Skip to content

fix(aws-lambda): Remove lambda:ListLayerVersions permission as it breaks publishing #366

fix(aws-lambda): Remove lambda:ListLayerVersions permission as it breaks publishing

fix(aws-lambda): Remove lambda:ListLayerVersions permission as it breaks publishing #366

Workflow file for this run

name: image
on:
pull_request:
push:
branches: [master, release/**, test-me-*]
jobs:
image:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: builder-image
run: |
set -euxo pipefail
img=ghcr.io/getsentry/craft-builder:latest
args=()
if docker pull -q "$img"; then
args+=(--cache-from "$img")
fi
docker buildx build \
"${args[@]}" \
--build-arg BUILDKIT_INLINE_CACHE=1 \
--target builder \
--tag "$img" \
.
- name: image
run: |
set -euxo pipefail
img=ghcr.io/getsentry/craft:latest
args=()
if docker pull -q "$img"; then
args+=(--cache-from "$img")
fi
docker buildx build \
"${args[@]}" \
--build-arg "SOURCE_COMMIT=$GITHUB_SHA" \
--build-arg BUILDKIT_INLINE_CACHE=1 \
--tag "$img" \
.
- name: docker login
run: docker login --username "$DOCKER_USER" --password-stdin ghcr.io <<< "$DOCKER_PASS"
env:
DOCKER_USER: ${{ github.actor }}
DOCKER_PASS: ${{ secrets.GITHUB_TOKEN }}
if: github.event_name != 'pull_request'
- name: docker push
run: |
set -euxo pipefail
craft_builder=ghcr.io/getsentry/craft-builder:latest
craft_latest=ghcr.io/getsentry/craft:latest
craft_versioned="ghcr.io/getsentry/craft:${GITHUB_SHA}"
docker push "$craft_builder"
docker tag "$craft_latest" "$craft_versioned"
docker push "$craft_versioned"
docker push "$craft_latest"
if: github.event_name != 'pull_request'