From f85619d63169517686c7a58385fa3a160518a32d Mon Sep 17 00:00:00 2001 From: Ujjwal Date: Fri, 24 May 2024 15:41:25 +0530 Subject: [PATCH 1/5] fix: ci file for pushing image to public ecr --- .github/workflows/ci-server-.yaml | 38 +++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/.github/workflows/ci-server-.yaml b/.github/workflows/ci-server-.yaml index 0fcb60076..95f9f35be 100644 --- a/.github/workflows/ci-server-.yaml +++ b/.github/workflows/ci-server-.yaml @@ -33,6 +33,7 @@ jobs: ECR_REPOSITORY: ${{ steps.set_env.outputs.ECR_REPOSITORY }} ENVIRONMENT_BUCKET: ${{ steps.set_env.outputs.ENVIRONMENT_BUCKET }} SLACK_WEBHOOK_URL: ${{ steps.vars.outputs.SLACK_WEBHOOK_URL }} + PUBLIC_CONDUCTOR_ECR: ${{ steps.vars.outputs.PUBLIC_CONDUCTOR_ECR}} steps: - id: vars @@ -49,6 +50,9 @@ jobs: "dev") ENV="dev" ;; + "add/ci-public-ecr-push") + ENV="dev" + ;; "stg") ENV="stg" ;; @@ -75,6 +79,7 @@ jobs: echo "AWS_ROLE=DEV_AWS_ROLE" >> $GITHUB_OUTPUT echo "PROJECT_PREFIX=sirn-dev-mb" >> $GITHUB_OUTPUT echo "SLACK_WEBHOOK_URL=DEV_SLACK_WEBHOOK_URL" >> $GITHUB_OUTPUT + echo "PUBLIC_CONDUCTOR_ECR=sandbox-conductor-server" >> $GITHUB_OUTPUT else echo "Branch not configured!" exit 1 @@ -108,6 +113,7 @@ jobs: ECR_REPOSITORY: ${{needs.prepare-env.outputs.ECR_REPOSITORY}} ENVIRONMENT_BUCKET: ${{needs.prepare-env.outputs.ENVIRONMENT_BUCKET}} IMAGE_TAG: ${{ github.event.inputs.tag }} + PUBLIC_CONDUCTOR_ECR: ${{needs.prepare-env.outputs.PUBLIC_CONDUCTOR_ECR}} outputs: ECR_REPO: ${{ steps.build.outputs.ECR_REPO }} APP_IMAGE: ${{ steps.image.outputs.APP_IMAGE }} @@ -150,6 +156,38 @@ jobs: provenance: false platforms: linux/amd64 tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} + - name: Login to Amazon ECR Public + if: ${{ env.ENV == 'dev'}} + id: login-ecr-public + uses: aws-actions/amazon-ecr-login@v2 + with: + registry-type: public + - name: Push image to Public ECR + if: ${{ env.ENV == 'dev'}} + id: push-to-public-ecr + env: + PVT_ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + PUBLIC_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} + PUBLIC_REGISTRY_ALIAS: kvsiren-${{ env.ENV }} + IMAGE_TAG: ${{ github.sha }} + run: | + docker images + docker tag ${{ env.PVT_ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} + docker push ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} + + # - name: Build and push to Public ECR + # if: ${{ env.ENV == 'dev'}} + # id: build + # uses: docker/build-push-action@v5.1.0 + # env: + # ECR_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} + # with: + # context: . + # file: ./Dockerfile + # push: true + # provenance: false + # platforms: linux/amd64 + # tags: ${{ env.ECR_REGISTRY }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} - name: Image name id: image From c25072de2f9d1f4adc031d543ecfb461b8f2a924 Mon Sep 17 00:00:00 2001 From: Ujjwal Date: Fri, 24 May 2024 16:07:21 +0530 Subject: [PATCH 2/5] fix: ci with region change for public ecr login --- .github/workflows/ci-server-.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/ci-server-.yaml b/.github/workflows/ci-server-.yaml index 95f9f35be..50ec16313 100644 --- a/.github/workflows/ci-server-.yaml +++ b/.github/workflows/ci-server-.yaml @@ -156,12 +156,20 @@ jobs: provenance: false platforms: linux/amd64 tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets[env.AWS_ROLE] }} + aws-region: us-east-1 + - name: Login to Amazon ECR Public if: ${{ env.ENV == 'dev'}} id: login-ecr-public uses: aws-actions/amazon-ecr-login@v2 with: registry-type: public + - name: Push image to Public ECR if: ${{ env.ENV == 'dev'}} id: push-to-public-ecr From 123f3ecaf619147a2346783f825da59f9e8e03f0 Mon Sep 17 00:00:00 2001 From: Ujjwal Date: Fri, 24 May 2024 16:39:26 +0530 Subject: [PATCH 3/5] add: docker build action for public ecr --- .github/workflows/ci-server-.yaml | 49 ++++++++++++++++--------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/.github/workflows/ci-server-.yaml b/.github/workflows/ci-server-.yaml index 50ec16313..3c1d7727e 100644 --- a/.github/workflows/ci-server-.yaml +++ b/.github/workflows/ci-server-.yaml @@ -157,7 +157,8 @@ jobs: platforms: linux/amd64 tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} - - name: Configure AWS credentials + - name: Configure AWS credentials for Public ECR + if: ${{ env.ENV == 'dev'}} uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ secrets[env.AWS_ROLE] }} @@ -169,33 +170,33 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 with: registry-type: public + + # - name: Push image to Public ECR + # if: ${{ env.ENV == 'dev'}} + # id: push-to-public-ecr + # env: + # PVT_ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + # PUBLIC_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} + # PUBLIC_REGISTRY_ALIAS: kvsiren-${{ env.ENV }} + # run: | + # docker images + # docker tag ${{ env.PVT_ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} + # docker push ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} - - name: Push image to Public ECR + - name: Build and push to Public ECR if: ${{ env.ENV == 'dev'}} - id: push-to-public-ecr + id: build + uses: docker/build-push-action@v5.1.0 env: - PVT_ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} PUBLIC_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} - PUBLIC_REGISTRY_ALIAS: kvsiren-${{ env.ENV }} - IMAGE_TAG: ${{ github.sha }} - run: | - docker images - docker tag ${{ env.PVT_ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} - docker push ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} - - # - name: Build and push to Public ECR - # if: ${{ env.ENV == 'dev'}} - # id: build - # uses: docker/build-push-action@v5.1.0 - # env: - # ECR_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} - # with: - # context: . - # file: ./Dockerfile - # push: true - # provenance: false - # platforms: linux/amd64 - # tags: ${{ env.ECR_REGISTRY }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} + PUBLIC_REGISTRY_ALIAS: kvsiren-${{ env.ENV }} + with: + context: . + file: ./Dockerfile + push: true + provenance: false + platforms: linux/amd64 + tags: ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} - name: Image name id: image From 541325059d17110706cc5f41036ac56e31c9d70d Mon Sep 17 00:00:00 2001 From: Ujjwal Date: Fri, 24 May 2024 16:41:32 +0530 Subject: [PATCH 4/5] fix: build step name for public ecr --- .github/workflows/ci-server-.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-server-.yaml b/.github/workflows/ci-server-.yaml index 3c1d7727e..a93044c85 100644 --- a/.github/workflows/ci-server-.yaml +++ b/.github/workflows/ci-server-.yaml @@ -185,7 +185,7 @@ jobs: - name: Build and push to Public ECR if: ${{ env.ENV == 'dev'}} - id: build + id: build-public uses: docker/build-push-action@v5.1.0 env: PUBLIC_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} From 6dc13a4a9d1bf38e7efa4770c6934f675b3f7761 Mon Sep 17 00:00:00 2001 From: Ujjwal Date: Fri, 24 May 2024 16:55:23 +0530 Subject: [PATCH 5/5] fox: ci trigger for conductor server --- .github/workflows/ci-server-.yaml | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/.github/workflows/ci-server-.yaml b/.github/workflows/ci-server-.yaml index a93044c85..52d570d7e 100644 --- a/.github/workflows/ci-server-.yaml +++ b/.github/workflows/ci-server-.yaml @@ -49,10 +49,7 @@ jobs: case $BRANCH in "dev") ENV="dev" - ;; - "add/ci-public-ecr-push") - ENV="dev" - ;; + ;; "stg") ENV="stg" ;; @@ -169,19 +166,7 @@ jobs: id: login-ecr-public uses: aws-actions/amazon-ecr-login@v2 with: - registry-type: public - - # - name: Push image to Public ECR - # if: ${{ env.ENV == 'dev'}} - # id: push-to-public-ecr - # env: - # PVT_ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - # PUBLIC_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} - # PUBLIC_REGISTRY_ALIAS: kvsiren-${{ env.ENV }} - # run: | - # docker images - # docker tag ${{ env.PVT_ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} - # docker push ${{ env.PUBLIC_REGISTRY }}/${{ env.PUBLIC_REGISTRY_ALIAS }}/${{ env.PUBLIC_CONDUCTOR_ECR }}:${{ env.IMAGE_TAG }} + registry-type: public - name: Build and push to Public ECR if: ${{ env.ENV == 'dev'}}