Manage bucket and backup repos #108

Workflow file for this run

.github/workflows/backups.yaml at 3ce43f9

	name: Manage bucket and backup repos

	on:
	schedule:
	- cron: '00 0 * * 1'

	permissions:
	id-token: write
	contents: read
	actions: write

	jobs:
	create-bucket:
	runs-on: [k8s-public]
	container:
	image: hashicorp/terraform:latest
	options: --entrypoint /bin/sh
	steps:
	- uses: actions/checkout@v4

	- name: Vault Login
	uses: Chia-Network/actions/vault/login@main
	with:
	vault_url: ${{ secrets.VAULT_URL }}
	role_name: github-ecosystem-activity

	- name: Get ephemeral aws credentials
	uses: Chia-Network/actions/vault/aws-sts@main
	with:
	vault_url: ${{ secrets.VAULT_URL }}
	vault_token: ${{ env.VAULT_TOKEN }}
	role_name: bucket-create

	- uses: Chia-Network/actions/terraform/apply@main
	with:
	workspace: default
	varfile: /dev/null
	terraform_dir: backups/terraform

	backup-repos:
	needs: create-bucket
	runs-on: [k8s-public]
	container: alpine:latest
	steps:
	- uses: actions/checkout@v4

	- name: Vault Login
	uses: Chia-Network/actions/vault/login@main
	with:
	vault_url: ${{ secrets.VAULT_URL }}
	role_name: github-ecosystem-activity

	- name: Get secrets from vault
	uses: hashicorp/vault-action@v3
	with:
	url: ${{ secrets.VAULT_URL }}
	token: ${{ env.VAULT_TOKEN }}
	secrets: \|
	secret/data/github_users/chiaautomation/repo-backups-s3 username \| GH_USER;
	secret/data/github_users/chiaautomation/repo-backups-s3 password \| GH_TOKEN;

	- name: Get ephemeral aws credentials
	uses: Chia-Network/actions/vault/aws-sts@main
	with:
	vault_url: ${{ secrets.VAULT_URL }}
	vault_token: ${{ env.VAULT_TOKEN }}
	role_name: github-repo-backups-s3-upload
	ttl: 10800s

	- name: Run the script
	run: \|
	apk add bash aws-cli git curl yq
	/bin/bash ./backups/backup.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Manage bucket and backup repos #108

Workflow file

Manage bucket and backup repos #108

Jobs

Run details

Workflow file for this run