wip: adds support for ECR login

blueprint.cue

@@ -1,9 +1,13 @@
 version: "1.0"
 ci: {
+	registries: [
+		ci.providers.aws.registry,
+	]
 	providers: {
 		aws: {
-			region: "eu-central-1"
-			role:   "arn:aws:iam::332405224602:role/ci"
+			region:   "eu-central-1"
+			registry: "332405224602.dkr.ecr.eu-central-1.amazonaws.com"
+			role:     "arn:aws:iam::332405224602:role/ci"
 		}
 		docker: {
 			credentials: {

blueprint/schema/_embed/schema.cue

@@ -16,9 +16,9 @@ package schema
 	// +optional
 	providers?: #Providers @go(Providers)
 
-	// Registry contains the registry to push images to.
+	// Registries contains the container registries to push images to.
 	// +optional
-	registry?: null | string @go(Registry,*string)
+	registries?: [...string] @go(Registries,[]string)
 
 	// Secrets contains the configuration for the secrets being used by the CI system.
 	// +optional
@@ -55,6 +55,10 @@ package schema
 
 	// Region contains the region to use.
 	region?: null | string @go(Region,*string)
+
+	// Registry contains the ECR registry to use.
+	// +optional
+	registry?: null | string @go(Registry,*string)
 }
 
 // ProviderDocker contains the configuration for the DockerHub provider.

blueprint/schema/schema.go

@@ -26,9 +26,9 @@ type CI struct {
 	// +optional
 	Providers Providers `json:"providers"`
 
-	// Registry contains the registry to push images to.
+	// Registries contains the container registries to push images to.
 	// +optional
-	Registry *string `json:"registry"`
+	Registries []string `json:"registries"`
 
 	// Secrets contains the configuration for the secrets being used by the CI system.
 	// +optional
@@ -61,6 +61,10 @@ type ProviderAWS struct {
 
 	// Region contains the region to use.
 	Region *string `json:"region"`
+
+	// Registry contains the ECR registry to use.
+	// +optional
+	Registry *string `json:"registry"`
 }
 
 // ProviderDocker contains the configuration for the DockerHub provider.

blueprint/schema/schema_go_gen.cue

@@ -20,9 +20,9 @@ package schema
 	// +optional
 	providers?: #Providers @go(Providers)
 
-	// Registry contains the registry to push images to.
+	// Registries contains the container registries to push images to.
 	// +optional
-	registry?: null | string @go(Registry,*string)
+	registries?: [...string] @go(Registries,[]string)
 
 	// Secrets contains the configuration for the secrets being used by the CI system.
 	// +optional
@@ -55,6 +55,10 @@ package schema
 
 	// Region contains the region to use.
 	region?: null | string @go(Region,*string)
+
+	// Registry contains the ECR registry to use.
+	// +optional
+	registry?: null | string @go(Registry,*string)
 }
 
 // ProviderDocker contains the configuration for the DockerHub provider.

forge/actions/setup/action.yml

@@ -42,17 +42,24 @@ runs:
         AWS=$(echo "$BP" | jq -r .ci.providers.aws)
         if [[ "$AWS" != "null" ]]; then
           REGION=$(echo "$BP" | jq -r .ci.providers.aws.region)
+          REGISTRY=$(echo "$BP" | jq -r .ci.providers.aws.registry)
           ROLE=$(echo "$BP" | jq -r .ci.providers.aws.role)
         fi
 
         echo "region=$REGION" >> $GITHUB_OUTPUT
+        echo "registry=$REGISTRY" >> $GITHUB_OUTPUT
         echo "role=$ROLE" >> $GITHUB_OUTPUT
-    - name: Configure AWS
+    - name: Login to AWS
       uses: aws-actions/configure-aws-credentials@v4
       if: steps.aws.outputs.region  != '' && steps.aws.outputs.role != ''
       with:
         aws-region: ${{ steps.aws.outputs.region }}
         role-to-assume: ${{ steps.aws.outputs.role }}
+    - name: Login to ECR
+      uses: docker/login-action@v3
+      if: steps.aws.outputs.registry != ''
+      with:
+        registry: ${{ steps.aws.outputs.registry }}
 
     # Docker Provider
     - name: Get Docker provider configuration