.github/workflows/publish-ecr.yml
name: publish-ecr
on:
release:
types:
- published
jobs:
publish:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
- name: Get tags
id: get-tags
run: |
IMAGE_NAME=${AWS_ECR_REGISTRY}/${AWS_ECR_REPO_NAME}
VERSION=${GITHUB_REF/refs\/tags\//}
TAGS=${IMAGE_NAME}:latest
TAGS=${TAGS},${IMAGE_NAME}:$(echo "$VERSION" | sed -E 's/^v([0-9]+)\.([0-9]+)\.([0-9]+)$/\1/')
TAGS=${TAGS},${IMAGE_NAME}:$(echo "$VERSION" | sed -E 's/^v([0-9]+)\.([0-9]+)\.([0-9]+)$/\1.\2/')
TAGS=${TAGS},${IMAGE_NAME}:$(echo "$VERSION" | sed -E 's/^v([0-9]+)\.([0-9]+)\.([0-9]+)$/\1.\2.\3/')
echo ::set-output name=tags::${TAGS}
env:
AWS_ECR_REGISTRY: ${{ secrets.AWS_ECR_REGISTRY }}
AWS_ECR_REPO_NAME: ${{ secrets.AWS_ECR_REPO_NAME }}
- name: Set up QEMU
uses: docker/setup-qemu-action@c308fdd69d26ed66f4506ebd74b180abe5362145
- name: Set up Docker buildx
uses: docker/setup-buildx-action@0d135e0c2fc0dba0729c1a47ecfcf5a3c7f8579e
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@05b148adc31e091bafbaf404f745055d4d3bc9d2
with:
role-to-assume: ${{ secrets.AWS_ECR_ROLE_ARN }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to ECR
uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
with:
registry: ${{ secrets.AWS_ECR_REGISTRY }}
- name: Build and push
uses: docker/build-push-action@e1b7f96249f2e4c8e4ac1519b9608c0d48944a1f
with:
push: true
tags: ${{ steps.get-tags.outputs.tags }}