Skip to content
Deploy Keycloak Image to ECR with MFA

Deploy Keycloak Image to ECR with MFA #2

Sign in to view logs

Deploy Keycloak Image to ECR with MFA

Deploy Keycloak Image to ECR with MFA #2

Workflow file for this run

.github/workflows/keycloak-deploy.yml at 409be78
name: Deploy Keycloak Image to ECR with MFA
on:
workflow_dispatch:
inputs:
mfaSerial:
description: 'ARN of the MFA device'
required: true
mfaToken:
description: 'MFA token code'
required: true
jobs:
build-and-push:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Retrieve AWS Temporary Credentials with MFA
id: get-creds
run: |
CREDS=$(aws sts get-session-token --serial-number ${{ github.event.inputs.mfaSerial }} --token-code ${{ github.event.inputs.mfaToken }})
echo "::set-output name=AWS_ACCESS_KEY_ID::$(echo $CREDS | jq -r '.Credentials.AccessKeyId')"
echo "::set-output name=AWS_SECRET_ACCESS_KEY::$(echo $CREDS | jq -r '.Credentials.SecretAccessKey')"
echo "::set-output name=AWS_SESSION_TOKEN::$(echo $CREDS | jq -r '.Credentials.SessionToken')"
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ steps.get-creds.outputs.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ steps.get-creds.outputs.AWS_SECRET_ACCESS_KEY }}
aws-session-token: ${{ steps.get-creds.outputs.AWS_SESSION_TOKEN }}
aws-region: us-east-2
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build, tag, and push Docker image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: keycloak-dev
IMAGE_TAG: latest
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG ./terraform/aws/modules/keycloak/resources
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Cleanup Docker images
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: keycloak-dev
IMAGE_TAG: latest
run: docker rmi $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG