mirror of
https://github.com/ivabus/pantry
synced 2024-11-23 00:45:07 +03:00
60 lines
1.9 KiB
YAML
60 lines
1.9 KiB
YAML
name: restock pkg inventory
|
||
run-name: restocking ${{ inputs.project }}
|
||
|
||
on:
|
||
workflow_dispatch:
|
||
inputs:
|
||
project:
|
||
description: a single project, eg. `foo.com`
|
||
required: true
|
||
type: string
|
||
|
||
jobs:
|
||
ingest:
|
||
runs-on: ubuntu-latest
|
||
outputs:
|
||
versions: ${{ steps.inventory.outputs.versions }}
|
||
steps:
|
||
- uses: pkgxdev/setup@v2
|
||
- uses: actions/checkout@v4
|
||
- run: ./.github/scripts/inventory.ts ${{ inputs.project }}
|
||
id: inventory
|
||
|
||
pkg:
|
||
needs: ingest
|
||
strategy:
|
||
fail-fast: false
|
||
matrix:
|
||
version: ${{ fromJSON(needs.ingest.outputs.versions) }}
|
||
uses: ./.github/workflows/pkg.yml
|
||
permissions:
|
||
issues: write #FIXME we don’t want this but I don’t think we can alter the way permissions are inherited
|
||
with:
|
||
pkg: ${{inputs.project}}=${{ matrix.version }}
|
||
invalidate-cloudfront: false # we do it all at once below otherwise
|
||
secrets: inherit
|
||
|
||
invalidate-cloudfront:
|
||
needs: pkg
|
||
runs-on: ubuntu-latest
|
||
|
||
if: always()
|
||
# ^^ not ideal but often <5% builds fail because we have modified the build script
|
||
# in a non backward compatible way over time and we still want to invalidate cloudfront
|
||
# for most of the builds.
|
||
|
||
steps:
|
||
- uses: aws-actions/configure-aws-credentials@v4
|
||
with:
|
||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||
aws-region: us-east-1
|
||
|
||
# FIXME ideally we would get the exact path list from the above matrix
|
||
# but GitHub Actions has no clean way to do that. This is more ideal as
|
||
# we don’t want to invalidate paths that failed and certainly want to
|
||
# avoid invalidations if all failed
|
||
- name: invalidate cloudfront
|
||
run: aws cloudfront create-invalidation
|
||
--distribution-id ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
|
||
--paths /${{inputs.project}}/*
|