This action exposes the min.io mirror subcommand.
The original use case for this GitHub action was to upload build artifacts to a self-hosted Minio instance.
Note: In the following, we assume that you have, on your local dev machine, administrator access to a Minio cluster with local alias MYCLUSTER.
(I.e., we assume that you have configured access to that cluster on your machine using mc config host add MYCLUSTER https://...).
We want a dedicated bucket for the CI artifacts, and a dedicated user for the workflow that has access to only that bucket.
We therefore need to
- create a Minio user
- create a Minio bucket
- create a Minio policy that allows access to just that bucket
- assign the Minio user we just created that policy in order to give it access to the bucket
This repository ships with a convenience script that creates above resources (with a random password):
scripts/create-user-and-bucket.bash \
MYCLUSTER \
projectname-ci-artifact-uploader \
projectname-ci-artifacts \
noreplacePlease have a look at the script before you run it on a production installation ;)
The output should end with the following lines:
SUCCESS
Use the following environment variable to impersonate the user create above:
MC_HOST_myalias=https://projectname-ci-artifact-uploader:<SOMERANDOMPASSWORD>@<cluster-url-from-mc-config-host-list>
- name: Upload Artifacts
uses: 49nord/action-minio-mirror@v1
with:
host: ${{ secrets.ARTIFACT_UPLOAD_HOST }}
bucket: ${{ secrets.ARTIFACT_UPLOAD_BUCKET }}
src: ./artifacts
dst: ${{ github.sha }}
# optional: args that are passed-through to the mc command
# args: --overwrite --delete(At the time of writing, secrets are configured in RepoView/Settings/Secrets)
| Secret Name | Example Value |
|---|---|
| ARTIFACT_UPLOAD_HOST | https://projectname-ci-artifact-uploader:<SOMERANDOMPASSWORD>@<cluster-url-from-mc-config-host-list> |
| ARTIFACT_UPLOAD_BUCKET | projectname-ci-artifacts |