Skip to content

Sync production to main, including security fix in #1376 (#1377) #78

Sync production to main, including security fix in #1376 (#1377)

Sync production to main, including security fix in #1376 (#1377) #78

name: Deploy to Production
on:
push:
branches: [prod]
permissions:
id-token: write
contents: read # This is required for actions/checkout
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Build
uses: ./.github/actions/build
with:
environment: production
deploy:
runs-on: ubuntu-latest
needs: build
environment:
name: production
url: https://talk.brave.com
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-session-name: github-actions-talk-brave-com-${{ github.run_id }}
aws-region: ${{ vars.AWS_REGION }}
- name: Deploy
uses: ./.github/actions/deploy
env:
AWS_REGION: ${{ vars.AWS_REGION }}
with:
cloudfront-distribution-id: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }}
s3-bucket: ${{ secrets.S3_BUCKET }}