Fix AWS OIDC Authentication from Github #29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| name: Build & publish TM backend container image | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| - deployment/hot-tasking-manager | |
| - deployment/demo-tasking-manager | |
| - deployment/container-tasking-manager | |
| pull_request: | |
| branches: | |
| - main | |
| - deployment/hot-tasking-manager | |
| - deployment/demo-tasking-manager | |
| - deployment/container-tasking-manager | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: hotosm/tasking-manager-backend # was ${{ github.repository }} | |
| jobs: | |
| build-and-push-image: | |
| runs-on: ubuntu-latest | |
| # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Setup QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Setup Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. | |
| - name: Set container image metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=tag | |
| type=ref,event=branch | |
| type=semver,pattern=raw | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}} | |
| - name: Build and push container image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: "{{defaultContext}}" | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |