Merge pull request #38 from guardian/rp/snyk-fix #57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Upload pluto-user-beacon | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
checks: write | |
pull-requests: write | |
packages: write | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Python 3.9 | |
uses: actions/setup-python@v3 | |
with: | |
python-version: "3.9" | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install -r requirements.txt awscli | |
- name: Run Tests | |
run: | | |
python manage.py test | |
- name: Make GITHUB_RUN_NUMBER env var available outside of shells | |
working-directory: ${{env.GITHUB_WORKSPACE}} | |
shell: bash | |
run: | | |
echo GITHUB_RUN_NUMBER=$(( GITHUB_RUN_NUMBER + 85 ))>> $GITHUB_ENV | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-region: ${{ secrets.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
role-session-name: GHA-build | |
- name: ECR Login | |
run: aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- run: docker build . -t "guardianmultimedia/pluto-user-beacon:${{ env.GITHUB_RUN_NUMBER }}" | |
- name: Tag Docker image pluto-user-beacon | |
run: docker tag guardianmultimedia/pluto-user-beacon:${{ env.GITHUB_RUN_NUMBER }} ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/pluto-user-beacon:${{ env.GITHUB_RUN_NUMBER }} | |
- name: Push Docker image pluto-user-beacon | |
run: docker push ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/pluto-user-beacon:${{ env.GITHUB_RUN_NUMBER }} | |
- name: Output build-info.yaml | |
uses: fredex42/[email protected] | |
with: | |
builtimage: AWS_ACCOUNT_ID.dkr.ecr.AWS_REGION.amazonaws.com/pluto-user-beacon:${{ env.GITHUB_RUN_NUMBER }} | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Check the output | |
run: cat build-info.yaml | |
- name: Upload build info | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-info | |
path: build-info.yaml |