diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000000..252a1df6ea --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,65 @@ +name: Build + +on: + pull_request: + branches: ["main"] + +permissions: + id-token: write + contents: read + +env: + REVISION: gh-pr-3.0.${{github.run_number}} + +jobs: + build: + runs-on: runs-on=${{ github.run_id }}/runner=16cpu-linux-arm64 + steps: + - uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Setup AWS Creds + if: ${{ secrets.AWS_ACCOUNT_ID != '' }} + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/GHActionsCodeartifactReadonly + aws-region: us-east-1 + + - name: Login to ECR + if: ${{ secrets.AWS_ACCOUNT_ID != '' }} + run: | + aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.us-east-1.amazonaws.com + + - name: Build and push to ECR + if: ${{ secrets.AWS_ACCOUNT_ID != '' }} + run: | + docker buildx build --platform linux/amd64,linux/arm64 \ + -t ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.us-east-1.amazonaws.com/transpiler:${{ env.REVISION }} \ + --network host --push . + + - name: Authenticate to GCP + if: ${{ secrets.GCR_PUSH_SA != '' }} + uses: google-github-actions/auth@v2 + with: + credentials_json: ${{ secrets.GCR_PUSH_SA }} + + - name: Login to GCR and push + if: ${{ secrets.GCR_PUSH_SA != '' && vars.GCR_PROJECT_ID != '' }} + run: | + echo '${{ secrets.GCR_PUSH_SA }}' | docker login -u _json_key --password-stdin us-docker.pkg.dev + docker buildx build --platform linux/amd64,linux/arm64 \ + -t us-docker.pkg.dev/${{ vars.GCR_PROJECT_ID }}/e6-engine/transpiler:${{ env.REVISION }} \ + --network host --push . + + - name: docker ACR login and push + run: | + echo ${{ secrets.ACR_TOKEN }} | docker login --username e6data-ci --password-stdin e6labs.azurecr.io + docker buildx build --no-cache --platform linux/amd64,linux/arm64 \ + -t e6labs.azurecr.io/transpiler:${{ env.REVISION }} \ + -t e6labs.azurecr.io/transpiler-dev:${{ env.REVISION }} \ + --network host --push .