rudderlabs · saikumarrs · Dec 11, 2024 · Dec 11, 2024 · Dec 11, 2024 · Dec 11, 2024
diff --git a/.github/workflows/unit-tests-and-lint.yml b/.github/workflows/unit-tests-and-lint.yml
@@ -67,3 +67,12 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+  temp:
+    uses: ./.github/workflows/update-cache-policy.yml
+    with:
+      policy_type: 'no-store'
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
+      AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }}
+      AWS_S3_SYNC_ROLE: ${{ secrets.AWS_S3_SYNC_ROLE }}
@@ -0,0 +1,63 @@
+name: Update cache control policy
+
+on:
+  workflow_dispatch:
+    inputs:
+      policy_type:
+        type: choice
+        description: Select the cache control policy type
+        required: true
+        options:
+          - no-store
+          - max-age=3600
+  workflow_call:
+    inputs:
+      policy_type:
+        type: string
+        required: true
+    secrets:
+      AWS_ACCOUNT_ID:
+        description: AWS Account ID
+        required: true
+      AWS_S3_BUCKET_NAME:
+        description: AWS S3 Bucket Name
+        required: true
+      AWS_S3_SYNC_ROLE:
+        description: AWS S3 Sync Role
+        required: true
+
+permissions:
+  id-token: write # allows the JWT to be requested from GitHub's OIDC provider
+  contents: read # This is required for actions/checkout
+
+jobs:
+  update-cache-policy:
+    name: Update cache control policy for SDK artifacts
+    runs-on: [self-hosted, Linux, X64]
+
+    steps:
+      - name: Install AWS CLI
+        uses: unfor19/install-aws-cli-action@master
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_S3_SYNC_ROLE }}
+          aws-region: us-east-1
+
+      - name: Determine the cache control policy
+        id: determine_policy
+        run: |
+          echo "cache_control_policy=${{ github.event.inputs.policy_type || inputs.policy_type }}" >> $GITHUB_ENV
+
+      - name: Update cache control policy
+        run: |
+          aws s3api list-objects --bucket ${{ secrets.AWS_S3_BUCKET_NAME }} --prefix adobe-analytics-js --query "Contents[].Key" --output text | while read key; do
+              aws s3api copy-object \
+                  --bucket ${{ secrets.AWS_S3_BUCKET_NAME }} \
+                  --copy-source ${{ secrets.AWS_S3_BUCKET_NAME }}/$key \
+                  --key $key \
+                  --metadata-directive REPLACE \
+                  --cache-control "${{ env.cache_control_policy }}"
+          done
+