Publish image: chainlit_bot 0.03 #17
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Build and publish Docker image" | ||
| run-name: "Publish image: ${{inputs.image_name}} ${{inputs.image_tag}}" | ||
| # SecRel will not sign images outside the scope of the repository that's calling SecRel, | ||
| # so the image must exist in abd-vro-internal for SecRel to sign the images (required for sandbox and prod environments). | ||
| # Run this in action in both abd-vro and abd-vro-internal repos. | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| dockerfile_folder: | ||
| description: 'Folder containing Dockerfile to build' | ||
| required: true | ||
| type: string | ||
| default: '02-household-queries' | ||
| image_name: | ||
| description: 'Name of the image to push' | ||
| required: true | ||
| type: string | ||
| default: 'chainlit_bot' | ||
| image_tag: | ||
| description: 'Tag/Version of the image to push' | ||
| required: true | ||
| type: string | ||
| default: '0.01' | ||
| # env: | ||
| # Target path where the image will be pushed, i.e., to GHCR for the current repo | ||
| # GHCR_PATH: "ghcr.io/${{ github.repository }}/${{ inputs.image_name }}" | ||
| jobs: | ||
| publish-image: | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| ECR_PATH: ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPO }} | ||
|
Check failure on line 35 in .github/workflows/push-image.yml
|
||
| steps: | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v4 | ||
| with: | ||
| aws-region: us-east-1 | ||
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
| mask-aws-account-id: true | ||
| # TODO: secure credentials: https://github.com/aws-actions/amazon-ecr-login?tab=readme-ov-file#ecr-private | ||
| - name: Login to Amazon ECR | ||
| id: login-ecr | ||
| uses: aws-actions/amazon-ecr-login@v2 | ||
| with: | ||
| mask-password: true | ||
| - name: "Checkout source code" | ||
| uses: actions/checkout@v4 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| # with: | ||
| # version: latest | ||
| # driver-opts: image=moby/buildkit:latest | ||
| - name: Build Tag and Push Docker image | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| file: ${{ inputs.dockerfile_folder }}/Dockerfile | ||
| context: ${{ inputs.dockerfile_folder }} | ||
| tags: "${{ inputs.image_name }}:${{ inputs.image_tag }}" | ||
| push: true | ||
| pull: true | ||
| # cache-from: type=gha | ||
| # cache-to: type=gha,mode=max | ||
| cache-from: type=registry,ref=${{ env.GHCR_PATH }}:dockercache | ||
| cache-to: type=registry,ref=${{ env.GHCR_PATH }}:dockercache,mode=max,image-manifest=true | ||
| - name: "Publish image ${{ inputs.image_name }} with tag '${{ inputs.image_tag }}'" | ||
| id: docker-push | ||
| shell: bash | ||
| run: | | ||
| echo "# Publishing image ${{ inputs.image_name }}:${{ inputs.image_tag }} to $ECR_PATH" | ||
| docker tag "${{ inputs.image_name }}:${{ inputs.image_tag }}" "$ECR_PATH:${{ inputs.image_tag }}" | ||
| docker push "$ECR_PATH:${{ inputs.image_tag }}" | ||
