s3 bucket workflow success-try-1 #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Model Upload and Encrypt | |
| on: | |
| push: | |
| paths: | |
| - "models/**" # Trigger on any file changes in the 'models' directory | |
| jobs: | |
| upload_model: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up AWS CLI | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} # Securely use the secret key | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # Securely use the secret key | |
| aws-region: ${{ secrets.AWS_REGION }} # Use the region stored in the secret | |
| - name: Find model file | |
| id: find_model | |
| run: | | |
| # Find the model file in the models directory | |
| MODEL_FILE=$(find models -type f) | |
| echo "Model file found: $MODEL_FILE" | |
| echo "::set-output name=model_file::$MODEL_FILE" | |
| - name: Upload and encrypt the model to S3 | |
| run: | | |
| # Variables | |
| MODEL_FILE="${{ steps.find_model.outputs.model_file }}" # Model file found in previous step | |
| S3_BUCKET_NAME="${{ secrets.S3_BUCKET_NAME }}" # Use the secret for the bucket name | |
| KMS_KEY_ID="${{ secrets.KMS_KEY_ID }}" # Use the secret for the KMS key ID | |
| # Upload the model to S3 with encryption using the KMS key | |
| aws s3 cp $MODEL_FILE s3://$S3_BUCKET_NAME/ --sse aws:kms --sse-kms-key-id $KMS_KEY_ID | |
| echo "Model uploaded and encrypted with KMS." |