fix: honor bypass-governance for Object Lock deletes #336
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Example: cross-bucket replicate (server-side)' | |
| # Copy an artifact from a source bucket to a destination bucket without the | |
| # bytes traversing the runner. Useful for promote-staging-to-prod patterns | |
| # where the two environments are separate buckets. | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| replicate: | |
| name: replicate | |
| if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' || (github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]') | |
| runs-on: ubuntu-latest | |
| env: | |
| KEY: examples/cross-bucket/${{ github.run_id }}/artifact.tar.gz | |
| steps: | |
| - uses: actions/checkout@9f698171ed81b15d1823a05fc7211befd50c8ae0 # v6.0.3 | |
| with: | |
| persist-credentials: false | |
| - name: Build a synthetic artifact | |
| run: | | |
| mkdir -p _art && date -u > _art/timestamp.txt && tar -czf artifact.tar.gz _art | |
| - name: Upload to source bucket | |
| uses: ./ | |
| with: | |
| action: upload | |
| application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }} | |
| application-key: ${{ secrets.B2_APPLICATION_KEY }} | |
| bucket: ${{ secrets.B2_TEST_BUCKET_SRC }} | |
| source: artifact.tar.gz | |
| destination: ${{ env.KEY }} | |
| - name: Replicate to destination bucket (server-side, cross-bucket) | |
| id: copy | |
| uses: ./ | |
| with: | |
| action: copy | |
| application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }} | |
| application-key: ${{ secrets.B2_APPLICATION_KEY }} | |
| bucket: ${{ secrets.B2_TEST_BUCKET }} # destination | |
| source-bucket: ${{ secrets.B2_TEST_BUCKET_SRC }} | |
| source: ${{ env.KEY }} | |
| destination: ${{ env.KEY }} | |
| - name: Confirm copy produced a file-id | |
| env: | |
| COPIED_FILE_ID: ${{ steps.copy.outputs.file-id }} | |
| run: test -n "$COPIED_FILE_ID" | |
| - name: Cleanup both buckets | |
| if: always() | |
| run: echo "Cleanup runs in next steps" | |
| - name: Cleanup source | |
| if: always() | |
| uses: ./ | |
| with: | |
| action: delete | |
| application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }} | |
| application-key: ${{ secrets.B2_APPLICATION_KEY }} | |
| bucket: ${{ secrets.B2_TEST_BUCKET_SRC }} | |
| source: ${{ env.KEY }} | |
| - name: Cleanup destination | |
| if: always() | |
| uses: ./ | |
| with: | |
| action: delete | |
| application-key-id: ${{ secrets.B2_APPLICATION_KEY_ID }} | |
| application-key: ${{ secrets.B2_APPLICATION_KEY }} | |
| bucket: ${{ secrets.B2_TEST_BUCKET }} | |
| source: ${{ env.KEY }} |