diff --git a/.github/workflows/merge-pr.yml b/.github/workflows/merge-pr.yml index b9250ac3..fead6290 100644 --- a/.github/workflows/merge-pr.yml +++ b/.github/workflows/merge-pr.yml @@ -10,38 +10,46 @@ on: jobs: publish-app-docker-image: name: "Publish App Docker Image" + env: - DOCKER_REGISTRY: 781755201224.dkr.ecr.us-east-2.amazonaws.com + DOCKER_REGISTRY: ghcr.io DOCKER_PLATFORM: "linux/amd64" DOCKER_IMAGE_NAME: faucet - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + steps: - name: Check Out Repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Derive Short SHA id: short-sha run: | short_sha=${GITHUB_SHA::7} echo "short_sha=$short_sha" >> $GITHUB_OUTPUT - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + + - name: Log in to the Container registry + uses: docker/login-action@3 with: - platforms: ${{matrix.arch}} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to ECR - uses: docker/login-action@v2 + registry: ${{ env.DOCKER_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@5 with: - registry: ${{env.DOCKER_REGISTRY}} - username: ${{secrets.AWS_ECR_LOGIN_USERNAME}} - password: ${{secrets.AWS_ECR_LOGIN_PASSWORD}} - - name: Build and Push App Image - uses: docker/build-push-action@v4 + images: ${{ env.REGISTRY }}/${{ env.DOCKER_IMAGE_NAME }} + tags: | + type=sha,format=short + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} + + - name: Build and push Docker image + uses: docker/build-push-action@5 with: context: . - platforms: ${{env.DOCKER_PLATFORM}} push: true - file: ./Dockerfile - tags: | - ${{env.DOCKER_REGISTRY}}/${{env.DOCKER_IMAGE_NAME}}:latest - ${{env.DOCKER_REGISTRY}}/${{env.DOCKER_IMAGE_NAME}}:${{steps.short-sha.outputs.short_sha}} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }}