Refactor CI workflow for Amazon ECR release and update checkout action#6
Merged
openminddev merged 4 commits intomainfrom Apr 20, 2026
Merged
Refactor CI workflow for Amazon ECR release and update checkout action#6openminddev merged 4 commits intomainfrom
openminddev merged 4 commits intomainfrom
Conversation
Refactor release workflow to push images to Amazon ECR and add deploy metadata. Changes include renaming the workflow, enabling manual dispatch, adding permissions and environment (production/staging) details, and configuring AWS credentials. Switched checkout action to v4, replaced Docker Hub login with AWS ECR login, updated image name to public.ecr.aws/... and adjusted Dockerfile path and build step (added id and clarified title). These updates prepare the pipeline for ECR-based releases and proper environment tagging.
Update .github/workflows/release.yml to use actions/checkout@v5 (previously v4). This upgrades the checkout action in the release workflow to the latest major version to pick up fixes and improvements.
Update the GitHub Actions release workflow to authenticate against Amazon ECR Public. The step label was changed to "Login to Amazon ECR Public" and the aws-actions/amazon-ecr-login@v2 action now receives `registry-type: public` so subsequent Docker operations target the public ECR registry.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request updates the release workflow to publish Docker images to Amazon ECR Public instead of Docker Hub, and introduces several improvements to permissions, environment handling, and AWS integration. The changes enhance security and align the deployment process with AWS best practices.
Migration to Amazon ECR Public & AWS Integration:
public.ecr.aws/b8k9c8n5/openmind/functiongemma_service).aws-actions/configure-aws-credentials, leveraging GitHub secrets for secure authentication.aws-actions/amazon-ecr-login@v2.Workflow and Permissions Enhancements:
id-token,contents, anddeployments, and dynamically assigned the environment (productionorstaging) based on the reference type.Other Improvements: