<div dir="ltr">What we could do is have different lifecycles per folder.<div><br></div><div>The /dev folder would keep artifacts for a few months (S3 is quite cheap).</div><div>The /release folder which contains tagged releases would not be garbage-collected at all.</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Thu, Mar 22, 2018 at 2:02 AM Manuel M T Chakravarty <<a href="mailto:manuel.chakravarty@tweag.io">manuel.chakravarty@tweag.io</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space">Jonas, our resident DevOps guru is happy with this approach, so I am, too ;)<div><br></div><div>Jonas notes that ”If the garbage collection can be time based, S3 can handle it itself: <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html" target="_blank">https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html</a>”</div><div><br></div><div>Cheers,</div><div>Manuel<br><div><br><blockquote type="cite"></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space"><div><div><blockquote type="cite"><div>21.03.2018 02:14 Karpov, Mark <<a href="mailto:mark.karpov@tweag.io" target="_blank">mark.karpov@tweag.io</a>>:</div><br class="m_-852498165076895197Apple-interchange-newline"></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space"><div><div><blockquote type="cite"><div><div dir="ltr">Hello,<div><br></div><div>I'd like to share a solution for storing build artifacts we've come up with. The solution is to use S3 to store N last artifacts per job on Circle CI and also on AppVeyor. Auth info can be stored in environment variables if we're careful to use the following settings:</div><div><br></div><div>* For Circle CI, there is "Pass secrets to builds from forked pull requests", which should be set to "off". This way only pull requests from the same repo will have access to sensitive environment variables.</div><div>* For AppVeyor, similarly, there is "Enable secure variables in pull requests from the same repository only" (should be enabled).</div><div><br></div><div>Then we can put the key that AWS uses for authentication in an environment variable and either</div><div><br></div><div>* Use AWS CLI utility and do some bash coding around it.</div><div>* Create a little application that will handle uploading to S3 with all the necessary logic.</div><div><br></div><div>By the logic I mean that we perhaps should do some clean-up, such as deletion of old files.</div><div><br></div><div>Let me know if this sounds good to you, and if so, I could start on this.</div><div><br></div><div>Cheers,</div><div><br></div><div>Mark</div></div>
_______________________________________________<br>Ghc-devops-group mailing list<br><a href="mailto:Ghc-devops-group@haskell.org" target="_blank">Ghc-devops-group@haskell.org</a><br><a href="https://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devops-group" target="_blank">https://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devops-group</a><br></div></blockquote></div></div></div></blockquote></div>