add note for user task access restrictions in SM (#3814) #2263
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: publish-stage | |
on: | |
push: | |
branches: | |
- "main" | |
tags-ignore: | |
- "*" | |
permissions: | |
id-token: write | |
jobs: | |
publish: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-node@v1 | |
with: | |
node-version: 16 | |
- name: Install Dependencies | |
run: npm ci | |
- name: Update URL | |
run: 'sed -i ''s!url: "https://docs.camunda.io"!url: "https://stage.docs.camunda.io"!g'' docusaurus.config.js' | |
- name: Update redirects for environment | |
run: "sed -i 's!https://unsupported.docs.camunda.io!https://stage.unsupported.docs.camunda.io!g' ./static/.htaccess" | |
- name: Build | |
run: npm run build | |
env: | |
NODE_OPTIONS: --max_old_space_size=8192 | |
- name: Get Github Actions IP | |
id: ip | |
uses: haythem/[email protected] | |
- name: Add Github Actions IP to Security group so we can publish | |
run: | | |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
- name: Publish | |
uses: burnett01/[email protected] | |
with: | |
switches: -avzr --delete | |
path: build/ | |
remote_path: ${{ secrets.AWS_STAGE_PUBLISH_PATH }} | |
remote_host: ${{ secrets.AWS_STAGE_PUBLISH_HOST }} | |
remote_user: ${{ secrets.AWS_STAGE_PUBLISH_USER }} | |
# vvvvv Intentionally missing the AWS_ prefix vvvvv | |
remote_key: ${{ secrets.PUBLISH_STAGE_KEY }} | |
- name: Remove Github Actions IP from security group | |
run: | | |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
if: always() |