From 4b7ace10fb378d07ad9dc4f2c4130936292bf8de Mon Sep 17 00:00:00 2001 From: Johan Gunnarsson Date: Mon, 1 Aug 2022 19:06:23 +0200 Subject: [PATCH] github: Deploy to AWS ECR Public instead of Docker Hub --- .github/workflows/ci.yml | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 84c38eb..378d5cd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,10 @@ on: schedule: - cron: "00 03 * * 0" +permissions: + id-token: write + contents: read + env: MAKEFLAGS: -j2 @@ -144,22 +148,34 @@ jobs: uses: actions/checkout@v2 - name: Set up QEMU + timeout-minutes: 1 uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx + timeout-minutes: 1 uses: docker/setup-buildx-action@v1 - - name: Login + - name: Configure AWS credentials + timeout-minutes: 5 if: github.event_name != 'pull_request' && github.ref_name == 'master' - uses: docker/login-action@v1 + uses: aws-actions/configure-aws-credentials@v1 with: - username: johang - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + role-to-assume: ${{ secrets.AWS_ROLE }} + aws-region: us-east-1 + + - name: Login to Amazon ECR Public + timeout-minutes: 5 + if: github.event_name != 'pull_request' && github.ref_name == 'master' + id: login-ecr-public + uses: aws-actions/amazon-ecr-login@v1 + with: + registry-type: public - name: Build and push + timeout-minutes: 30 uses: docker/build-push-action@v2 with: context: . platforms: linux/amd64,linux/arm64 push: ${{ github.event_name != 'pull_request' && github.ref_name == 'master' }} - tags: johang/sd-card-images:latest + tags: ${{ steps.login-ecr-public.outputs.registry }}/johang/sd-card-images:latest