Created
July 31, 2022 08:56
-
-
Save eelzinaty/4606aa792ada38f73209a220d68c0769 to your computer and use it in GitHub Desktop.
Set up the GitHub Actions Workflows to Use GitHub OIDC to Build and Push Container Images to AWS ECR
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy 🚀 | |
| on: | |
| push: | |
| branches: | |
| - main # Set a branch to deploy | |
| jobs: | |
| build-push-image: | |
| runs-on: ubuntu-latest | |
| # These permissions are needed to interact with GitHub's OIDC Token endpoint. | |
| permissions: | |
| id-token: write | |
| contents: read | |
| actions: read | |
| steps: | |
| # Generate the AWS credentials | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: 'arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_TO_PUSH_IMG }}' | |
| aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
| # Log In to the ECR repo | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| # Build and Push the Container Image | |
| - name: Build, tag, and push image to Amazon ECR | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| ECR_REPOSITORY: test-service # the ECR repo name | |
| IMAGE_TAG: test # The image tag, it could be the commit SHA: ${{ github.sha }} | |
| run: | | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment