claim ownership of project for drips (#2678) #691
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Publishes storetheindex container images to the private AWS ECR. | |
# The images published to ECR are used in Kubernetes clusters to server cid.contact. | |
name: ECR | |
on: | |
# The tags in this repo are pushed via CI, the push events for which will not trigger workflows. | |
# However, releases are created by contributors, hence the use of release event to build images. | |
release: | |
types: | |
- published | |
push: | |
paths-ignore: | |
- 'deploy/**' | |
- 'doc/**' | |
branches: | |
- main | |
jobs: | |
publisher: | |
if: ${{ github.event.pusher.name != 'sti-bot' }} | |
name: Publish | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
env: | |
ECR_REGISTRY: 407967248065.dkr.ecr.us-east-2.amazonaws.com/storetheindex | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Determine Container Tag | |
run: | | |
IMAGE_TAG="${GITHUB_REF#refs/tags/v}" | |
if test "${IMAGE_TAG}" = "${GITHUB_REF}"; then | |
IMAGE_TAG="$(date '+%Y%m%d%H%M%S')-${GITHUB_SHA}" | |
fi | |
echo "Using image tag: ${IMAGE_TAG}" | |
echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_ENV | |
- name: AWS Login | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-region: us-east-2 | |
role-to-assume: "arn:aws:iam::407967248065:role/common/github_actions" | |
role-duration-seconds: 1200 | |
- name: Login to Amazon ECR | |
run: aws ecr get-login-password | docker login --username AWS --password-stdin ${ECR_REGISTRY} | |
- name: Publish Container Image | |
run: | | |
IMAGE_NAME="${ECR_REGISTRY}/storetheindex:${IMAGE_TAG}" | |
docker build -t "${IMAGE_NAME}" . | |
docker push "${IMAGE_NAME}" | |
echo "Published image ${IMAGE_NAME}" |