@@ -52,31 +52,35 @@ jobs:
5252
5353 - name : Set ACCOUNT - non prod
5454 if : ${{ env.ENVIRONMENT == 'dev' || env.ENVIRONMENT == 'test' }}
55- run : |
55+ run : |
5656 echo "ACC=${{ secrets.NON_PROD_ACCOUNT_ID }}" >> $GITHUB_ENV
5757 echo "ROLE=dev" >> $GITHUB_ENV
5858
5959name : Set ACCOUNT - prod
6060 if : ${{ env.ENVIRONMENT == 'sandbox' || env.ENVIRONMENT == 'prod' }}
61- run : |
61+ run : |
6262 echo "ACC=${{ secrets.PROD_ACCOUNT_ID }}" >> $GITHUB_ENV
6363 echo "ROLE=prod" >> $GITHUB_ENV
6464
6565uses : aws-actions/configure-aws-credentials@v4
6666 with :
6767 aws-region : ${{ vars.AWS_REGION }}
68- role-to-assume : arn:aws:iam::${{ env.ACC }}:role/delegatedadmin/developer/bcda-${{ env.ROLE }}-github-actions
68+ role-to-assume : arn:aws:iam::${{ env.ACC }}:role/delegatedadmin/developer/bcda-${{ env.ROLE }}-github-actions
6969 - name : Get Bucket
7070 uses : cmsgov/cdap/actions/aws-params-env-action@main
7171 env :
7272 AWS_REGION : ${{ vars.AWS_REGION }}
7373 with :
74- params : |
74+ params : |
7575 BUCKET=/bcda/${{ env.ENVIRONMENT }}/bcda-${{ env.ENVIRONMENT }}-admin-aco-deny-bucket
7676name : Upload and reload
7777 run : |
7878 aws s3 cp --no-progress function.zip \
79- s3://$BUCKET/function-${{ github.sha }}.zip
79+ s3://$BUCKET/function-${{ github.sha }}.zip
80+ aws s3api put-object-tagging \
81+ --bucket $BUCKET \
82+ --key function-${{ github.sha }}.zip \
83+ --tagging 'TagSet=[{Key=lifecycle-transition,Value=ia}]'
8084 aws lambda update-function-code --function-name bcda-$ENVIRONMENT-admin-aco-deny \
81- --s3-bucket $BUCKET --s3-key function-${{ github.sha }}.zip
85+ --s3-bucket $BUCKET --s3-key function-${{ github.sha }}.zip
8286
0 commit comments