Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update docker workflow for assume role #158

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Update docker workflow for assume role #158

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b3ef171
updated docker build for assume role
pranaydeokar Jan 6, 2025
28f0ed8
fix: updated the build path
pranaydeokar Jan 7, 2025
58e2423
Update docker.yml
pranaydeokar Jan 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 54 additions & 21 deletions .github/workflows/docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,34 +4,50 @@ name: docker-build-push
on:
workflow_call:
inputs:
registry:
required: true
provider:
required: false
type: string
images:
required: true
required: false
type: string
aws-region:
required: true
aws_region:
required: false
type: string
ECR_REPOSITORY:
required: true
required: false
type: string
IMAGE_TAG:
required: true
required: false
type: string
BUILD_PATH:
required: false
type: string
pranaydeokar marked this conversation as resolved.
Show resolved Hide resolved
default: '.'
WORKING_DIRECTORY:
required: false
type: string
assume_role_arn:
required: false
type: string
secrets:
AWS_ACCESS_KEY_ID:
description: 'aws access keys'
required: true
required: false
description: 'AWS Access Key ID to install AWS CLI.'
BUILD_ROLE:
required: false
description: 'AWS OIDC role for aws authentication.'
AWS_SECRET_ACCESS_KEY:
description: 'aws secret access keys'
required: true
required: false
description: 'AWS Secret access key to install AWS CLI'
AWS_SESSION_TOKEN:
required: false
description: 'AWS Session Token to install AWS CLI'
DOCKERHUB_USERNAME:
description: 'dockerhub username'
required: true
required: false
DOCKERHUB_PASSWORD:
description: 'dockerhub password'
required: true
required: false

jobs:
build-image:
Expand All @@ -44,54 +60,71 @@ jobs:
uses: actions/checkout@v4

- name: Login to Docker Hub
if: ${{ inputs.provider == 'DOCKERHUB' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- name: Push docker image to DOCKERHUB
if: ${{ inputs.registry == 'DOCKERHUB' }}
if: ${{ inputs.provider == 'DOCKERHUB' }}
env:
IMAGE_TAG: ${{ inputs.IMAGE_TAG }}
images: ${{ inputs.images }}
BUILD_PATH: ${{ inputs.BUILD_PATH }}
run: |
docker build -t $images:$IMAGE_TAG .
docker build -t $images:$IMAGE_TAG $BUILD_PATH
docker push $images:$IMAGE_TAG

- name: Configure AWS credentials
if: ${{ inputs.provider == 'aws' }}
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ inputs.aws-region }}
aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }}
role-to-assume: ${{ secrets.BUILD_ROLE }}
aws-region: ${{ inputs.aws_region }}
role-duration-seconds: ${{ inputs.role-duration-seconds }}
role-skip-session-tagging: true

- name: Verify awscli
if: ${{ inputs.provider == 'aws' }}
run: |
aws sts get-caller-identity


- name: Login to Amazon ECR
if: ${{ inputs.provider == 'aws' }}
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2

- name: Push docker image to Amazon ECR
if: ${{ inputs.registry == 'ECR' }}
if: ${{ inputs.provider == 'aws' }}
id: docker-build
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ inputs.ECR_REPOSITORY }}
IMAGE_TAG: ${{ inputs.IMAGE_TAG }}
BUILD_PATH: ${{ inputs.BUILD_PATH }}
working-directory: ${{ inputs.WORKING_DIRECTORY }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $BUILD_PATH
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

- name: Push docker image to Amazon ECR and DOCKERHUB
if: ${{ inputs.registry == 'DOCKERHUB,ECR' }}
if: ${{ inputs.provider == 'DOCKERHUB,aws' }}
env:
## For ECR env variable
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ inputs.ECR_REPOSITORY }}
IMAGE_TAG: ${{ inputs.IMAGE_TAG }}
BUILD_PATH: ${{ inputs.BUILD_PATH }}
## For DOCKERHUB env variable
images: ${{ inputs.images }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $BUILD_PATH
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker build -t $images:$IMAGE_TAG .
docker build -t $images:$IMAGE_TAG $BUILD_PATH
docker push $images:$IMAGE_TAG
...
Loading