@@ -117,28 +117,32 @@ jobs:
117117 aws-secret-access-key : ${{ secrets.WF_AWS_SECRET_ACCESS_KEY }}
118118 aws-region : ${{ secrets.WF_AWS_REGION }}
119119 role-session-name : ${{ steps.serviceName.outputs.service_name }}_GitHubActions
120- - name : Login to Amazon ECR
121- id : login-ecr
122- uses : aws-actions/amazon-ecr-login@v2
123- - name : Retag image in ECR
120+ - name : Retag image in ECR using AWS CLI
124121 env :
125- AWS_ACCESS_KEY_ID : ${{ secrets.NEW_AWS_ACCESS_KEY_ID }}
126- AWS_SECRET_ACCESS_KEY : ${{ secrets.NEW_AWS_SECRET_ACCESS_KEY }}
127- AWS_DEFAULT_REGION : us-east-1
128122 REPO : ${{ steps.serviceName.outputs.service_name }}
129- FROM_TAG : ${{ steps.promote.outputs.image_tag }}
130- TO_TAG : ${{ inputs.TO_ENV }}
131123 DIGEST : ${{ steps.promote.outputs.digest }}
124+ TO_TAG : ${{ inputs.TO_ENV }}
132125 run : |
133- echo "🔁 Retagging image in ECR: $REPO from $FROM_TAG (digest: $DIGEST) to $TO_TAG"
126+ echo "🔁 Retagging image in ECR: $REPO from digest $DIGEST to tag $TO_TAG"
127+
128+ ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
129+ REGION=${{ env.AWS_REGION || 'us-east-1' }}
130+ MANIFEST=$(aws ecr batch-get-image \
131+ --repository-name "$REPO" \
132+ --image-ids imageDigest="$DIGEST" \
133+ --query 'images[0].imageManifest' \
134+ --output text)
134135
136+ if [[ -z "$MANIFEST" || "$MANIFEST" == "null" ]]; then
137+ echo "❌ Failed to retrieve image manifest for digest: $DIGEST"
138+ exit 1
139+ fi
140+
141+ echo "📤 Putting image with new tag: $TO_TAG"
135142 aws ecr put-image \
136143 --repository-name "$REPO" \
137144 --image-tag "$TO_TAG" \
138- --image-manifest "$(aws ecr batch-get-image \
139- --repository-name "$REPO" \
140- --image-ids imageDigest=$DIGEST \
141- --query 'images[0].imageManifest' \
142- --output text)"
145+ --image-manifest "$MANIFEST"
146+
147+ echo "✅ Retag successful: $REPO:$TO_TAG"
143148
144- echo "✅ Image retagged in ECR: $REPO:$TO_TAG"
0 commit comments