Various RBAC fixes related to managed RoleDefinitions (#15287) #2117
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Upload API Schema | |
env: | |
LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting | |
on: | |
push: | |
branches: | |
- devel | |
- release_** | |
- feature_** | |
jobs: | |
push: | |
runs-on: ubuntu-latest | |
timeout-minutes: 60 | |
permissions: | |
packages: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get python version from Makefile | |
run: echo py_version=`make PYTHON_VERSION` >> $GITHUB_ENV | |
- name: Install python ${{ env.py_version }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.py_version }} | |
- name: Log in to registry | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Pre-pull image to warm build cache | |
run: | | |
docker pull ghcr.io/${{ github.repository_owner }}/awx_devel:${GITHUB_REF##*/} || : | |
- name: Build image | |
run: | | |
DEV_DOCKER_TAG_BASE=ghcr.io/${{ github.repository_owner }} COMPOSE_TAG=${GITHUB_REF##*/} make docker-compose-build | |
- name: Generate API Schema | |
run: | | |
docker run -u $(id -u) --rm -v ${{ github.workspace }}:/awx_devel/:Z \ | |
--workdir=/awx_devel ghcr.io/${{ github.repository_owner }}/awx_devel:${GITHUB_REF##*/} /start_tests.sh genschema | |
- name: Upload API Schema | |
env: | |
AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} | |
AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} | |
AWS_REGION: 'us-east-1' | |
run: | | |
ansible localhost -c local, -m command -a "{{ ansible_python_interpreter + ' -m pip install boto3'}}" | |
ansible localhost -c local -m aws_s3 \ | |
-a "src=${{ github.workspace }}/schema.json bucket=awx-public-ci-files object=${GITHUB_REF##*/}/schema.json mode=put permission=public-read" | |