Skip to content
AWS Images

AWS Images #457

Sign in to view logs

AWS Images

AWS Images #457

Workflow file for this run

.github/workflows/get_aws_images.yml at 347b446
name: AWS Images
on:
schedule:
- cron: "45 3 * * *"
# push:
# branches:
# - main
workflow_dispatch:
inputs:
environment:
description: 'Choose your deployment target environment'
required: true
default: 'staging'
type: choice
options:
- 'production'
- 'staging'
permissions:
actions: write
contents: write
id-token: write
env:
AWS_DEFAULT_OUTPUT: json
AWS_PAGER: ""
jobs:
setup:
name: Setup workflow envs
runs-on: ubuntu-latest
outputs:
environment: ${{ steps.set-environment.outputs.environment }}
bucket: ${{ steps.set-bucket.outputs.bucket }}
steps:
# Only set target environment to production if the workflow is triggered by
# a scheduled execution or workflow_dispatch with production input selected
- name: Setup target environment
id: set-environment
run: |
if [ "${{ github.event_name }}" = "schedule" ] || [ "${{ inputs.environment }}" = "production" ]; then
echo "environment=production" >> $GITHUB_OUTPUT
else
echo "environment=staging" >> $GITHUB_OUTPUT
fi
- name: Setup target bucket
# Set target bucket according to target environment
id: set-bucket
run: |
if [ "${{ github.event_name }}" = "schedule" ] || [ "${{ inputs.environment }}" = "production" ]; then
echo "bucket=cloudx-json-bucket" >> $GITHUB_OUTPUT
else
echo "bucket=cid-bucket-staging" >> $GITHUB_OUTPUT
fi
get_images:
name: "Get Images"
runs-on: ubuntu-latest
needs: setup
env:
ENVIRONMENT: ${{ needs.setup.outputs.environment }}
BUCKET: ${{ needs.setup.outputs.bucket }}
steps:
- name: Clone repo
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Checkout latest tagged release
if: env.ENVIRONMENT == 'production'
run: |
LATEST_RELEASE=$(git describe --tags `git rev-list --tags --max-count=1`)
git checkout $LATEST_RELEASE
- name: Install awscli v2
uses: unfor19/install-aws-cli-action@v1
- name: Configure AWS credentials for retrieving regions.
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::426579533370:role/github_actions_image_retriever
role-duration-seconds: 1800
aws-region: us-east-1
- name: Get current list of AWS regions
run: |
aws ec2 describe-regions \
--filters Name=opt-in-status,Values=opted-in,opt-in-not-required |
jq -r '.Regions[].RegionName' | sort > regions.txt
- name: Get images from each region
run: |
mkdir -vp output
for REGION in $(cat regions.txt); do
echo "Getting images for ${REGION}..."
aws --region=${REGION} ec2 describe-images \
--filters "Name=owner-id,Values=309956199498" "Name=is-public,Values=true" | \
jq -c '.Images | sort_by(.ImageId)' |
jq ".[] + {\"Region\": \"${REGION}\"}" \
> output/${REGION}.json
done
- name: Create a single AWS JSON file
run: |
mkdir -p raw/aws
jq -c -s '.' output/*.json > raw/aws/aws.json
- name: Configure AWS credentials for production
uses: aws-actions/configure-aws-credentials@v4
if: env.ENVIRONMENT == 'production'
with:
role-to-assume: arn:aws:iam::426579533370:role/github_actions_image_retriever
role-duration-seconds: 1800
aws-region: us-east-1
- name: Configure AWS credentials for staging
uses: aws-actions/configure-aws-credentials@v4
if: env.ENVIRONMENT == 'staging'
with:
role-to-assume: arn:aws:iam::426579533370:role/github_actions_cloud_image_directory_staging
role-duration-seconds: 1800
aws-region: us-east-1
- name: Upload raw data to S3
run: |
aws s3 sync \
--acl public-read \
--delete \
--no-progress \
--content-type application/json \
$(pwd)/raw/aws/ s3://${BUCKET}/raw/aws/