35 lines
1.1 KiB
YAML
35 lines
1.1 KiB
YAML
{{- define "template.upload-storage" -}}
|
|
- name: upload-storage
|
|
container:
|
|
image: {{ .Values.images.awsCli }}
|
|
envFrom:
|
|
- secretRef:
|
|
name: amp-security-pipeline-secrets
|
|
env:
|
|
- name: REPORTS_BUCKET
|
|
value: {{ .Values.storage.reportsBucket | quote }}
|
|
- name: REPO_NAME
|
|
value: {{ .Values.pipeline.repoName | quote }}
|
|
- name: STORAGE_ENDPOINT
|
|
value: {{ .Values.storage.endpoint | quote }}
|
|
command:
|
|
- sh
|
|
- -c
|
|
args:
|
|
- |
|
|
set -eu
|
|
export AWS_ACCESS_KEY_ID="${S3_ACCESS_KEY_ID:-}"
|
|
export AWS_SECRET_ACCESS_KEY="${S3_SECRET_ACCESS_KEY:-}"
|
|
commit_sha="${GIT_COMMIT_SHA:-unknown}"
|
|
report_date="$(date -u +%F)"
|
|
sync_target="s3://${REPORTS_BUCKET}/${REPO_NAME}/${report_date}/${commit_sha}/"
|
|
if [ -n "${STORAGE_ENDPOINT}" ]; then
|
|
aws --endpoint-url "${STORAGE_ENDPOINT}" s3 sync /workspace/reports "${sync_target}"
|
|
else
|
|
aws s3 sync /workspace/reports "${sync_target}"
|
|
fi
|
|
volumeMounts:
|
|
- name: workspace
|
|
mountPath: /workspace
|
|
{{- end }}
|