- AWS account with OIDC connect for Github
- IAM permission to perform actions
- Created a Repo - DevOps Assessment
- Including Python app with Docker file
- Docker file is successfully build Image
- Created a ECR repository - devops-assessment
- Setup the OIDC Connection for connecting AWS to Github
- Configured necessary IAM roles and policies for access management.
- Created workflow file - pipeline.yaml which will trigger on push or pull request event with appropiate caching to optimize workflow runs.
- When someone make any change to code and push code to GitHub repo the workflow file automatically triggered.
- It start with checking all dependencies install all packages, then enters in Build stage do AWS login, Docker login
- After that it build docker image and push it to AWS ECR.
- Use Github secret for storing AWS creadentials.
- Used Achore-Engine for scanning for vulnerabilities in docker file.
- After sscanning image pushed to ECR.
- I provided the permission with required ecr policy to view the AWS ECR image.
- Follow the AWS official support link AWS DOCS LINKS for the diffrent account permission to ECR.