S3 secrets Vault integration #1769
Conversation
| - upload_build_artifacts: | ||
| requires: | ||
| - linux_package | ||
| filters: |
There was a problem hiding this comment.
Could you please remind me what this filter means?
Before this change it was only on master. Now it looks like it is on:
- Tags matching
/^v.*$/ - All branches? (I am not sure what default for branches is, and whether default branches is documented in Circle CI doc - I did not find it.)
There was a problem hiding this comment.
Yes, all branches. If there is no branch filters, it runs for all branches.
it's documented in the docs you refer:
If neither only nor ignore are specified then all branches will run the job.
About:
Before this change it was only on master. Now it looks like it is on:
This PR should not change the behaviour. However, the build artefact are uploaded for each branch build and on all release tags. Also the job itself have an extra check that uploads the "latest" build artefact on master only.
There was a problem hiding this comment.
I see, I was reading incorrectly, it does not change semantics, correct.
I see this snippet is kept:
aws s3 cp --acl public-read ${PACKAGE_TARBALL:?} s3://${S3_BUILDS_BUCKET:?}/
if [ -n "$CIRCLE_BRANCH" -a "$CIRCLE_BRANCH" = "master" ]; then
aws s3 cp --acl public-read ${PACKAGE_TARBALL:?} s3://${S3_BUILDS_BUCKET:?}/epoch-latest-${PKG_SUFFIX:?}.tar.gz
fi
| - upload_build_artifacts: | ||
| requires: | ||
| - linux_package | ||
| filters: |
There was a problem hiding this comment.
I see, I was reading incorrectly, it does not change semantics, correct.
I see this snippet is kept:
aws s3 cp --acl public-read ${PACKAGE_TARBALL:?} s3://${S3_BUILDS_BUCKET:?}/
if [ -n "$CIRCLE_BRANCH" -a "$CIRCLE_BRANCH" = "master" ]; then
aws s3 cp --acl public-read ${PACKAGE_TARBALL:?} s3://${S3_BUILDS_BUCKET:?}/epoch-latest-${PKG_SUFFIX:?}.tar.gz
fi
Run the scripts on infrastructure docker image.
https://www.pivotaltracker.com/story/show/160452961