From 394ec9777047cceeca426d26a4b82a440bffe95f Mon Sep 17 00:00:00 2001
From: Guerdon Mukama <gmukama@gmail.com>
Date: Wed, 20 Aug 2025 12:41:19 +1000
Subject: [PATCH] admin tools image

---
 .../workflows/admin-utils-docker-build.yml    | 51 +++++++++++++++++++
 adminUtils.Dockerfile                         | 24 +++++++++
 2 files changed, 75 insertions(+)
 create mode 100644 .github/workflows/admin-utils-docker-build.yml
 create mode 100644 adminUtils.Dockerfile

diff --git a/.github/workflows/admin-utils-docker-build.yml b/.github/workflows/admin-utils-docker-build.yml
new file mode 100644
index 000000000..020b39301
--- /dev/null
+++ b/.github/workflows/admin-utils-docker-build.yml
@@ -0,0 +1,51 @@
+name: Build and Push Admin Utils Image
+
+on:
+  push:
+    branches:
+      - develop
+      - master
+    paths:
+      - 'adminUtils.Dockerfile'       
+      - '.github/workflows/admin-utils-docker-build.yml'
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    environment: dev
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Configure AWS credentials (Dev Account)
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN_DEV }}
+          aws-region: ${{ secrets.CDK_REGION_DEV }}
+
+      - name: Log in to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ steps.login-ecr.outputs.registry }}/rems-admin-utils
+          tags: |
+            type=ref,event=branch
+            type=sha
+            ${{ github.ref == 'refs/heads/master' && 'latest' || '' }}
+
+      - name: Build and push Admin Utils image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: adminUtils.Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/adminUtils.Dockerfile b/adminUtils.Dockerfile
new file mode 100644
index 000000000..51b3780de
--- /dev/null
+++ b/adminUtils.Dockerfile
@@ -0,0 +1,24 @@
+# adminUtils.Dockerfile
+# Pin to postgres:15 on Debian; if you want fewer surprises, you can use :15-bookworm
+FROM postgres:15
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Minimal, useful admin tooling; netcat-openbsd provides nc
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    jq \
+    vim-tiny \
+    less \
+    procps \
+    netcat-openbsd \
+    ca-certificates \
+  && rm -rf /var/lib/apt/lists/*
+
+# You'll exec with /bin/bash; ensure it's present (it is on postgres:15, but harmless to add)
+# RUN apt-get update && apt-get install -y --no-install-recommends bash && rm -rf /var/lib/apt/lists/*
+
+# Nothing else needed; ECS Exec will override the command (e.g., /bin/bash)
+
+
+