Skip to content

Instantly share code, notes, and snippets.

@kykyi
Last active May 23, 2023 12:24
Show Gist options
  • Save kykyi/82379922b33d97be26ef8d813d580572 to your computer and use it in GitHub Desktop.
Save kykyi/82379922b33d97be26ef8d813d580572 to your computer and use it in GitHub Desktop.
Run VSCode dev containers and GitHub actions off of the same private AWS ECR image
Run VSCode dev containers and GitHub actions off of the same private AWS ECR image
# .github/actions.yml
name: Test suite
on:
[push]
permissions:
id-token: write
contents: read
jobs:
login-to-amazon-ecr:
runs-on: ubuntu-latest
steps:
- name: Setup AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::012345678901:role/github-actions-role
aws-region: your-region
mask-aws-account-id: 'false'
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
outputs:
registry: ${{ steps.login-ecr.outputs.registry }}
docker_username: ${{ steps.login-ecr.outputs.docker_username_012345678901_dkr_ecr_your_region_amazonaws_com }}
docker_password: ${{ steps.login-ecr.outputs.docker_username_012345678901_dkr_ecr_eyour_region_amazonaws_com }}
run-with-internal-service:
name: Run tests private ECR container
needs: login-to-amazon-ecr
runs-on: ubuntu-latest
container:
image: ${{ needs.login-to-amazon-ecr.outputs.registry }}/ecr_repo:tag
credentials:
username: ${{ needs.login-to-amazon-ecr.outputs.docker_username }}
password: ${{ needs.login-to-amazon-ecr.outputs.docker_password }}
ports:
- '80:80'
steps:
- name: Checkout the branch
uses: actions/checkout@v3
- name: Setup AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::012345678901:role/github-actions-role
aws-region: your-region
- name: Run tests with pytest
run: pytest tests --disable-warnings
# .devcontainer/devcontainer.json
{
"name": "Your devcontainer name",
"image": "012345678901.dkr.ecr.your-region.amazonaws.com/ecr_repo:tag",
"mounts": ["source=${localEnv:HOME}/.aws/credentials,target=/workspaces/your-repo/.aws/credentials,type=bind,consistency=cached"]
}
# .devcontainer/Dockerfile
# Example for a python environment
FROM python:3.9.7-slim
RUN apt-get update && apt-get -y upgrade
RUN apt-get install -y build-essential cmake git wget
COPY ./.devcontainer/requirements.txt requirements.txt
RUN pip install -r requirements.txt --no-cache-dir
# .devcontainer/Makefile
# amd64 for apple silicon, arm64 for github actions CI
deploy:
docker buildx build --platform linux/amd64,linux/arm64 --push -t 012345678901.dkr.ecr.your-region.amazonaws.com/ecr_repo:tag -f ./.devcontainer/Dockerfile .
# .devcontainer/requirements.txt
# Your requirements here
pytest # for example
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment