Start of the GitHub CI workflow for docker image building

This is a start of the docker image building & pushing to Amazon's ECR. I've added the tmate setup for testing
cabinetoffice · Jul 24, 2024 · a136379 · a136379
1 parent a33ff5f
commit a136379
Showing 1 changed file with 49 additions and 0 deletions.
diff --git a/.github/workflows/build_image.yaml b/.github/workflows/build_image.yaml
@@ -0,0 +1,49 @@
+name: Build and upload docker image
+
+permissions:
+  id-token: write   # for JWT request
+  contents: read    # for actions/checkout
+
+on:
+  workflow_dispatch:
+    inputs:
+      debug_enabled:
+        type: boolean
+        description: 'Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)'
+        required: false
+        default: false
+  push:
+    branches:
+      - '**'
+
+jobs:
+  docker-image-build:
+    name: deploy
+    description: Build and upload docker image to ECR
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Setup tmate session
+        uses: mxschmitt/action-tmate@v3
+        if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
+        with:
+          limit-access-to-actor: true
+      - uses: actions/[email protected]
+      - name: Configure AWS Credentials
+        uses: aws-actions/[email protected]
+        with:
+          role-to-assume: ${{ vars.AWS_ROLE_TO_ASSUME }}
+          aws-region: eu-west-2
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/[email protected]
+      - name: Build, tag, and push docker image to Amazon ECR
+        env:
+          REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          REPOSITORY: your-repo
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+          docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG .
+          docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG