Last active
January 22, 2023 15:06
-
-
Save chinchalinchin/fc2d76178c25411b26654e405904c9a1 to your computer and use it in GitHub Desktop.
ECR Build and Push Github Action Workflow
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ecr image build and push | |
| # see: https://docs.github.com/en/actions/using-workflows/reusing-workflows#overview | |
| on: | |
| workflow_call: | |
| inputs: | |
| # Non-defaultable inputs, must be passed in from the caller workflow. | |
| # see: https://docs.github.com/en/actions/using-workflows/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow | |
| IMAGE_NAME: | |
| description: Name of the image to build | |
| required: true | |
| type: string | |
| IMAGE_TAG: | |
| description: Tag of the image to build | |
| required: true | |
| type: string | |
| # Defaultable inputs | |
| DOCKERFILE_DIR: | |
| default: "." | |
| description: "Location of the Dockerfile to build, relative to the repository root directory. Do not include trailing slash." | |
| required: true | |
| type: string | |
| DOCKER_BUILD_CONTEXT: | |
| default: "." | |
| description: "Location of the Docker build context, relative to the repository root directory." | |
| required: true | |
| type: string | |
| # see: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callsecrets | |
| secrets: | |
| AWS_ACCOUNT_ID: | |
| required: true | |
| description: Account ID of the AWS service account | |
| AWS_IAM_USER: | |
| required: true | |
| description: IAM username of the AWS service account | |
| AWS_ACCESS_KEY_ID: | |
| required: true | |
| description: Access key ID of the AWS service account | |
| AWS_SECRET_ACCESS_KEY: | |
| required: true | |
| description: Secret access key of the AWS service account | |
| AWS_DEFAULT_REGION: | |
| required: true | |
| description: Default region of the AWS service account | |
| jobs: | |
| ecr_build_and_push: | |
| name: ecr image build and push | |
| runs-on: ubuntu-latest | |
| env: | |
| # see: | |
| # {{ secrets }} context: https://docs.github.com/en/actions/learn-github-actions/contexts#secrets-context | |
| # {{ github }} context: https://docs.github.com/en/actions/learn-github-actions/contexts#github-context | |
| # {{ inputs }} context: https://docs.github.com/en/actions/learn-github-actions/contexts#inputs-context | |
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | |
| AWS_IAM_USER: ${{ secrets.AWS_IAM_USER }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
| IMG_NAME: ${{ inputs.IMAGE_NAME }} | |
| IMG_TAG: ${{ inputs.IMAGE_TAG }} | |
| DOCKERFILE_DIR: ${{ inputs.DOCKERFILE_DIR }} | |
| DOCKER_BUILD_CONTEXT: ${{ inputs.DOCKER_BUILD_CONTEXT }} | |
| steps: | |
| - name: job dependencies | |
| run: | | |
| curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" | |
| unzip awscliv2.zip | |
| sudo ./aws/install | |
| - name: ecr login | |
| run: | | |
| aws ecr get-login-password \ | |
| --region $AWS_DEFAULT_REGION |\ | |
| docker login \ | |
| --username AWS \ | |
| --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com | |
| # see: https://github.com/actions/checkout | |
| - name: checkout | |
| uses: actions/checkout@v2 | |
| - name: build | |
| run: | | |
| docker build \ | |
| --file $(pwd)/$DOCKERFILE_DIR/Dockerfile \ | |
| --tag $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMG_NAME:$IMG_TAG \ | |
| $(pwd)/$DOCKER_BUILD_CONTEXT | |
| - name: push | |
| run: | | |
| docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMG_NAME:$IMG_TAG |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment