mirror of
https://github.com/ivabus/pantry
synced 2024-11-22 08:25:07 +03:00
Only invalidate cloudfront once for restock ops
This commit is contained in:
parent
e4872f02d1
commit
ce5a5d4054
3 changed files with 34 additions and 1 deletions
5
.github/workflows/pkg-platform.yml
vendored
5
.github/workflows/pkg-platform.yml
vendored
|
@ -37,6 +37,9 @@ on:
|
|||
complain:
|
||||
type: boolean
|
||||
default: false
|
||||
invalidate-cloudfront:
|
||||
type: boolean
|
||||
default: true
|
||||
secrets:
|
||||
APPLE_CERTIFICATE_P12: { required: false }
|
||||
APPLE_CERTIFICATE_P12_PASSWORD: { required: false }
|
||||
|
@ -222,7 +225,7 @@ jobs:
|
|||
--distribution-id ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
|
||||
--paths
|
||||
/$DIRNAME/versions.txt
|
||||
if: ${{ ! inputs.dry-run }}
|
||||
if: ${{ ! inputs.dry-run && inputs.invalidate-cloudfront }}
|
||||
|
||||
complain:
|
||||
needs: bottle
|
||||
|
|
4
.github/workflows/pkg.yml
vendored
4
.github/workflows/pkg.yml
vendored
|
@ -13,6 +13,9 @@ on:
|
|||
complain:
|
||||
type: boolean
|
||||
default: false
|
||||
invalidate-cloudfront:
|
||||
type: boolean
|
||||
default: true
|
||||
|
||||
jobs:
|
||||
plan:
|
||||
|
@ -50,4 +53,5 @@ jobs:
|
|||
dry-run: ${{ inputs.dry-run }}
|
||||
tinyname: ${{ matrix.platform.tinyname }}
|
||||
complain: ${{ inputs.complain }}
|
||||
invalidate-cloudfront: ${{ inputs.invalidate-cloudfront }}
|
||||
secrets: inherit
|
||||
|
|
26
.github/workflows/restock.yml
vendored
26
.github/workflows/restock.yml
vendored
|
@ -31,4 +31,30 @@ jobs:
|
|||
issues: write #FIXME we don’t want this but I don’t think we can alter the way permissions are inherited
|
||||
with:
|
||||
pkg: ${{inputs.project}}=${{ matrix.version }}
|
||||
invalidate-cloudfront: false # we do it all at once below otherwise
|
||||
secrets: inherit
|
||||
|
||||
invalidate-cloudfront:
|
||||
needs: pkg
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
if: always()
|
||||
# ^^ not ideal but often <5% builds fail because we have modified the build script
|
||||
# in a non backward compatible way over time and we still want to invalidate cloudfront
|
||||
# for most of the builds.
|
||||
|
||||
steps:
|
||||
- uses: aws-actions/configure-aws-credentials@v4
|
||||
with:
|
||||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# FIXME ideally we would get the exact path list from the above matrix
|
||||
# but GitHub Actions has no clean way to do that. This is more ideal as
|
||||
# we don’t want to invalidate paths that failed and certainly want to
|
||||
# avoid invalidations if all failed
|
||||
- name: invalidate cloudfront
|
||||
run: aws cloudfront create-invalidation
|
||||
--distribution-id ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
|
||||
--paths /${{inputs.project}}/*
|
||||
|
|
Loading…
Reference in a new issue