Skip to content

feat: add new workflow that uploads the src dir to s3 on release #723

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MindyCoW merged 2 commits into from
Dec 2, 2025
Merged

feat: add new workflow that uploads the src dir to s3 on release #723

MindyCoW merged 2 commits into from
Dec 2, 2025

Conversation

@kernelwhisperer
Copy link
Contributor

@kernelwhisperer kernelwhisperer commented Dec 2, 2025
edited by coderabbitai bot
Loading

Summary

This change adds a new github workflow, which on each release uploads the src folder to files.cow.fi/cow-sdk so that we can use the chain images in swap.cow.fi and in the sdk.

Testing

We after merging we can see if the worflow works successfuly and if we can access https://files.cow.fi/cow-sdk/bridging/providers/across/across-logo.png. There might be some secrets that need to be set up.

Background

This PR is part of https://linear.app/cowswap/issue/COW-136/token-lists-cdn

Moving away from our reliance on github CDN.
This is no longer viable as Github recently changed their rate limiting policy for non-logged in users.

Related PRs:
cowprotocol/cowswap#6591
#724

Summary by CodeRabbit

  • Chores
    • Configured automated deployment workflow to publish library updates to distribution network upon release creation or manual trigger.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Dec 2, 2025
edited
Loading

Walkthrough

Adds a new GitHub Actions workflow that deploys the repository's src directory to S3 on release or manual trigger, assumes an IAM role for AWS credentials, deletes extraneous S3 objects, and invalidates a CloudFront distribution for /cow-sdk/*.

Changes

Cohort / File(s) Summary
GitHub Actions Deployment Workflow
.github/workflows/deploy-to-s3.yml		 New workflow "Deploy to S3" triggered on release and workflow_dispatch. Checks out code, configures AWS credentials by assuming an IAM role, syncs src to s3://files.cow.fi/cow-sdk (with --delete), and creates a CloudFront invalidation using DISTRIBUTION secret.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant GH as GitHub Actions
    participant Repo as Repository (src)
    participant AWS_STS as AWS STS (AssumeRole)
    participant S3 as S3 Bucket (s3://files.cow.fi/cow-sdk)
    participant CF as CloudFront

    GH->>Repo: checkout repository
    GH->>AWS_STS: assume IAM role (from secret)
    AWS_STS-->>GH: temporary AWS credentials
    GH->>S3: aws s3 sync src -> s3://files.cow.fi/cow-sdk (--delete)
    S3-->>GH: sync result
    GH->>CF: create invalidation for /cow-sdk/* (using DISTRIBUTION)
    CF-->>GH: invalidation response
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

  • Confirm IAM role ARN and least-privilege permissions.
  • Verify S3 bucket path and intended --delete behavior.
  • Check DISTRIBUTION secret value and invalidation path.

Suggested reviewers

  • alfetopito

Poem

🐰 I hopped through branches, files in tow,
Pushed src to S3 where new winds blow,
CloudFront cleared with a tiny spin—
Deployments hum, let the updates begin! 🚀

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: adding a GitHub Actions workflow that uploads the src directory to S3 on release.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch feat/upload-assets-to-s3
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e132c59 and 0e5e43d.

📒 Files selected for processing (1)
  • .github/workflows/deploy-to-s3.yml (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/deploy-to-s3.yml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Publish to GitHub Packages
  • GitHub Check: test
  • GitHub Check: eslint

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Contributor

github-actions bot commented Dec 2, 2025
edited
Loading

📦 GitHub Packages Published

Last updated: Dec 2, 2025, 09:12:07 AM UTC

The following packages have been published to GitHub Packages with pre-release version pr-723-587df919:

Installation

These packages require authentication to install from GitHub Packages. First, create a .npmrc file:

# Create .npmrc file in your project root
echo "@cowprotocol:registry=https://npm.pkg.github.com" > .npmrc
echo "//npm.pkg.github.com/:_authToken=YOUR_GITHUB_TOKEN" >> .npmrc

To get your GitHub token:

  1. Go to https://github.com/settings/tokens
  2. Click "Generate new token (classic)"
  3. Check only the "read:packages" scope
  4. Copy the token and replace YOUR_GITHUB_TOKEN in the .npmrc file

Then install any of the packages above, either by exact version (i.e. @cowprotocol/[email protected]) or more conveniently by using the tag (@cowprotocol/cow-sdk@pr-723):

# Yarn
yarn add npm:@cowprotocol/cow-sdk@pr-723

# pnpm
pnpm install npm:@cowprotocol/cow-sdk@pr-723

# NPM
npm install npm:@cowprotocol/cow-sdk@pr-723

Update to the latest version (only if you used the tag)

Every commit will publish a new package. To upgrade to the latest version, run:

# Yarn
yarn upgrade @cowprotocol/cow-sdk

# pnpm
pnpm update @cowprotocol/cow-sdk

# NPM
npm update @cowprotocol/cow-sdk

View Packages

You can view the published packages at: https://github.com/cowprotocol/cow-sdk/packages

coderabbitai[bot]
coderabbitai bot reviewed Dec 2, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🧹 Nitpick comments (1)
.github/workflows/deploy-to-s3.yml (1)

39-40: Document the DISTRIBUTION secret.

The DISTRIBUTION secret is used without explanation. Future maintainers won't know what it contains or how to update it.

Add a comment explaining the secret:

+      # CloudFront distribution ID from repository secrets
       env:
         DIST_ID: ${{ secrets.DISTRIBUTION }}

Also consider adding documentation in your repository's README or CONTRIBUTING.md:

### Secrets Configuration

- **DISTRIBUTION**: CloudFront distribution ID for the cow-sdk distribution (e.g., `E1234567EXAMPLE`)
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d8cb9ec and e132c59.

📒 Files selected for processing (1)
  • .github/workflows/deploy-to-s3.yml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: test
  • GitHub Check: Build Package
  • GitHub Check: Publish to GitHub Packages
  • GitHub Check: eslint

This was referenced Dec 2, 2025
Merged
Merged
@kernelwhisperer kernelwhisperer self-assigned this Dec 2, 2025
@kernelwhisperer kernelwhisperer requested a review from a team December 2, 2025 09:00
limitofzero
limitofzero reviewed Dec 2, 2025
View reviewed changes
limitofzero
limitofzero reviewed Dec 2, 2025
View reviewed changes
limitofzero
limitofzero approved these changes Dec 2, 2025
View reviewed changes
Copy link
Contributor

@limitofzero limitofzero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you 🙏

@MindyCoW MindyCoW merged commit bae88ef into main Dec 2, 2025
9 checks passed
@MindyCoW MindyCoW deleted the feat/upload-assets-to-s3 branch December 2, 2025 15:40
@github-actions github-actions bot locked and limited conversation to collaborators Dec 2, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@shoom3301 shoom3301 shoom3301 approved these changes

@limitofzero limitofzero limitofzero approved these changes

Assignees

@kernelwhisperer kernelwhisperer

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@kernelwhisperer @shoom3301 @limitofzero @MindyCoW