Update push-docker.yml

2025-06-06 18:30:57 +00:00 · 2025-02-24 13:43:19 +00:00 · 2025-02-24 13:43:19 +00:00 · 32a505609a
commit 32a505609a
parent 69da443096
1 changed files with 19 additions and 8 deletions
--- a/.github/workflows/push-docker.yml
+++ b/.github/workflows/push-docker.yml
@ -6,6 +6,7 @@ on:
    branches:
      - master
      - main
+      - aws

 permissions:
  contents: read
@ -150,24 +151,33 @@ jobs:
          provenance: true
          sbom: true

+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: us-east-1
+
+      - name: Login to AWS Public ECR
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          registry-type: public
+          
      - name: Generate tags fat
        id: meta3
        uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
-        if: github.ref != 'refs/heads/main'
+        if: github.ref != 'refs/heads/aws'
        with:
          images: |
-            ${{ secrets.DOCKER_HUB_USERNAME }}/s-pdf
-            ghcr.io/${{ steps.repoowner.outputs.lowercase }}/s-pdf
-            ghcr.io/${{ steps.repoowner.outputs.lowercase }}/stirling-pdf
-            ${{ secrets.DOCKER_HUB_ORG_USERNAME }}/stirling-pdf
+            public.ecr.aws/${{ secrets.AWS_PUBLIC_ECR_ALIAS }}/stirling-pdf
          tags: |
-            type=raw,value=${{ steps.versionNumber.outputs.versionNumber }}-fat,enable=${{ github.ref == 'refs/heads/master' }}
-            type=raw,value=latest-fat,enable=${{ github.ref == 'refs/heads/master' }}
+            type=raw,value=${{ steps.versionNumber.outputs.versionNumber }}-fat,enable=${{ github.ref == 'refs/heads/aws' }}
+            type=raw,value=latest-fat,enable=${{ github.ref == 'refs/heads/aws' }}

      - name: Build and push main Dockerfile fat
        id: build-push-fat
        uses: docker/build-push-action@0adf9959216b96bec444f325f1e493d4aa344497 # v6.14.0
-        if: github.ref != 'refs/heads/main'
+        if: github.ref != 'refs/heads/aws'
        with:
          builder: ${{ steps.buildx.outputs.name }}
          context: .
@ -193,3 +203,4 @@ jobs:
          echo "$TAGS" | tr ',' '\n' | while read -r tag; do
            cosign sign --key env://COSIGN_PRIVATE_KEY --yes "${tag}@${DIGEST}"
          done
+