Use iam role and new (stage) s3 bucket

Author: Israphel

.github/pull_request_template.md

@@ -4,4 +4,4 @@
 
 ## How do we test the changes introduced in this PR?
 
-## Extra Notes
+## Extra Notes

.github/workflows/ci-cd.yml

@@ -8,6 +8,10 @@ on:
     branches:
       - '*'
 
+permissions:
+  contents: read
+  id-token: write
+
 jobs:
   build:
     name: Build
@@ -34,7 +38,24 @@ jobs:
       - name: npm Build
         run: BUILD_BRANCH=$(echo "${GITHUB_REF#refs/heads/}") BUILD_COMMIT=${{ github.sha }} npm run build
 
-      - name: Deploy S3 Development
+      - name: Configure AWS credentials (development)
+        if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/development' }}
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          role-to-assume: arn:aws:iam::079419646996:role/public-assets
+          aws-region: us-east-1
+
+      - name: Upload to S3 (development)
+        if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/development' }}
+        run: aws s3 sync $SOURCE_DIR s3://$BUCKET/$DEST_DIR $ARGS
+        env:
+          BUCKET: split-public-stage
+          SOURCE_DIR: ./umd
+          DEST_DIR: sdk
+          ARGS: --acl public-read --follow-symlinks --cache-control max-age=31536000,public
+
+      # TODO: Remove this upload step to the old (dev) Bucket
+      - name: Upload to S3 (development) (legacy)
         if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/development' }}
         uses: jakejarvis/[email protected]
         with:
@@ -47,15 +68,18 @@ jobs:
           SOURCE_DIR: './umd'
           DEST_DIR: sdk
 
-      - name: Deploy S3 Master
+      - name: Configure AWS credentials (master)
         if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
-        uses: jakejarvis/[email protected]
+        uses: aws-actions/configure-aws-credentials@v1
         with:
-          args: --acl public-read --follow-symlinks --cache-control max-age=31536000,public
+          role-to-assume: arn:aws:iam::825951051969:role/public-assets
+          aws-region: us-east-1
+
+      - name: Upload to S3 (master)
+        if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
+        run: aws s3 sync $SOURCE_DIR s3://$BUCKET/$DEST_DIR $ARGS
         env:
-          AWS_S3_BUCKET: 'split-public'
-          AWS_ACCESS_KEY_ID: ${{ secrets.PUBLIC_ASSETS_PROD_USER }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.PUBLIC_ASSETS_PROD_KEY }}
-          AWS_REGION: 'us-east-1'
-          SOURCE_DIR: './umd'
+          BUCKET: split-public
+          SOURCE_DIR: ./umd
           DEST_DIR: sdk
+          ARGS: --acl public-read --follow-symlinks --cache-control max-age=31536000,public

CONTRIBUTORS-GUIDE.md

@@ -41,4 +41,4 @@ If you want to debug your changes consuming it from a test application, you can
 
 # Contact
 
-If you have any other questions or need to contact us directly in a private manner send us a note at [email protected]
+If you have any other questions or need to contact us directly in a private manner send us a note at [email protected]

jest.config.js

@@ -13,4 +13,4 @@ module.exports = {
     "src/**/*.{js,jsx,ts,tsx}",
     "!src/__tests__/**",
   ]
-};
+};

tslint.json

@@ -22,4 +22,4 @@
     "no-unused-variable": true
   },
   "rulesDirectory": []
-}
+}