crabapples
/
noVNC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Github-AWS openId 

see https://bugtracker.codiodev.com/issue/codio-17207
This commit is contained in:
Dmitrii Suchkov 2025-10-24 12:14:39 +01:00
parent 719e1df166
commit fbef827a8c
No known key found for this signature in database
GPG Key ID: 18BA72981DD8376E
3 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/deploy.yml vendored
View File

@ -10,7 +10,7 @@ jobs:
npm: npm:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v5
- run: | - run: |
GITREV=$(git rev-parse --short HEAD) GITREV=$(git rev-parse --short HEAD)
echo $GITREV echo $GITREV

15
.github/workflows/release.yaml vendored
View File

@ -3,15 +3,26 @@ on:
release: release:
types: [created] types: [created]
permissions:
contents: write
id-token: write
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v5
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v5.1.0
with:
aws-region: us-east-1
role-to-assume: arn:aws:iam::028537455170:role/Github/GithubAssetsUploadRole_jvm-oom-handler
role-session-name: GithubAction
- name: Upload to s3 - name: Upload to s3
run: ./uploadToS3.sh "${{ secrets.ASSETS_UPLOADER_KEY }}" "${{ secrets.ASSETS_UPLOADER_SECRET }}" "${{ github.event.release.tag_name }}" run: ./uploadToS3.sh "${{ github.event.release.tag_name }}"
- name: Slack - name: Slack
uses: codio/codio-slack-action@master uses: codio/codio-slack-action@master

17
uploadToS3.sh
View File

@ -1,9 +1,7 @@
#!/bin/bash #!/bin/bash
set -xe set -xe
s3Key=$1 tag=$1
s3Secret=$2
tag=$3
folder="noVNC" folder="noVNC"
cdn="\/\/static-assets.codio.com\/${folder}\/${tag}" cdn="\/\/static-assets.codio.com\/${folder}\/${tag}"
@ -62,16 +60,9 @@ uploadFile () {
fName="${file#./}" fName="${file#./}"
contentType=$2 contentType=$2
bucket="codio-assets" bucket="codio-assets"
resource="/${bucket}/${folder}/${tag}/${fName}" resource="s3://${bucket}/${folder}/${tag}/${fName}"
dateValue=$(date -R)
stringToSign="PUT\n\n${contentType}\n${dateValue}\n${resource}" aws s3 cp "${file}" "${resource}" --cache-control no-cache --content-type "${contentType}"
signature=$(echo -en "${stringToSign}" | openssl sha1 -hmac "${s3Secret}" -binary | base64)
curl -X PUT -T "${file}" \
-H "Host: ${bucket}.s3.amazonaws.com" \
-H "Date: ${dateValue}" \
-H "Content-Type: ${contentType}" \
-H "Authorization: AWS ${s3Key}:${signature}" \
https://${bucket}.s3.amazonaws.com/"${folder}"/"${tag}"/"${fName}" || exit 1
} }
prepareSources prepareSources