna8x | ||
| t/MOdjXr1fjF4pThEi5u6WsuRdFwjY2azEv3vevodTi4HoJReH6dFRa6y8c+UDgl | ||
| 2iHiOKIpQqLbHEfQmHcDd2fix+AaJKMnPGNku9qCFEMbgSRJpXz6BfwnY1QuKE+I | ||
| R6jA0frUNt2jhiGG/F8RceXzohaaC/Cx7LUCUFWc0n7z32C9/Dtj7I1PMOacdZzz | ||
| bjJzRKO/ZDv+UN/c9dwAkllzAyPMwGBkUaY68EBstnIliW34aWm6IiHhxioVPKSp | ||
| VJfyiXPO0EXqujtHLAeChfjcns3I12YshT1dv2PafG53fp33ZdzeUgsBo+EAEQEA | ||
| AYkCHwQYAQIACQUCWrVJqwIbDAAKCRC86dmkLVF4T+ZdD/9x/8APzgNJF3o3STrF | ||
| jvnV1ycyhWYGAeBJiu7wjsNWwzMFOv15tLjB7AqeVxZn+WKDD/mIOQ45OZvnYZuy | ||
| X7DR0JszaH9wrYTxZLVruAu+t6UL0y/XQ4L1GZ9QR6+r+7t1Mvbfy7BlHbvX/gYt | ||
| Rwe/uwdibI0CagEzyX+2D3kTOlHO5XThbXaNf8AN8zha91Jt2Q2UR2X5T6JcwtMz | ||
| FBvZnl3LSmZyE0EQehS2iUurU4uWOpGppuqVnbi0jbCvCHKgDGrqZ0smKNAQng54 | ||
| F365W3g8AfY48s8XQwzmcliowYX9bT8PZiEi0J4QmQh0aXkpqZyFefuWeOL2R94S | ||
| XKzr+gRh3BAULoqF+qK+IUMxTip9KTPNvYDpiC66yBiT6gFDji5Ca9pGpJXrC3xe | ||
| TXiKQ8DBWDhBPVPrruLIaenTtZEOsPc4I85yt5U9RoPTStcOr34s3w5yEaJagt6S | ||
| Gc5r9ysjkfH6+6rbi1ujxMgROSqtqr+RyB+V9A5/OgtNZc8llK6u4UoOCde8jUUW | ||
| vqWKvjJB/Kz3u4zaeNu2ZyyHaOqOuH+TETcW+jsY9IhbEzqN5yQYGi4pVmDkY5vu | ||
| lXbJnbqPKpRXgM9BecV9AMbPgbDq/5LnHJJXg+G8YQOgp4lR/hC1TEFdIp5wM8AK | ||
| CWsENyt2o1rjgMXiZOMF8A5oBLkCDQRatUuSARAAr77kj7j2QR2SZeOSlFBvV7oS | ||
| mFeSNnz9xZssqrsm6bTwSHM6YLDwc7Sdf2esDdyzONETwqrVCg+FxgL8hmo9hS4c | ||
| rR6tmrP0mOmptr+xLLsKcaP7ogIXsyZnrEAEsvW8PnfayoiPCdc3cMCR/lTnHFGA | ||
| 7EuR/XLBmi7Qg9tByVYQ5Yj5wB9V4B2yeCt3XtzPqeLKvaxl7PNelaHGJQY/xo+m | ||
| V0bndxf9IY+4oFJ4blD32WqvyxESo7vW6WBh7oqv3Zbm0yQrr8a6mDBpqLkvWwNI | ||
| 3kpJR974tg5o5LfDu1BeeyHWPSGm4U/G4JB+JIG1ADy+RmoWEt4BqTCZ/knnoGvw | ||
| D5sTCxbKdmuOmhGyTssoG+3OOcGYHV7pWYPhazKHMPm201xKCjH1RfzRULzGKjD+ | ||
| yMLT1I3AXFmLmZJXikAOlvE3/wgMqCXscbycbLjLD/bXIuFWo3rzoezeXjgi/DJx | ||
| jKBAyBTYO5nMcth1O9oaFd9d0HbsOUDkIMnsgGBE766Piro6MHo0T0rXl07Tp4pI | ||
| rwuSOsc6XzCzdImj0Wc6axS/HeUKRXWdXJwno5awTwXKRJMXGfhCvSvbcbc2Wx+L | ||
| IKvmB7EB4K3fmjFFE67yolmiw2qRcUBfygtH3eL5XZU28MiCpue8Y8GKJoBAUyvf | ||
| KeM1rO8Jm3iRAc5a/D0AEQEAAYkEPgQYAQIACQUCWrVLkgIbAgIpCRC86dmkLVF4 | ||
| T8FdIAQZAQIABgUCWrVLkgAKCRDePL1hra+LjtHYD/9MucxdFe6bXO1dQR4tKhhQ | ||
| P0LRqy6zlBY9ILCLowNdGZdqorogUiUymgn3VhEhVtxTOoHcN7qOuM01PNsRnOeS | ||
| EYjf8Xrb1clzkD6xULwmOclTb9bBxnBc/4PFvHAbZW3QzusaZniNgkuxt6BTfloS | ||
| Of4inq71kjmGK+TlzQ6mUMQUg228NUQC+a84EPqYyAeY1sgvgB7hJBhYL0QAxhcW | ||
| 6m20Rd8iEc6HyzJ3yCOCsKip/nRWAbf0OvfHfRBp0+m0ZwnJM8cPRFjOqqzFpKH9 | ||
| HpDmTrC4wKP1+TL52LyEqNh4yZitXmZNV7giSRIkk0eDSko+bFy6VbMzKUMkUJK3 | ||
| D3eHFAMkujmbfJmSMTJOPGn5SB1HyjCZNx6bhIIbQyEUB9gKCmUFaqXKwKpF6rj0 | ||
| iQXAJxLR/shZ5Rk96VxzOphUl7T90m/PnUEEPwq8KsBhnMRgxa0RFidDP+n9fgtv | ||
