-
Notifications
You must be signed in to change notification settings - Fork 18
34 lines (34 loc) · 1.15 KB
/
ecr-login.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
name: ECR Login Token Refresh
on:
workflow_dispatch:
# Every 6 hours, the password validity is 12 hours
schedule:
- cron: '0 */6 * * *'
jobs:
login:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: retrieve ecr password and store as secret
run: |
pip3 install -r .github/workflows/requirements.txt
python3 .github/workflows/ecr_password_updater.py
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-gov-west-1
GH_API_ACCESS_TOKEN: ${{ secrets.GH_API_ACCESS_TOKEN }}
# This 'test' job is usefull for fast debugging
test:
needs: login
runs-on: ubuntu-latest
timeout-minutes: 1
container:
image: 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
credentials:
username: AWS
# Here is the password retrieved as a secret that is set by the `login` job
password: ${{ secrets.ECR_PASSWORD }}
steps:
- run: echo "Inside a container pulled from ECR!!"