Merge pull request #1217 from guardian/update/aws #653

	name: CI

	on:
	pull_request:
	workflow_dispatch:
	push:
	branches:
	- main

	jobs:
	ci:
	runs-on: ubuntu-latest

	permissions:
	# Allow GitHub to request an OIDC JWT ID token, for exchange with `aws-actions/configure-aws-credentials`
	# See https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services#updating-your-github-actions-workflow
	id-token: write

	# Required for `actions/checkout`
	contents: read

	steps:
	- uses: actions/checkout@v3

	- uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-region: eu-west-1
	role-to-assume: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }}

	- name: Setup JDK
	uses: actions/setup-java@v3
	with:
	distribution: corretto
	java-version: 11

	- name: build + test
	run: \|
	set -e
	# Ensure we don't overwrite existing (Teamcity) builds.
	LAST_TEAMCITY_BUILD=2360
	export GITHUB_RUN_NUMBER=$(( $GITHUB_RUN_NUMBER + $LAST_TEAMCITY_BUILD ))

	# Note, lib/test because riffraff/riffRaffUpload only tests the riffraff project.
	./sbt clean scalafmtCheckAll scalafmtSbtCheck compile lib/test riffraff/riffRaffUpload

Provide feedback