Last active
December 24, 2024 07:46
-
-
Save michmzr/da298ab933908a3d0610e75b18a513d9 to your computer and use it in GitHub Desktop.
new-tag-without-push-jfrog-aws-ecr
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
| with: | |
| role-to-assume: ${{ env.AWS_WORKFLOW_ROLE }} | |
| role-session-name: ${{env.AWS_ROLE_SESSION_NAME}} | |
| aws-region: ${{env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 #v2.01 | |
| - name: get ECR registry name | |
| run: | | |
| echo "ECR_REPO_URL=${{ steps.login-ecr.outputs.registry }}" >> $GITHUB_ENV | |
| - run: | | |
| # Step 1: Get the image manifest for the existing tag | |
| echo "Fetching the image manifest for $IMAGE_NAME:${SEMVER} from AWS ECR..." | |
| IMAGE_MANIFEST=$(aws ecr batch-get-image --repository-name "$IMAGE_NAME" --image-ids imageTag=${SEMVER} --query 'images[].imageManifest' --output text) | |
| if [ -z "$IMAGE_MANIFEST" ]; then | |
| echo "Failed to fetch the image manifest. Exiting." | |
| exit 1 | |
| fi | |
| echo "Successfully fetched the image manifest." | |
| # Step 2: Create the new tag using the fetched manifest | |
| echo "Creating a new tag ${TARGET_SEMVER} for $IMAGE_NAME ..." | |
| aws ecr put-image \ | |
| --repository-name $IMAGE_NAME \ | |
| --image-tag ${TARGET_SEMVER} \ | |
| --image-manifest "$IMAGE_MANIFEST" | |
| if [ $? -ne 0 ]; then | |
| echo "Failed to create the new tag. Exiting." | |
| exit 1 | |
| fi | |
| echo "Successfully added the new tag ${TARGET_SEMVER} to the image $IMAGE_NAME ." |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: Login to JFrog Docker Hub | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 #v3.3.0 | |
| with: | |
| registry: artifactory.example.com | |
| username: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| password: ${{ secrets.ARTIFACTORY_TOKEN }} | |
| - run: | | |
| JFROG_URL="https://${{ env.DEVHUB_REGISTRY_URL }}/" | |
| REPO_NAME="${{env.DEVHUB_REPO_NAME}}" | |
| JFROG_CREDS="${{ secrets.ARTIFACTORY_USERNAME }}:${{ secrets.ARTIFACTORY_TOKEN }}" | |
| echo "Fetching the image manifest for $IMAGE_NAME:${SEMVER}..." | |
| curl -sS -u $JFROG_CREDS \ | |
| "${JFROG_URL}artifactory/api/docker/$REPO_NAME/v2/$IMAGE_NAME/manifests/${SEMVER}" \ | |
| -H "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
| -o manifest.json | |
| if [ $? -ne 0 ]; then | |
| echo "Failed to fetch the manifest. Exiting." | |
| exit 1 | |
| fi | |
| # Validate manifest.json content | |
| if ! jq . manifest.json > /dev/null 2>&1; then | |
| echo "Invalid JSON in manifest.json. Exiting." | |
| exit 1 | |
| fi | |
| echo "Successfully fetched the manifest." | |
| # Step 2: Add the New Tag | |
| echo "Adding the new tag ${TARGET_SEMVER} to the image..." | |
| curl -sS -u $JFROG_CREDS -X PUT \ | |
| "${JFROG_URL}artifactory/api/docker/$REPO_NAME/v2/$IMAGE_NAME/manifests/${TARGET_SEMVER}" \ | |
| -H "Content-Type: application/vnd.docker.distribution.manifest.v2+json" \ | |
| -d @manifest.json | |
| if [ $? -ne 0 ]; then | |
| echo "Failed to add the new tag. Exiting." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment