File tree Expand file tree Collapse file tree 7 files changed +67
-4
lines changed Expand file tree Collapse file tree 7 files changed +67
-4
lines changed Original file line number Diff line number Diff line change @@ -20,16 +20,29 @@ jobs:
2020 uses : aws-actions/aws-cloudformation-github-deploy@v1
2121 with :
2222 name : GoCaptureGithubRole
23- template : cloud-formation/github-role.yml
23+ template : cloud-formation/github-role.yaml
2424 parameter-overrides : " Repository=${{ github.repository }}"
2525 capabilities : CAPABILITY_NAMED_IAM
2626 no-fail-on-empty-changeset : 1
2727
28+ - name : Set ECR Stack Name
29+ id : ecr-stack-name
30+ run : echo ECR_STACK_NAME=GoCaptureECR >> $GITHUB_OUTPUT
31+
2832 - name : Deploy ECR repository
2933 uses : aws-actions/aws-cloudformation-github-deploy@v1
3034 with :
31- name : GoCaptureECR
32- template : cloud-formation/ecr.yml
35+ name : ${{ steps.ecr-stack-name.outputs.ECR_STACK_NAME }}
36+ template : cloud-formation/ecr.yaml
37+ no-fail-on-empty-changeset : 1
38+
39+ - name : Beta Deploy User
40+ uses : aws-actions/aws-cloudformation-github-deploy@v1
41+ with :
42+ name : GoCaptureBetaDeployUser
43+ template : cloud-formation/beta-deploy-user.yaml
44+ parameter-overrides : EcrStackName=${{ steps.ecr-stack-name.outputs.ECR_STACK_NAME }}
45+ capabilities : CAPABILITY_NAMED_IAM
3346 no-fail-on-empty-changeset : 1
3447
3548 - name : Login to Amazon ECR
Original file line number Diff line number Diff line change 2626 uses : aws-actions/aws-cloudformation-github-deploy@v1
2727 with :
2828 name : GoCaptureECSCluster
29- template : cloud-formation/ecs.yml
29+ template : cloud-formation/ecs.yaml
3030 no-fail-on-empty-changeset : 1
Original file line number Diff line number Diff line change 1+ AWSTemplateFormatVersion : " 2010-09-09"
2+ Parameters :
3+ EcrStackName :
4+ Type : String
5+ Resources :
6+ BetaDeployUser :
7+ Type : AWS::IAM::User
8+ Properties :
9+ Path : /go_capture/
10+ UserName : beta_deploy
11+ EcrDeployPolicy :
12+ Type : AWS::IAM::Policy
13+ Properties :
14+ PolicyName : EcrDeployPolicy
15+ PolicyDocument :
16+ Version : 2012-10-17
17+ Statement :
18+ - Effect : Allow
19+ Action :
20+ - ecr:GetAuthorizationToken
21+ Resource : " *"
22+ - Effect : Allow
23+ Action :
24+ - ecr:BatchGetImage
25+ - ecr:DescribeImages
26+ - ecr:DescribeRepositories
27+ - ecr:GetDownloadUrlForLayer
28+ - ecr:ListImages
29+ Resource :
30+ Fn::ImportValue :
31+ Fn::Sub : ${EcrStackName}-RepositoryArn
32+ Users :
33+ - !Ref BetaDeployUser
Original file line number Diff line number Diff line change @@ -7,3 +7,9 @@ Resources:
77 EncryptionType : AES256
88 ImageScanningConfiguration :
99 ScanOnPush : true
10+
11+ Outputs :
12+ GoCaptureRepository :
13+ Value : !GetAtt Repository.Arn
14+ Export :
15+ Name : !Sub '${AWS::StackName}-RepositoryArn'
File renamed without changes.
Original file line number Diff line number Diff line change @@ -43,9 +43,15 @@ Resources:
4343 {
4444 " Effect " Allow,
4545 " Action " [
46+ iam:CreateUser,
47+ iam:DeleteUser,
48+ iam:DeleteUserPolicy,
4649 iam:GetRole,
50+ iam:GetUser,
51+ iam:ListAccessKeys,
4752 iam:PutRolePolicy,
4853 iam:PutRoleRole,
54+ iam:PutUserPolicy,
4955 iam:UpdateAssumeRolePolicy,
5056 ],
5157 " Resource " " *"
@@ -63,6 +69,7 @@ Resources:
6369 ecr:BatchGetImage,
6470 ecr:CompleteLayerUpload,
6571 ecr:CreateRepository,
72+ ecr:DescribeRepositories,
6673 ecr:GetAuthorizationToken,
6774 ecr:GetDownloadUrlForLayer,
6875 ecr:InitiateLayerUpload,
Original file line number Diff line number Diff line change 66 "private" : {
77 "host" : " 192.168.1.2"
88 "port" : " 8000"
9+ },
10+ "private-server" : {
11+ "host" : " 192.168.1.9"
12+ "port" : " 8000"
913 }
1014}
You can’t perform that action at this time.
0 commit comments