-
Notifications
You must be signed in to change notification settings - Fork 47
32 lines (26 loc) · 1.26 KB
/
deploy-bots.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
on: [workflow_dispatch]
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
build-deploy:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@7739b9ba2efcda9dde65ad1e3c2dbe65b41dfba7
- uses: actions/setup-python@5f2af211d616f86005883b44826180b21abb4060
- uses: aws-actions/setup-sam@12a6719db503425e98edcc798b6779590a450e8f
- uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722
with:
aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_KEY }}
aws-region: us-east-2
# sam build
- run: sam build --use-container
working-directory: bots
# Run Unit tests- Specify unit tests here
# sam deploy
- run: sam deploy --no-confirm-changeset --no-fail-on-empty-changeset --stack-name kleros-v2-bots --s3-bucket kleros-v2-bots --capabilities CAPABILITY_IAM --region us-east-2
working-directory: bots