ecr-login with fips enabled

[srijitncoupa]

Problem:

Currently, ecr-login utilizes the registries listed at .dkr.ecr..amazonaws.com to log in. I'm curious as to whether the current release of the git hub action supports login to the fips-based ecr .dkr.ecr-fips..amazonaws.

[devon-manifest]

@srijitncoupa FYI, I also needed this capability, so I added the option in a fork and tossed up a PR. Here's hoping 🤞

[dotCipher]

Would love to see this 👍🏻

[tom-engineering]

You can utilise the AWS_USE_FIPS_ENDPOINT environment variable to use FIPS endpoints:

jobs:
  my-job:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-region: {{ env.AWS_REGION }}
          role-to-assume: {{ secrets.AWS_IAM_ROLE }}
      - id: login-ecr
        env:
          AWS_USE_FIPS_ENDPOINT: true
        uses: aws-actions/amazon-ecr-login@v2