diff --git a/.github/workflows/prod.yaml b/.github/workflows/prod.yaml index 88f43102114..120e3c6bcf0 100644 --- a/.github/workflows/prod.yaml +++ b/.github/workflows/prod.yaml @@ -4,20 +4,17 @@ on: branches: - master +permissions: + id-token: write + contents: read + jobs: build-and-deploy: - uses: Cerebellum-Network/reusable-workflows/.github/workflows/build-and-upload-static.yaml@1.0.0 + uses: Cerebellum-Network/reusable-workflows/.github/workflows/deploy-to-cloudfront.yaml@master with: - runs-on: '["self-hosted", "cere-network-large"]' build_container: 'node:20-buster' - deploy_container: 'ubuntu:20.04' install_packages_command: 'yarn install' build_command: 'yarn build' path_to_static_files_to_upload: 'packages/apps/build' - secrets: - NETWORK_AWS_ACCESS_KEY_ID: ${{ secrets.PRD_NETWORK_AWS_ACCESS_KEY_ID }} - NETWORK_AWS_SECRET_ACCESS_KEY: ${{ secrets.PRD_NETWORK_AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ secrets.AWS_REGION }} - S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME_PRD }} - CF_DISTRIBUTION_ID: ${{ secrets.CF_DISTRIBUTION_ID_PRD }} - + s3_bucket_name: 'prd-cere-explorer-dist' + aws_account_id: ${{ vars.PRD_NETWORK_AWS_ACCOUNT_ID }} diff --git a/.github/workflows/stage.yaml b/.github/workflows/stage.yaml index 7ac84cb994c..b3ba8f3e04d 100644 --- a/.github/workflows/stage.yaml +++ b/.github/workflows/stage.yaml @@ -5,19 +5,17 @@ on: - 'release/**' - 'hotfix/**' +permissions: + id-token: write + contents: read + jobs: build-and-deploy: - uses: Cerebellum-Network/reusable-workflows/.github/workflows/build-and-upload-static.yaml@1.0.0 + uses: Cerebellum-Network/reusable-workflows/.github/workflows/deploy-to-cloudfront.yaml@master with: - runs-on: '["self-hosted", "cere-network-large"]' build_container: 'node:20-buster' - deploy_container: 'ubuntu:20.04' install_packages_command: 'yarn install' build_command: 'yarn build' path_to_static_files_to_upload: 'packages/apps/build' - secrets: - NETWORK_AWS_ACCESS_KEY_ID: ${{ secrets.STG_NETWORK_AWS_ACCESS_KEY_ID }} - NETWORK_AWS_SECRET_ACCESS_KEY: ${{ secrets.STG_NETWORK_AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ secrets.AWS_REGION }} - S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME_STG }} - CF_DISTRIBUTION_ID: ${{ secrets.CF_DISTRIBUTION_ID_STG }} + s3_bucket_name: 'stg-cere-explorer-dist' + aws_account_id: ${{ vars.STG_NETWORK_AWS_ACCOUNT_ID }}