Skip to content

fix: honor bypass-governance for Object Lock deletes #336

fix: honor bypass-governance for Object Lock deletes

fix: honor bypass-governance for Object Lock deletes #336

name: 'Example: cross-bucket replicate (server-side)'
# Copy an artifact from a source bucket to a destination bucket without the
# bytes traversing the runner. Useful for promote-staging-to-prod patterns
# where the two environments are separate buckets.
on:
workflow_dispatch:
push:
branches: [main]
pull_request:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
replicate:
name: replicate
if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' || (github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]')
runs-on: ubuntu-latest
env:
KEY: examples/cross-bucket/${{ github.run_id }}/artifact.tar.gz
steps:
- uses: actions/checkout@9f698171ed81b15d1823a05fc7211befd50c8ae0 # v6.0.3
with:
persist-credentials: false
- name: Build a synthetic artifact
run: |
mkdir -p _art && date -u > _art/timestamp.txt && tar -czf artifact.tar.gz _art
- name: Upload to source bucket
uses: ./
with:
action: upload
application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }}
application-key: ${{ secrets.B2_APPLICATION_KEY }}
bucket: ${{ secrets.B2_TEST_BUCKET_SRC }}
source: artifact.tar.gz
destination: ${{ env.KEY }}
- name: Replicate to destination bucket (server-side, cross-bucket)
id: copy
uses: ./
with:
action: copy
application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }}
application-key: ${{ secrets.B2_APPLICATION_KEY }}
bucket: ${{ secrets.B2_TEST_BUCKET }} # destination
source-bucket: ${{ secrets.B2_TEST_BUCKET_SRC }}
source: ${{ env.KEY }}
destination: ${{ env.KEY }}
- name: Confirm copy produced a file-id
env:
COPIED_FILE_ID: ${{ steps.copy.outputs.file-id }}
run: test -n "$COPIED_FILE_ID"
- name: Cleanup both buckets
if: always()
run: echo "Cleanup runs in next steps"
- name: Cleanup source
if: always()
uses: ./
with:
action: delete
application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }}
application-key: ${{ secrets.B2_APPLICATION_KEY }}
bucket: ${{ secrets.B2_TEST_BUCKET_SRC }}
source: ${{ env.KEY }}
- name: Cleanup destination
if: always()
uses: ./
with:
action: delete
application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }}
application-key: ${{ secrets.B2_APPLICATION_KEY }}
bucket: ${{ secrets.B2_TEST_BUCKET }}
source: ${{ env.KEY }}