1- name : Pre-Build
1+ name : Pre-Build Components
22
33on :
44 push :
55
66env :
7- REGISTRY : ghcr.io
7+ REGISTRY : public.ecr.aws
8+ PROJECT : p8t2q7f4/${{ github.repository }}
9+
10+ permissions :
11+ id-token : write
12+ contents : read
813
914jobs :
1015 production :
1116 name : ' Production'
1217 runs-on : ubuntu-24.04-arm
13- permissions :
14- packages : write
18+
1519 steps :
16- - name : Set up QEMU
17- uses : docker/setup-qemu-action@v3
20+ - name : Checkout code
21+ uses : actions/checkout@v3
22+
23+ - name : Configure AWS credentials (OIDC)
24+ uses : aws-actions/configure-aws-credentials@v4
25+ with :
26+ role-to-assume : arn:aws:iam::300197899440:role/ECRPrebuildPushRightsForGithubActionsRole
27+ aws-region : us-east-1
1828
19- - name : Set up Docker Buildx
20- uses : docker/setup-buildx-action@v3
29+ - name : Login to Amazon ECR Public
30+ id : login-ecr-public
31+ uses : aws-actions/amazon-ecr-login@v2
32+ with :
33+ registry-type : public
2134
2235 - name : Docker meta
2336 id : meta
2437 uses : docker/metadata-action@v4
2538 with :
26- images : ${{ env.REGISTRY }}/${{ github.repository }}
39+ images : ${{ env.REGISTRY }}/${{ env.PROJECT }}
2740 tags : |
2841 type=ref,event=branch
2942 type=ref,event=tag
3043 # Set latest tag for default branch
3144 type=raw,value=latest,enable={{is_default_branch}}
3245
33- name : ' Login to GitHub Container Registry'
34- uses : docker/login-action@v3
35- with :
36- registry : ${{ env.REGISTRY }}
37- username : ${{ github.actor }}
38- password : ${{ secrets.GITHUB_TOKEN }}
39-
4046name : Build and push
4147 uses : docker/build-push-action@v6
4248 with :
@@ -47,41 +53,41 @@ jobs:
4753
4854 development :
4955 name : ' Development'
50- runs-on : ubuntu-latest
51- permissions :
52- packages : write
53- steps :
54- - name : Set up QEMU
55- uses : docker/setup-qemu-action@v3
56+ runs-on : ubuntu-24.04-arm
57+ steps :
58+ - name : Checkout code
59+ uses : actions/checkout@v3
60+
61+ - name : Configure AWS credentials (OIDC)
62+ uses : aws-actions/configure-aws-credentials@v4
63+ with :
64+ role-to-assume : arn:aws:iam::300197899440:role/ECRPrebuildPushRightsForGithubActionsRole
65+ aws-region : us-east-1
5666
57- - name : Set up Docker Buildx
58- uses : docker/setup-buildx-action@v3
67+ - name : Login to Amazon ECR Public
68+ id : login-ecr-public
69+ uses : aws-actions/amazon-ecr-login@v2
70+ with :
71+ registry-type : public
5972
6073 - name : Docker meta
6174 id : meta
6275 uses : docker/metadata-action@v4
6376 with :
64- images : ${{ env.REGISTRY }}/${{ github.repository }}
77+ images : ${{ env.REGISTRY }}/${{ env.PROJECT }}
6578 tags : |
6679 type=ref,event=branch
6780 type=ref,event=tag
6881 # Set latest tag for default branch
6982 type=raw,value=latest,enable={{is_default_branch}}
7083flavor : |
7184 suffix=-dev.,onlatest=true
72-
73- name : ' Login to GitHub Container Registry'
74- uses : docker/login-action@v3
75- with :
76- registry : ${{ env.REGISTRY }}
77- username : ${{ github.actor }}
78- password : ${{ secrets.GITHUB_TOKEN }}
79-
85+
8086name : Build and push
8187 uses : docker/build-push-action@v6
8288 with :
8389 file : Dockerfile.dev
8490 push : ${{ github.event_name != 'pull_request' }}
8591 platforms : linux/arm64
8692 tags : ${{ steps.meta.outputs.tags }}
87- labels : ${{ steps.meta.outputs.labels }}
93+ labels : ${{ steps.meta.outputs.labels }}
0 commit comments