Add support for container images stored on Amazon ECR

ref aexeagmbh/edda#230

Author: michael-k

.yamllint

@@ -0,0 +1,9 @@
+---
+extends: default
+
+rules:
+  line-length:
+    max: 100
+  indentation:
+    spaces: 2
+    indent-sequences: true

README.md

@@ -14,6 +14,24 @@ The username used for login to Docker Hub.
 The access token used for login to Docker Hub.  This is required if
 `docker-hub-username` was set.
 
+## `aws-access-key-id`
+
+The access key used for login to Amazon Elastic Container Registry (Amazon ECR).
+
+## `aws-secret-access-key`
+
+The secret access key used for login to Amazon ECR.  This is required if
+`aws-access-key-id` was set.
+
+## `aws-region`
+
+The AWS region where the Amazon ECR is located.  Uses `eu-west-1` by default.
+
+## `aws-account-id`
+
+The id of the AWS account where the Amazon ECR is located.  Usually the
+tooling account's id.  This is required if `aws-access-key-id` was set.
+
 ### `service-containers`
 
 A list of containers to start before building the primary container.
@@ -34,6 +52,8 @@ container must be named `db`.
 
 ## Example usage
 
+### With Docker Hub
+
 ```yaml
 uses: aexeagmbh/gh-actions-docker-compose-up@main
 with:
@@ -43,3 +63,15 @@ with:
   db-name: bar
   working-directory: ./baz
 ```
+
+### With Amazon ECR
+
+```yaml
+uses: aexeagmbh/gh-actions-docker-compose-up@main
+with:
+  aws-access-key-id: AKIAIOSFODNN7EXAMPLE
+  aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  service-containers: db redis
+  db-name: bar
+  working-directory: ./baz
+```

action.yml

@@ -4,6 +4,18 @@ inputs:
     description: Username for Docker Hub login
   docker-hub-access-token:
     description: Access token for Docker Hub login
+  aws-access-key-id:
+    description: Access key for AWS user with Amazon ECR access
+    default: ''
+  aws-secret-access-key:
+    description: Secret access key for AWS user with Amazon ECR access
+    default: ''
+  aws-region:
+    description: AWS region where Amazon ECR is located
+    default: eu-west-1
+  aws-account-id:
+    description: Id of AWS account where Amazon ECR is located
+    default: ''
   service-containers:
     description: Service containers to start
   db-name:
@@ -50,6 +62,25 @@ runs:
         DOCKER_HUB_ACCESS_TOKEN: ${{ inputs.docker-hub-access-token }}
       shell: bash
       working-directory: ${{ inputs.working-directory }}
+    - name: Login to Amazon ECR
+      run: |
+        echo "::group::Login to Amazon ECR"
+        if [ "${{ inputs.aws-access-key-id }}" != "" ]; then
+          echo "[default]" > .aws-credentials
+          echo "aws_access_key_id=${{ inputs.aws-access-key-id }}" >> .aws-credentials
+          echo "aws_secret_access_key=${{ inputs.aws-secret-access-key }}" >> .aws-credentials
+          docker run --rm -it \
+              -v ${PWD}/.aws-credentials:/root/.aws/credentials:ro \
+              amazon/aws-cli:latest ecr get-login-password --region "${{ inputs.aws-region }}" | \
+              docker login --username AWS --password-stdin \
+              "${{ inputs.aws-account-id }}.dkr.ecr.${{ inputs.aws-region }}.amazonaws.com"
+          rm .aws-credentials
+        else
+          echo "skipped"
+        fi
+        echo "::endgroup::"
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}
     - name: Start service containers
       run: |
         # Start the service containers before building custom container images.