ci: GitHub Actions → ECR → ECS deploy pipeline (replaces failing upstream publish)#5
Merged
Merged
Conversation
The inherited ci.yaml published to upstream's registries (ghcr.io/x402-rs, docker.io/ukstv) which this fork can't write to, so it failed on every main commit. Replace it with a pipeline targeting our own AWS infrastructure: - test job: build + full test suite on every PR and push to main (the green gate; also adds PR gating, which the repo lacked). - deploy job (push to main, gated on AWS secrets being present): build the image, push to AWS ECR, targeted `terraform apply` to roll ECS production to the new image, wait for stable, verify /health. Auth via IAM access-key secrets (AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY). Until those secrets are set the deploy job is skipped, so the run goes green on the test job alone. Setup + IAM policy documented in docs/CICD_SETUP.md. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replaces the inherited upstream publish workflow (which pushed to ghcr.io/x402-rs + docker.io/ukstv — namespaces this fork can't write to, so it failed on every main commit) with a pipeline targeting our own AWS infra.
test (PRs + push to main): build + full test suite — the green gate, and adds PR gating the repo lacked.
deploy (push to main, gated on AWS secrets present): build → push to AWS ECR → targeted
terraform applyto roll ECS prod → wait stable → verify /health.Auth: IAM access-key secrets (AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY). Until set, the deploy job is skipped (run stays green on test). Setup + IAM policy in
docs/CICD_SETUP.md.Per your choices: access-key auth + auto-deploy on merge to main.
🤖 Generated with Claude Code