From 4f556bde0c48051cf9081e44a04afbe26b31c2a8 Mon Sep 17 00:00:00 2001
From: Perry Zhu <perryzhu2004@outlook.com>
Date: Sat, 11 Oct 2025 11:35:45 -0700
Subject: [PATCH] cd: publish built artifacts to s3

---
 .github/workflows/push-artifacts.yaml | 32 +++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 .github/workflows/push-artifacts.yaml

diff --git a/.github/workflows/push-artifacts.yaml b/.github/workflows/push-artifacts.yaml
new file mode 100644
index 0000000..b7eb27c
--- /dev/null
+++ b/.github/workflows/push-artifacts.yaml
@@ -0,0 +1,32 @@
+# Build artifacts and push to S3
+name: Publish to S3
+on:
+    push:
+        branches:
+            - main
+jobs:
+    deploy:
+        runs-on: ubuntu-latest
+        permissions:
+            id-token: write
+            contents: read
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+            - name: Configure AWS Credentials
+              uses: aws-actions/configure-aws-credentials@v4
+              with:
+                  role-to-assume: ${{ secrets.AWS_IAM_ROLE_ARN }}
+                  aws-region: ${{ secrets.AWS_REGION }}
+            - name: Setup Node.js
+              uses: actions/setup-node@v4
+              with:
+                  node-version: "22"
+                  cache: "yarn"
+            - name: Install Dependencies
+              run: yarn install --frozen-lockfile
+            - name: Build Project
+              run: yarn build
+            - name: Deploy to S3
+              run: |
+                  aws s3 sync ./dist s3://${{ secrets.AWS_S3_BUCKET }} --delete