Skip to content

chore(deps): update ghcr.io/cloudquery/cloudquery docker tag to v3.25 #983

chore(deps): update ghcr.io/cloudquery/cloudquery docker tag to v3.25

chore(deps): update ghcr.io/cloudquery/cloudquery docker tag to v3.25 #983

name: Build containers CI
on:
workflow_dispatch:
pull_request:
env:
AWS_REGION: ca-central-1
GITHUB_SHA: ${{ github.sha }}
REGISTRY: ${{ secrets.AWS_ACCOUNT }}.dkr.ecr.ca-central-1.amazonaws.com/security-tools
permissions:
id-token: write
contents: write
pull-requests: write
actions: write
checks: write
statuses: write
security-events: write
jobs:
changes:
runs-on: ubuntu-latest
outputs:
images: ${{ steps.filter.outputs.changes }}
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # tag=v2.11.1
id: filter
with:
filters: |
images/cloud_asset_inventory/cloudquery: 'images/cloud_asset_inventory/cloudquery/**'
images/csp_violation_report_service: 'images/csp_violation_report_service/**'
build:
if: needs.changes.outputs.images != '[]'
runs-on: ubuntu-latest
needs: changes
strategy:
fail-fast: false
matrix:
image: ${{ fromJSON(needs.changes.outputs.images) }}
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: configure aws credentials using OIDC
uses: aws-actions/configure-aws-credentials@master
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/security-tools-plan
role-session-name: ECRTestLogin
aws-region: ${{ env.AWS_REGION }}
- name: Login to ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 # v1.7.1
- name: Build container
working-directory: ./${{ matrix.image }}
run: |
docker build \
--build-arg git_sha=$GITHUB_SHA \
-t $REGISTRY/${{ matrix.image }}:latest .
- name: Logout of Amazon ECR
run: docker logout ${{ steps.login-ecr.outputs.registry }}