Skip to content
This repository has been archived by the owner on Nov 29, 2024. It is now read-only.

feat: enable ECR auth with role and create test #17

feat: enable ECR auth with role and create test

feat: enable ECR auth with role and create test #17

name: Test github-actions-build-push-containers on PR and schedule
on:
pull_request:
types: [opened, synchronize, reopened]
schedule:
- cron: '45 12 * * 4'
permissions:
id-token: write
jobs:
test_action:
runs-on: ubuntu-22.04
steps:
- name: set variables
run: |
echo "TEST_IMAGE_NAME=glueops/github-actions-build-push-containers/test-github-actions-build-push-containers" >> $GITHUB_ENV
echo "DOCKERHUB_TEST_IMAGE_NAME=glueopsrocksv2/github-actions-build-push-containers_test-github-actions-build-push-containers" >> $GITHUB_ENV
echo "ECR_IAM_ROLE_TEST_IMAGE_NAME=${TEST_IMAGE_NAME}-iam-role" >> $GITHUB_ENV
ECR_REGISTRY="616531474007.dkr.ecr.us-west-2.amazonaws.com"
# ECR_REGISTRY_FOR_ROLE="${ECR_REGISTRY}-iam-role"
# echo "ECR_REGISTRY=$ECR_REGISTRY" >> $GITHUB_ENV
# echo "ECR_REGISTRY_FOR_ROLE=$ECR_REGISTRY_FOR_ROLE" >> $GITHUB_ENV
echo "AWS_REGION=us-west-2" >> $GITHUB_ENV
- name: Checkout code
uses: actions/checkout@v3
# - name: run ghcr.io
# uses: ./
# with:
# image_name: ${{ env.TEST_IMAGE_NAME }}
# registry: "ghcr.io"
# context: "./test-directory/tests/"
# target_directory: test-directory
# - name: test ghcr.io
# run: |
# echo "::group::pull from ghcr.io"
# docker pull ghcr.io/$TEST_IMAGE_NAME:${{ github.sha }}
# echo "::endgroup::"
# docker run -e REGISTRY=ghcr.io ghcr.io/$TEST_IMAGE_NAME:${{ github.sha }}
# - name: run ecr with access keys
# uses: ./
# with:
# aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws_default_region: ${{ env.AWS_REGION }}
# image_name: ${{ env.TEST_IMAGE_NAME }}
# registry: ${{ env.ECR_REGISTRY }}
# context: "./test-directory/tests/"
# target_directory: test-directory
# - name: test ecr with access keys
# run: |
# echo "::group::log in to ecr and pull"
# echo $(aws ecr get-login-password --region $AWS_REGION) \
# | docker login --username AWS --password-stdin $ECR_REGISTRY
# docker pull $ECR_REGISTRY/$TEST_IMAGE_NAME:${{ github.sha }}
# echo "::endgroup::"
# docker run -e "REGISTRY=dkr.ecr with Access Keys" $ECR_REGISTRY/$TEST_IMAGE_NAME:${{ github.sha }}
- name: run ecr with iam role
uses: ./
with:
aws_role_to_assume: ${{ secrets.AWS_ROLE_ARN }}
aws_default_region: ${{ env.AWS_REGION }}
image_name: ${{ env.TEST_IMAGE_NAME }}
registry: ${{ env.ECR_REGISTRY_FOR_ROLE }}
context: "./test-directory/tests/"
target_directory: test-directory
- name: test ecr with iam role
run: |
echo "::group::log in to ecr and pull"
echo $(aws ecr get-login-password --region $AWS_REGION) \
| docker login --username AWS --password-stdin $ECR_REGISTRY_FOR_ROLE
docker pull $ECR_REGISTRY_FOR_ROLE/$TEST_IMAGE_NAME:${{ github.sha }}
echo "::endgroup::"
docker run -e "REGISTRY=dkr.ecr with IAM Role" $ECR_REGISTRY_FOR_ROLE/$TEST_IMAGE_NAME:${{ github.sha }}
- name: run docker hub
uses: ./
with:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
image_name: ${{ env.DOCKERHUB_TEST_IMAGE_NAME }}
registry: "docker.io"
context: "./test-directory/tests/"
target_directory: test-directory
- name: test docker hub
run: |
echo "::group::log in to docker.io and pull"
echo "${{ secrets.DOCKERHUB_PASSWORD }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
docker pull $DOCKERHUB_TEST_IMAGE_NAME:${{ github.sha }}
echo "::endgroup::"
docker run -e REGISTRY=docker.io $DOCKERHUB_TEST_IMAGE_NAME:${{ github.sha }}