| HLmrOqX9zBCVXh0mdWYLrWvmzQFWzG7AoE55fkf8nAEPsalrCdtaNUBHRXA0OQxG | ||
| AHMOdJQQvBsmqMvuAdjkDWpFu5y0My5ddU+hiUzUyQLjL5Hhd5LOUDdewlZgIw1j | ||
| xrEAUzDKetnemM8GkHxDgg8koev5frmShJuce7vSjKpCNg3EIJSgqMOPFjJuLWtZ | ||
| vjHeDNbJy6uNL65ckJy6WhGjEADS2WAW1D6Tfekkc21SsIXk/LqEpLMR/0g5OUif | ||
| wcEN1rS9IJXBwIy8MelN9qr5KcKQLmfdfBNEyyceBhyVl0MDyHOKC+7PofMtkGBq | ||
| 13QieRHv5GJ8LB3fclqHV8pwTTo3Bc8z2g0TjmUYAN/ixETdReDoKavWJYSE9yoM | ||
| aaJu279ioVTrwpECse0XkiRyKToTjwOb73CGkBZZpJyqux/rmCV/fp4ALdSW8zbz | ||
| FJVORaivhoWwzjpfQKhwcU9lABXi2UvVm14v0AfeI7oiJPSU1zM4fEny4oiIBXlR | ||
| zhFNih1UjIu82X16mTm3BwbIga/s1fnQRGzyhqUIMii+mWra23EwjChaxpvjjcUH | ||
| 5ilLc5Zq781aCYRygYQw+hu5nFkOH1R+Z50Ubxjd/aqUfnGIAX7kPMD3Lof4KldD | ||
| Q8ppQriUvxVo+4nPV6rpTy/PyqCLWDjkguHpJsEFsMkwajrAz0QNSAU5CJ0G2Zu4 | ||
| yxvYlumHCEl7nbFrm0vIiA75Sa8KnywTDsyZsu3XcOcf3g+g1xWTpjJqy2bYXlqz | ||
| 9uDOWtArWHOis6bq8l9RE6xr1RBVXS6uqgQIZFBGyq66b0dIq4D2JdsUvgEMaHbc | ||
| e7tBfeB1CMBdA64e9Rq7bFR7Tvt8gasCZYlNr3lydh+dFHIEkH53HzQe6l88HEic | ||
| +0jVnA== | ||
| =ArPc | ||
| -----END PGP PUBLIC KEY BLOCK----- |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,64 @@ | ||
| version: 0.2 | ||
| env: | ||
| parameter-store: | ||
| NEUTRAL_BUILD_RELEASE_ROLE: COPILOT_NEUTRAL_BUILD_RELEASE_ROLE_ARN | ||
| variables: | ||
| NEUTRAL_BUILD_RELEASE_BUCKET_NAME: ecs-cli-v2-release | ||
| AWS_STS_REGIONAL_ENDPOINTS: regional | ||
| INTEG_TEST_SESSION_NAME: aws_copilot_cli_integ_test | ||
| TAG_KEY: access | ||
| TAG_VALUE: private | ||
|
|
||
| phases: | ||
| install: | ||
| runtime-versions: | ||
| golang: 1.13 | ||
| nodejs: 10 | ||
| build: | ||
| commands: | ||
| - echo `git rev-parse HEAD` # Do not delete; for pipeline logging purposes | ||
| - cd $CODEBUILD_SRC_DIR | ||
| - export GOPATH=/go | ||
| - rm -rf cf-custom-resources/node_modules | ||
| - | | ||
| tag_artifacts() { | ||
| CREDS=`aws sts assume-role --duration-seconds 3600 --role-arn "$NEUTRAL_BUILD_RELEASE_ROLE" --role-session-name $INTEG_TEST_SESSION_NAME` | ||
| export AWS_ACCESS_KEY_ID=`echo $CREDS | jq -r .Credentials.AccessKeyId` | ||
| export AWS_SECRET_ACCESS_KEY=`echo $CREDS | jq -r .Credentials.SecretAccessKey` | ||
| export AWS_SESSION_TOKEN=`echo $CREDS | jq -r .Credentials.SessionToken` | ||
| GIT_COMMIT_ID=`git rev-parse HEAD` | ||
| echo 'Artifacts to tag:' | ||
| ls -lah $(dirname `head -1 ./$GIT_COMMIT_ID.manifest`) | ||
| for artifact in `cat ./$GIT_COMMIT_ID.manifest` | ||
| do | ||
| bn="$(basename $artifact)" | ||
| echo "bn: $bn" | ||
| md5FileName="${{bn%.exe}}.md5" | ||
