switch to new aws account s3 bucket for dev artifacts (#8612)

This commit is contained in:
Alvin Huang 2020-09-03 23:40:23 -04:00 committed by GitHub
parent ed4b51f1ae
commit 9fb76d7bb5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 25 additions and 5 deletions

View File

@ -19,7 +19,7 @@ references:
EMAIL: noreply@hashicorp.com EMAIL: noreply@hashicorp.com
GIT_AUTHOR_NAME: circleci-consul GIT_AUTHOR_NAME: circleci-consul
GIT_COMMITTER_NAME: circleci-consul GIT_COMMITTER_NAME: circleci-consul
S3_ARTIFACT_BUCKET: consul-dev-artifacts S3_ARTIFACT_BUCKET: consul-dev-artifacts-v2
BASH_ENV: .circleci/bash_env.sh BASH_ENV: .circleci/bash_env.sh
VAULT_BINARY_VERSION: 1.2.2 VAULT_BINARY_VERSION: 1.2.2
@ -33,6 +33,27 @@ steps:
curl -sSL "${url}/v${GOTESTSUM_RELEASE}/gotestsum_${GOTESTSUM_RELEASE}_linux_amd64.tar.gz" | \ curl -sSL "${url}/v${GOTESTSUM_RELEASE}/gotestsum_${GOTESTSUM_RELEASE}_linux_amd64.tar.gz" | \
sudo tar -xz --overwrite -C /usr/local/bin gotestsum sudo tar -xz --overwrite -C /usr/local/bin gotestsum
get-aws-cli: &get-aws-cli
run:
name: download and install AWS CLI
command: |
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
echo -e "${AWS_CLI_GPG_KEY}" | gpg --import
curl -o awscliv2.sig https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip.sig
gpg --verify awscliv2.sig awscliv2.zip
unzip awscliv2.zip
sudo ./aws/install
aws-assume-role: &aws-assume-role
run:
name: assume-role aws creds
command: |
# assume role has duration of 15 min (the minimum allowed)
CREDENTIALS="$(aws sts assume-role --duration-seconds 900 --role-arn ${ROLE_ARN} --role-session-name build-${CIRCLE_SHA1} | jq '.Credentials')"
echo "export AWS_ACCESS_KEY_ID=$(echo $CREDENTIALS | jq -r '.AccessKeyId')" >> $BASH_ENV
echo "export AWS_SECRET_ACCESS_KEY=$(echo $CREDENTIALS | jq -r '.SecretAccessKey')" >> $BASH_ENV
echo "export AWS_SESSION_TOKEN=$(echo $CREDENTIALS | jq -r '.SessionToken')" >> $BASH_ENV
# This step MUST be at the end of any set of steps due to the 'when' condition # This step MUST be at the end of any set of steps due to the 'when' condition
notify-slack-failure: &notify-slack-failure notify-slack-failure: &notify-slack-failure
name: notify-slack-failure name: notify-slack-failure
@ -389,13 +410,12 @@ jobs:
# upload development build to s3 # upload development build to s3
dev-upload-s3: dev-upload-s3:
docker: docker:
- image: circleci/python:stretch - image: *GOLANG_IMAGE
environment: environment:
<<: *ENVIRONMENT <<: *ENVIRONMENT
steps: steps:
- run: - *get-aws-cli
name: Install awscli - *aws-assume-role
command: sudo pip install awscli
# get consul binary # get consul binary
- attach_workspace: - attach_workspace:
at: bin/ at: bin/