From cb5091802bebc2c50157c3ff60587e6a1f427137 Mon Sep 17 00:00:00 2001
From: bescka <126282728+bescka@users.noreply.github.com>
Date: Thu, 1 Aug 2024 17:49:32 +0100
Subject: [PATCH] workflows - aws whitelist-runner

---
 .github/workflows/deploy_on_push.yml | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/deploy_on_push.yml b/.github/workflows/deploy_on_push.yml
index 8ae7f256..e2f64c86 100644
--- a/.github/workflows/deploy_on_push.yml
+++ b/.github/workflows/deploy_on_push.yml
@@ -9,8 +9,26 @@ jobs:
   run_pull:
     name: Run Pull and Manage Containers
     runs-on: ubuntu-latest
-
+    env: 
+      AWS_INSTANCE_SG_ID: ${{ AWS_SG_ID }}
     steps:
+    - name: configure aws credentials
+      uses: aws-actions/configure-aws-credentials@v3
+      with:
+          aws-access-key-id: ${{AWS_ACCESS_KEY_ID}}
+          aws-secret-access-key: ${{AWS_SECRET_ACCESS_KEY}}
+          aws-region: ${{AWS_REGION}}
+    - name: get runner ip address
+      id: ip
+      uses: haythem/public-ip@v1.3
+    - name: whitelist runner ip address
+      run: |
+        aws ec2 authorize-security-group-ingress \
+          --group-id $AWS_INSTANCE_SG_ID \
+          --protocol tcp \
+          --port 22 \
+          --cidr ${{ steps.ip.outputs.ipv4 }}/32    
+
     - name: Checkout repository
       uses: actions/checkout@v4