How to setup a github action to run a ecs container from a public ecr image

Hi @sombriks, can you please check this https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service. I believe this will help you to accomplish your requirement.

Hi, This page should be what you need: https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service

Or this one: https://dev.to/aws-builders/deploying-a-container-image-to-aws-ecr-using-a-github-action-k33

The only point to take care of is to replace the account ECR with public Gallery.

Hoe it helps!

Didier

Thanks for your answers guys, i managed to publish but it's not working yet.

Some important notes:

• I had to manually complete some iam policies for the task execution role. looks like it you perform everything using aws web console it solves that part for us but not when uisng aws cli.
• My task definition has two containers inside and unlike docker compose the internal name isn't being resolved automatically
• The github action hangs if container publishing fails, consuming your runner hours doing nothing. wait-for-service-stability: false avoids that but then it's up to you to go into ecs web console to see if publication went well This is the current version of my action:

# https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service#creating-the-workflow  
name: Deploy to Amazon ECS
on:
  push: 
    tags:
      - '*'
env:
  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
  AWS_REGION: ${{ secrets.AWS_REGION }}
  ECS_SERVICE: ${{ secrets.ECS_SERVICE }}
  ECS_CLUSTER: ${{ secrets.ECS_CLUSTER }}
  ECS_TASK_DEFINITION: aws/log-broker-ecs-task-definition.json

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@0e613a0980cbf65ed5b322eb7a1e075d28913a83
        with:
          aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ env.AWS_REGION }}

      - name: Render Amazon ECS task definition for first container
        id: render-zookeeper
        uses: aws-actions/amazon-ecs-render-task-definition@v1
        with:
          task-definition: ${{ env.ECS_TASK_DEFINITION }}
          container-name: zookeeper
          image: public.ecr.aws/bitnami/zookeeper:3.8
  
      - name: Modify Amazon ECS task definition with second container
        id: render-kafka
        uses: aws-actions/amazon-ecs-render-task-definition@v1
        with:
          task-definition: ${{ steps.render-zookeeper.outputs.task-definition }}
          container-name: kafka
          image: public.ecr.aws/bitnami/kafka:3.5

      - name: Deploy Amazon ECS task definition
        uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a
        with:
          task-definition: ${{ steps.render-kafka.outputs.task-definition }}
          service: ${{ env.ECS_SERVICE }}
          cluster: ${{ env.ECS_CLUSTER }}
          wait-for-service-stability: false
          # wait-for-service-stability: true # commenting for now, due to https://github.com/aws-actions/amazon-ecs-deploy-task-definition/issues/102

If anyone has a clue on why the two containers does not communicate each other i appreciate.