From 6e363d5026bd85568d96db243d04d4212ddcd9cd Mon Sep 17 00:00:00 2001 From: Callum Morris Date: Wed, 16 Oct 2024 16:58:43 +1300 Subject: [PATCH] feat: add composite action for copying from s3 Adapted from reusable-copy-to-s3 workflow. Having it as a composite action should help address the workflow nesting limit that we see in some situations --- .github/actions/copy-from-s3/action.yml | 91 +++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 .github/actions/copy-from-s3/action.yml diff --git a/.github/actions/copy-from-s3/action.yml b/.github/actions/copy-from-s3/action.yml new file mode 100644 index 0000000..7c3b876 --- /dev/null +++ b/.github/actions/copy-from-s3/action.yml @@ -0,0 +1,91 @@ +name: Copy from S3 +description: Copy file/s from S3 to GitHub Actions Artifacts. +inputs: + aws-region: + type: string + default: ap-southeast-2 + required: false + description: | + the AWS region to use; e.g ap-southeast-2 + aws-role-arn-to-assume: + type: string + required: true + description: | + an AWS role ARN to assume. + e.g: arn:aws:iam::ACCOUNT_ID:role/github-actions-ROLE_NAME + aws-role-duration-seconds: + type: number + required: false + default: 3600 + description: | + the number of seconds to hold a session open for. + # aws-role-session-name: + # type: string + # required: false + # description: | + # the name of the session to use for AssumeRole(WithWebIdentity) + use-sync: + type: boolean + default: false + required: false + description: | + whether it should use sync instead of cp (copy) + single-file: + type: boolean + default: false + required: false + description: | + single file copy + artifact-path: + type: string + required: true + description: | + the path to download the S3 file/s to + artifact-name: + type: string + required: true + description: | + the name to give the Github Actions artifact + s3-bucket-uri: + type: string + required: true + description: | + the AWS S3 bucket URI to copy from +runs: + using: "composite" + steps: + - name: Validate bucket + uses: GeoNet/Actions/.github/actions/validate-bucket-uri@caS3 + with: + s3-bucket-uri: ${{ inputs.s3-bucket-uri }} + - name: Configure AWS Credentials + env: + REPO: ${{ github.repository }} + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 + with: + aws-region: ${{ inputs.aws-region }} + role-to-assume: ${{ inputs.aws-role-arn-to-assume }} + role-duration-seconds: ${{ inputs.aws-role-duration-seconds }} + role-session-name: $(echo "github-actions-copy-from-s3-to-$REPO" | sed 's,/,--,g' | tr '[[:upper:]]' '[[:lower:]]') + - name: Copy from S3 + shell: bash + env: + LOCAL_DESTINATION_DIR: ${{ inputs.artifact-path }} + S3_BUCKET_URI: ${{ inputs.s3-bucket-uri }} + run: | + if [ ${{ inputs.use-sync }} = true ]; then + aws s3 sync "$S3_BUCKET_URI" "$LOCAL_DESTINATION_DIR" + else + ARGS=() + if [ ${{ inputs.single-file }} = false ]; then + ARGS+=(--recursive) + fi + aws s3 cp "${ARGS[@]}" "$S3_BUCKET_URI" "$LOCAL_DESTINATION_DIR" + fi + - name: Upload to GitHub Actions artifacts + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + with: + name: ${{ inputs.artifact-name }} + path: ${{ inputs.artifact-path }} + retention-days: 1 + overwrite: true \ No newline at end of file