Publish Arcane.Stream.BlobStorage to public.ecr.aws by @s-vitaliy #2
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Arcane.Stream.BlobStorage to ECR public registry | |
| run-name: Publish Arcane.Stream.BlobStorage to public.ecr.aws by @${{ github.actor }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: | | |
| Version number to publish. Defaults to the latest git tag in the repository. | |
| This version MUST exist in the ghcr.io registry. | |
| required: false | |
| default: "current" | |
| env: | |
| PROJECT_NAME: Arcane.Stream.BlobStorage | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| publish_image: | |
| name: Publish Docker Image to ECR Public | |
| runs-on: ubuntu-latest | |
| # if: ${{ startsWith(github.ref, 'refs/tags') }} | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get project version | |
| uses: SneaksAndData/github-actions/[email protected] | |
| id: current_version | |
| - name: Set up variables | |
| env: | |
| VERSION: ${{ inputs.version }} | |
| CURRENT_VERSION: ${{steps.current_version.outputs.version}} | |
| run: | | |
| test "$VERSION" == "current" && echo "IMAGE_VERSION=$CURRENT_VERSION" >> ${GITHUB_ENV} || echo "IMAGE_VERSION=$VERSION" >> ${GITHUB_ENV} | |
| - name: Import AWS Secrets | |
| uses: hashicorp/[email protected] | |
| with: | |
| url: https://hashicorp-vault.awsp.sneaksanddata.com/ | |
| role: github | |
| method: jwt | |
| secrets: | | |
| /secret/data/common/package-publishing/aws-ecr-public/production/container-user-public access_key | ACCESS_KEY ; | |
| /secret/data/common/package-publishing/aws-ecr-public/production/container-user-public access_key_id | ACCESS_KEY_ID ; | |
| id: aws_secrets | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/[email protected] | |
| with: | |
| aws-access-key-id: ${{ env.ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ env.ACCESS_KEY }} | |
| aws-region: us-east-1 | |
| - name: Log in to the GitHub Container Registry | |
| uses: docker/[email protected] | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Login to Amazon ECR Public | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| registry-type: public | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=semver,pattern={{version}},value=${{ env.IMAGE_VERSION }} | |
| flavor: | |
| latest=false | |
| - name: Push image to ECR Public registry | |
| uses: akhilerm/[email protected] | |
| with: | |
| src: ${{ steps.meta.outputs.tags }} | |
| dst: public.ecr.aws/s0t1h2z6/arcane/${{ github.event.repository.name }}:${{ steps.meta.outputs.version }} |