Skip to content

Commit dc4ff92

Browse files
anthony-nhsanthony-nhs
committed
fix problems
1 parent ccbdfda commit dc4ff92

File tree

3 files changed

+33
-24
lines changed

3 files changed

+33
-24
lines changed

.github/workflows/pull_request.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,6 @@ jobs:
7474
asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}
7575
dev_container_ecr: dev-container-quality-checks
7676
dev_container_image_tag: PR-${{ needs.get_issue_number_and_commit_id.outputs.issue_number }}-${{ needs.get_issue_number_and_commit_id.outputs.sha_short }}
77-
tag_latest: false
7877
secrets:
7978
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
8079
PUSH_IMAGE_ROLE: ${{ secrets.PUSH_IMAGE_ROLE }}

.github/workflows/quality-checks.yml

Lines changed: 33 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -33,10 +33,6 @@ on:
3333
type: string
3434
description: "The tag to use for the dev container image."
3535
required: true
36-
tag_latest:
37-
type: boolean
38-
description: "If true, the action will also tag the dev container image as 'latest' in ECR."
39-
required: true
4036
check_ecr_image_scan_results_script_tag:
4137
type: string
4238
description: "The tag to download check_ecr_image_scan_results.sh script."
@@ -360,8 +356,10 @@ jobs:
360356
fetch-depth: 0
361357

362358
- name: Download check_ecr_image_scan_results.sh script
359+
env:
360+
SCRIPT_TAG: ${{ inputs.check_ecr_image_scan_results_script_tag }}
363361
run: |
364-
curl -L https://raw.githubusercontent.com/NHSDigital/eps-workflow-quality-checks/refs/heads/${{inputs.check_ecr_image_scan_results_script_tag}}/.github/scripts/check_ecr_image_scan_results.sh -o check_ecr_image_scan_results.sh
362+
curl -L "https://raw.githubusercontent.com/NHSDigital/eps-workflow-quality-checks/refs/heads/${SCRIPT_TAG}/.github/scripts/check_ecr_image_scan_results.sh" -o check_ecr_image_scan_results.sh
365363
chmod +x check_ecr_image_scan_results.sh
366364
- name: Build dev container
367365
run: |
@@ -387,9 +385,13 @@ jobs:
387385
aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com
388386
389387
- name: Push x64 image to Amazon ECR
388+
env:
389+
ECR_REPOSITORY: ${{ inputs.dev_container_ecr }}
390+
IMAGE_TAG: ${{ inputs.dev_container_image_tag }}
391+
ACCOUNT_ID: ${{ steps.retrieve-deploy-account-id.outputs.account_id }}
390392
run: |
391-
docker tag "dev-container-image" "${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-amd64"
392-
docker push "${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-amd64"
393+
docker tag "dev-container-image" "${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}-amd64"
394+
docker push "${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}-amd64"
393395
- name: Check dev container scan results
394396
env:
395397
REPOSITORY_NAME: ${{ inputs.dev_container_ecr }}
@@ -410,9 +412,14 @@ jobs:
410412
fetch-depth: 0
411413

412414
- name: Download check_ecr_image_scan_results.sh script
415+
env:
416+
SCRIPT_TAG: ${{ inputs.check_ecr_image_scan_results_script_tag }}
413417
run: |
414-
curl -L https://raw.githubusercontent.com/NHSDigital/eps-workflow-quality-checks/refs/heads/${{inputs.check_ecr_image_scan_results_script_tag}}/.github/scripts/check_ecr_image_scan_results.sh -o check_ecr_image_scan_results.sh
418+
curl -L "https://raw.githubusercontent.com/NHSDigital/eps-workflow-quality-checks/refs/heads/${SCRIPT_TAG}/.github/scripts/check_ecr_image_scan_results.sh" -o check_ecr_image_scan_results.sh
415419
chmod +x check_ecr_image_scan_results.sh
420+
- name: Build dev container
421+
run: |
422+
docker build -f .devcontainer/Dockerfile -t dev-container-image .
416423
417424
- name: Build dev container
418425
run: |
@@ -438,9 +445,13 @@ jobs:
438445
aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com
439446
440447
- name: Push ARM64 image to Amazon ECR
448+
env:
449+
ECR_REPOSITORY: ${{ inputs.dev_container_ecr }}
450+
IMAGE_TAG: ${{ inputs.dev_container_image_tag }}
451+
ACCOUNT_ID: ${{ steps.retrieve-deploy-account-id.outputs.account_id }}
441452
run: |
442-
docker tag "dev-container-image-arm" "${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-arm64"
443-
docker push "${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-arm64"
453+
docker tag "dev-container-image-arm" "${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}-arm64"
454+
docker push "${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}-arm64"
444455
- name: Check dev container scan results
445456
env:
446457
REPOSITORY_NAME: ${{ inputs.dev_container_ecr }}
@@ -480,21 +491,21 @@ jobs:
480491
aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com
481492
482493
- name: Create and push multi-architecture manifest for tag
494+
env:
495+
ECR_REPOSITORY: ${{ inputs.dev_container_ecr }}
496+
IMAGE_TAG: ${{ inputs.dev_container_image_tag }}
497+
ACCOUNT_ID: ${{ steps.retrieve-deploy-account-id.outputs.account_id }}
483498
run: |
484499
# Create manifest list combining both architectures
485-
docker buildx imagetools create -t ${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }} \
486-
${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-amd64 \
487-
${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-arm64
488-
489-
- name: Create and push multi-architecture manifest for latest tag
490-
if: ${{ inputs.tag_latest == true }}
491-
run: |
492-
# Also create latest tag
493-
docker buildx imagetools create -t ${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:latest \
494-
${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-amd64 \
495-
${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}-arm64
500+
docker buildx imagetools create -t "${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}" \
501+
"${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}-amd64" \
502+
"${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}-arm64"
496503
497504
- name: Verify multi-architecture manifest
505+
env:
506+
ECR_REPOSITORY: ${{ inputs.dev_container_ecr }}
507+
IMAGE_TAG: ${{ inputs.dev_container_image_tag }}
508+
ACCOUNT_ID: ${{ steps.retrieve-deploy-account-id.outputs.account_id }}
498509
run: |
499510
echo "=== Verifying multi-architecture manifest ==="
500-
docker buildx imagetools inspect ${{ steps.retrieve-deploy-account-id.outputs.account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ inputs.dev_container_ecr }}:${{ inputs.dev_container_image_tag }}
511+
docker buildx imagetools inspect "${ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/${ECR_REPOSITORY}:${IMAGE_TAG}"

.github/workflows/release.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,6 @@ jobs:
4848
uses: ./.github/workflows/quality-checks.yml
4949
with:
5050
asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}
51-
tag_latest: true
5251
dev_container_ecr: dev-container-quality-checks
5352
dev_container_image_tag: release-${{ needs.get_commit_id.outputs.sha_short }}
5453
secrets:

0 commit comments

Comments
 (0)