ecr_sync.yml

name: ECR Image Sync

on:
  push:
    paths:
      - 'conf/containers/'
    branches:
      - main
      - dev
  workflow_dispatch:

jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Extract image names and tags from quay.config
        id: extract-names-and-tags
        run: |
          # Extract image names and tags from quay.config and set as output variables
          grep -E "^[[:space:]]*\w+_container[[:space:]]*=" conf/containers/quay.config |
            grep -vE "//" |
              awk -F "'" '{print $2}' |
              tr '\n' ',' |
              sed 's/,$//'|
              awk '{print "::set-output name=container_images::" $0}'

      - name: Pull and Push Docker images
        id: push-images
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.IAC_DATASETS_ECR_DELIVERY_AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.IAC_DATASETS_ECR_DELIVERY_AWS_SECRET_ACCESS_KEY }}
          AWS_REGION: eu-west-1
        run: |
          aws ecr get-login-password \
            --region eu-west-1 | docker login --username AWS \
            --password-stdin 518054667335.dkr.ecr.eu-west-1.amazonaws.com
          IFS=',' read -ra IMAGES <<< "${{ steps.extract-names-and-tags.outputs.container_images }}"
          pushed_images=()
          for IMAGE in "${IMAGES[@]}"; do
            DEST_IMAGE="518054667335.dkr.ecr.eu-west-1.amazonaws.com/${IMAGE#quay.io/}"
            docker pull $IMAGE
            docker tag $IMAGE $DEST_IMAGE
            docker push $DEST_IMAGE
            pushed_images+=("$DEST_IMAGE")
          done
          echo "${pushed_images[@]}" > pushed_image_tags.txt

      - name: Output pushed images
        run: cat pushed_image_tags.txt