| echo "md5FileName: $md5FileName" | ||
| aws s3api put-object-tagging --bucket $NEUTRAL_BUILD_RELEASE_BUCKET_NAME \ | ||
| --key "$md5FileName" \ | ||
| --tagging TagSet=[{{Key=$TAG_KEY,Value=$TAG_VALUE}}] || exit 1 | ||
| aws s3api put-object-tagging --bucket $NEUTRAL_BUILD_RELEASE_BUCKET_NAME \ | ||
| --key "$bn" \ | ||
| --tagging TagSet=[{{Key=$TAG_KEY,Value=$TAG_VALUE}}] || exit 1 | ||
| aws s3api put-object-tagging --bucket $NEUTRAL_BUILD_RELEASE_BUCKET_NAME \ | ||
| --key "$bn.asc" \ | ||
| --tagging TagSet=[{{Key=$TAG_KEY,Value=$TAG_VALUE}}] || exit 1 | ||
| done | ||
| } | ||
| - | | ||
| make integ-test && { | ||
| echo "integration tests passed!" | ||
| GIT_TAG=`git tag --points-at HEAD` | ||
| if [ -z "$GIT_TAG" ]; then | ||
| echo "Marking artifacts as private and ready-for-cleanup because they weren't built from a commit that is tagged as a release" | ||
| tag_artifacts | ||
| echo "Successfully marked non-release artifacts as private and ready-for-clean up" | ||
| fi | ||
| exit 0 | ||
| } || { | ||
| echo "integration tests failed! Marking these artifacts as private and ready for removal..." | ||
| tag_artifacts | ||
| echo "Successfully marked broken artifacts as private and ready-for-clean up. Exit with 1 because tests failed." | ||
| exit 1 | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| version: 0.2 | ||
| env: | ||
| variables: | ||
| AWS_STS_REGIONAL_ENDPOINTS: regional | ||
| STAGE_SESSION_NAME: "aws_copilot_cli" | ||
| parameter-store: | ||
| SIGNING_LAMBDA_ARN: SIGNING_LAMBDA_ARN | ||
| STAGE_ROLE_ARN: COPILOT_STAGE_ROLE_ARN | ||
| STAGE_BUCKET: COPILOT_STAGE_BUCKET_NAME | ||
| phases: | ||
| build: | ||
| commands: | ||
| - GIT_COMMIT_ID=`git rev-parse HEAD` | ||
| - JSON_ARR=`jq -Rsc 'split("\n") | map(select(length > 0))' < $GIT_COMMIT_ID.manifest` | ||
| - echo "Signing these artifacts in S3 $JSON_ARR" | ||
| - echo "Invoking the signing solution..." | ||
| - > | ||
| aws lambda invoke | ||
| --function-name $SIGNING_LAMBDA_ARN | ||
| --invocation-type RequestResponse | ||
| --region us-west-2 --payload $JSON_ARR /tmp/successfully_signed.txt | ||
| - MATCH=`jq --argfile a /tmp/successfully_signed.txt --argjson b $JSON_ARR -n '($a | sort) as $a | ($b | sort) as $b | $a==$b'` | ||
| - | | ||
| if [ "$MATCH" = "true" ]; then | ||
| echo "All artifacts successfully signed. Assuming role before downloading..." | ||
| CREDS=`aws sts assume-role \ | ||
| --region $AWS_DEFAULT_REGION \ | ||
| --role-arn $STAGE_ROLE_ARN \ | ||
| --role-session-name $STAGE_SESSION_NAME` | ||
| else | ||
| echo "Not all of the artifacts were successfully signed!" | ||
| exit 1 | ||
| fi | ||
| - export AWS_ACCESS_KEY_ID=`echo $CREDS | jq -r .Credentials.AccessKeyId` | ||
| - export AWS_SECRET_ACCESS_KEY=`echo $CREDS | jq -r .Credentials.SecretAccessKey` | ||
| - export AWS_SESSION_TOKEN=`echo $CREDS | jq -r .Credentials.SessionToken` | ||
| - echo "Role assumed. Downloading signature files..." | ||
| - | | ||
| for artifact in `cat ./$GIT_COMMIT_ID.manifest` | ||
| do | ||
| aws s3 cp "s3://$STAGE_BUCKET/$artifact.asc" $artifact.asc || exit 1 | ||
| echo "Downloaded: $artifact.asc" | ||
| done | ||
| - ls -lah $(dirname `head -1 ./$GIT_COMMIT_ID.manifest`) | ||
| post_build: | ||
| commands: | ||
| - echo "Installing ecs-cli gpg public key" | ||
| - /usr/bin/gpg --version | ||
| - gpg --import .release/amazon-ecs-public-key.gpg | ||
| - echo "Verifying PGP signatures..." | ||
| - | | ||
| for artifact in `cat ./$GIT_COMMIT_ID.manifest` | ||
| do | ||
| chmod +x $artifact.asc | ||
| gpg --verify $artifact.asc $artifact || exit 1 | ||
| echo "Verified signature for $artifact" | ||
| done | ||
| artifacts: | ||
| files: | ||
| - '**/*' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| version: 0.2 | ||
| env: | ||
| variables: | ||
| AWS_STS_REGIONAL_ENDPOINTS: "regional" | ||
| STAGE_SESSION_NAME: "aws_copilot_cli" | ||
| parameter-store: | ||
| STAGE_ROLE_ARN: COPILOT_STAGE_ROLE_ARN | ||
| STAGE_BUCKET: COPILOT_STAGE_BUCKET_NAME | ||
| phases: | ||
| pre_build: | ||
| commands: | ||
| - CREDS=`aws sts assume-role --role-arn $STAGE_ROLE_ARN --role-session-name $STAGE_SESSION_NAME` | ||
| - export AWS_ACCESS_KEY_ID=`echo $CREDS | jq -r .Credentials.AccessKeyId` | ||
| - export AWS_SECRET_ACCESS_KEY=`echo $CREDS | jq -r .Credentials.SecretAccessKey` | ||
| - export AWS_SESSION_TOKEN=`echo $CREDS | jq -r .Credentials.SessionToken` | ||
| build: | ||
| commands: | ||
| - export GIT_COMMIT_ID=`git rev-parse HEAD` | ||
| - ls -lah | ||
| - echo "Creating MD5 hash for the following files..." | ||
| - cat ./$GIT_COMMIT_ID.manifest | ||
| - | | ||
| for artifact in `cat ./$GIT_COMMIT_ID.manifest` | ||
| do | ||
| md5FileName="${artifact%.exe}" | ||
| md5sum $artifact | sed 's/ .*//' > "$md5FileName.md5" | ||
| echo "Generated m5d for $artifact: $(cat $md5FileName.md5)" | ||
| aws s3 cp $artifact "s3://$STAGE_BUCKET/$artifact" || exit 1 | ||
| echo "Copied $artifact to s3://$STAGE_BUCKET/$artifact" | ||
| done | ||
| - ls -lah $(dirname `head -1 ./$GIT_COMMIT_ID.manifest`) | ||
| artifacts: | ||
| files: | ||
| - '**/*' |
This file was deleted.
Oops, something went wrong.