Skip to content

fix(s2n-quic-dc): derive crypto before opening TCP stream #3476

fix(s2n-quic-dc): derive crypto before opening TCP stream

fix(s2n-quic-dc): derive crypto before opening TCP stream #3476

Workflow file for this run

on:
push:
branches:
- main
tags:
- "v*.*.*"
pull_request:
branches:
- main
release:
types: [published]
name: release
permissions:
id-token: write # This is required for requesting the JWT (used for docker push to AWS ECR)
contents: read # This is required for actions/checkout
packages: write # This is required for docker push to ghcr
jobs:
qns:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up Docker Buildx
uses: docker/[email protected]
- name: Compute tags
id: tags
run: |
ECR_IMAGE=public.ecr.aws/s2n/s2n-quic-qns
GHCR_IMAGE=ghcr.io/aws/s2n-quic/s2n-quic-qns
VERSION=main
if [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION=${GITHUB_REF#refs/tags/v}
fi
TAGS="${ECR_IMAGE}:${VERSION},${GHCR_IMAGE}:${VERSION}"
# mark the latest on release
if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
TAGS="$TAGS,${ECR_IMAGE}:latest,${GHCR_IMAGE}:latest"
fi
echo "tags=${TAGS}" >> $GITHUB_OUTPUT
- uses: aws-actions/[email protected]
if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name
with:
role-to-assume: arn:aws:iam::024603541914:role/GitHubOIDCEcrRole
role-session-name: S2nQuicGHAECRSession
aws-region: us-east-1 # Required for ECR
- name: Login to Amazon ECR Public
if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name
id: login-ecr-public
uses: aws-actions/amazon-ecr-login@v2
with:
registry-type: public
- name: Login to GitHub Container Registry
uses: docker/[email protected]
if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push image
uses: docker/build-push-action@v6
with:
tags: ${{ steps.tags.outputs.tags }}
file: quic/s2n-quic-qns/etc/Dockerfile
target: default
push: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') }}