From ee506ed92100ee7635583a8032ae88cc2c5a1f37 Mon Sep 17 00:00:00 2001 From: Tom Broughton Date: Wed, 25 Oct 2023 00:07:12 +0100 Subject: [PATCH] workflow to build and upload image --- .github/workflows/upload-image.yml | 34 ++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 .github/workflows/upload-image.yml diff --git a/.github/workflows/upload-image.yml b/.github/workflows/upload-image.yml new file mode 100644 index 0000000..4a2aa7c --- /dev/null +++ b/.github/workflows/upload-image.yml @@ -0,0 +1,34 @@ +# Sample workflow to access AWS resources when workflow is tied to branch +# The workflow Creates static website using aws s3 +name: RUSI Gatsby publisher image uploader +on: workflow_dispatch + +# permission can be added at job level or workflow level +permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + +jobs: + ImagePackageUpload: + runs-on: ubuntu-latest + steps: + - name: Git clone the repository + uses: actions/checkout@v4 + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v3 + with: + role-to-assume: arn:aws:iam::615693933970:role/rusi-web-github-actions-oidc-role-ops + role-session-name: rusiwebgithubactions + aws-region: "eu-west-1" + # Upload an image to ECR + - name: create ssh pub key for container + env: + KEY: ${{ secrets.SSH_KEY }} + AER_USER_PWD: ${{ secrets.AER_USER_PWD }} + run: | + mv app/config.json.sample app/config.json + jq --arg pk "$KEY" '.user.privatekey = $pk' app/config.json > app/config.json.tmp && mv app/config.json.tmp app/config.json + jq --arg pwd "$AER_USER_PWD" '.user.password = $pwd' app/config.json > app/config.json.tmp && mv app/config.json.tmp app/config.json + - name: Upload Gatsby publisher image to ECR + run: | + ./image-build-upload.sh