+ build artifacts on Amazon s3#229
Conversation
|
@kontsevoy @klizhentas Please review |
| # | ||
| deploy: build-package | ||
| @echo "Deploying $(BUILD_TAG) to Amazon S3" | ||
| aws s3 cp $(TELEPORT_PACKAGE) \ |
There was a problem hiding this comment.
the only question that I have is that target will fail as this command will fail, but I assume you are going to address it later?
There was a problem hiding this comment.
Not sure I understand your comment, but it did fail. Since awscli is already available on jenkins, I attempted to minimize the configuration effort and moved the necessary settings into an ini file - check the planet PR planet to see. I also created a dummy jenkins job to just do a make deploy on an already available workspace to test drive.
So now, both local and jenkins deploys are using the same Makefile path and deploy if the awscli tools are available locally.
Not sure if committing the aws keys is a good idea even to the private repo, but I did not find a better way.
There was a problem hiding this comment.
we definitely should never do this. Instead we should allow Jenkins box to push to this bucket using IAM roles, so let's do this instead
|
Can one of the admins verify this patch? |
|
The patch looks good. DO NOT add keys to the repository. AWS has neat ways to grant applications access to itself (IAMs). Right now Jenkins machine is manually configured with its own AWS user (builder) and AWS CLI is fully functional. In the future we'll probably migrate to IAMs. |
|
I think @a-palchikov already migrated to IAM today |
+ build artifacts on Amazon s3
3c46009 Add app URI validation regexp to match backend logic (#227) (#229) gravitational/webapps@3c46009 [source: -w teleport-5.0] [target: -t branch/5.0]
3c46009 Add app URI validation regexp to match backend logic (#227) (#229) gravitational/webapps@3c46009 [source: -w teleport-5.0] [target: -t branch/5.0]
3 participants
This PR adds packaging and deployment of build artifacts to Amazon S3 bucket.