Release artifacts for v0.0.8

Built from source commit 96cdb55

Author: github-actions[bot]

CODE_OF_CONDUCT.md

@@ -0,0 +1,9 @@
+# Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+Resources:
+
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns

LICENSE

@@ -0,0 +1,21 @@
+    MIT License
+
+    Copyright (c) Microsoft Corporation.
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE

README.md

@@ -0,0 +1,165 @@
+# ONNX Runtime GitHub Actions
+
+This repository contains reusable GitHub Actions designed primarily for CI/CD pipelines within the ONNX Runtime organization's projects. It consolidates multiple actions into a single Node.js project to simplify maintenance and avoid checking compiled JavaScript code into consuming repositories.
+
+This project uses `esbuild` to compile the JavaScript source code for each action. The compiled output is **not** committed to the `main` branch. Instead, releases are created based on Git tags, and the compiled actions are attached as downloadable assets to GitHub Releases.
+
+## Project Structure
+
+- `/src`: Contains the source TypeScript/JavaScript code for each action in its own subdirectory.
+- `/actions`: Contains the `action.yml` metadata file for each action in its own subdirectory.
+- `/build`: (Generated, not committed to `main`) Contains the compiled output after running `npm run build`. Each action has a subdirectory here containing its `action.yml` and `dist/index.js`.
+- `package.json`: Manages dependencies and build scripts for all actions.
+- `esbuild.config.mjs`: Configuration file for the `esbuild` bundler.
+
+## Available Actions
+
+1.  **`build-docker-image`**
+
+    - Builds a Docker image, with optional caching and pushing via Azure Container Registry. This Action is Linux only.
+    - See: [`actions/build-docker-image/action.yml`](./actions/build-docker-image/action.yml)
+    - See details: [`.github/actions/build-docker-image/README.md`](./.github/actions/build-docker-image/README.md)
+
+2.  **`run-build-script-in-docker`**
+
+    - Runs the ONNX Runtime `tools/ci_build/build.py` script inside a specified Docker container. This Action is Linux only.
+    - Supports different modes (`update`, `build`, `test`).
+    - Includes auto-detection for NVIDIA GPUs (`--gpus all`).
+    - Manages common volume mounts (workspace, cache, test data).
+    - Handles enabling execution providers via `--use_<ep>` flags.
+    - See: [`actions/run-build-script-in-docker/action.yml`](./actions/run-build-script-in-docker/action.yml)
+
+3.  **`setup-build-tools`**
+
+    - Sets up specified versions of CMake and vcpkg for build environments.
+    - Downloads, verifies (via SHA512 hash), extracts, and caches the tools using `@actions/tool-cache`.
+    - Runs CMake setup first, then vcpkg setup (including bootstrapping).
+    - Optionally adds the installed CMake version to the system `PATH`.
+    - Sets the `VCPKG_INSTALLATION_ROOT` environment variable for use with toolchain files.
+    - Supports Windows, Linux, and macOS runners.
+    - See: [`actions/setup-build-tools/action.yml`](./actions/setup-build-tools/action.yml)
+    - See details: [`actions/setup-build-tools/README.md`](./actions/setup-build-tools/README.md)
+
+## Usage (for Consumers)
+
+Because the compiled action code (in the `build/` directory) is not present on the `main` branch or directly associated with version tags in the repository filesystem, you **cannot** use the actions directly like this:
+
+```yaml
+# --- THIS WILL NOT WORK ---
+# uses: microsoft/onnxruntime-github-actions/build/run-build-script-in-docker@vX.Y.Z
+```
+
+Instead, you must download the compiled action bundle from the corresponding GitHub Release asset and reference it locally:
+
+1. Find the Release: Go to the Releases page of this repository.
+2. Identify Version: Find the release tag (e.g., v0.0.2) corresponding to the version you want to use.
+3. Download Asset: Download the .zip asset attached to that release (e.g., onnxruntime-actions-v0.0.2.zip).
+4. Use in Workflow: Add steps to your workflow to download and unzip the asset, then reference the action using its local path.
+
+Example Workflow Snippet:
+
+```yaml
+name: Example Workflow Using ORT Actions
+
+on: [push]
+
+jobs:
+  build_with_ort_action:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Consumer Repo
+        uses: actions/checkout@v4
+
+      # 1. Download the specific version of the action bundle
+      - name: Download ORT Actions Asset (v0.0.2) # <-- Adjust version as needed
+        uses: dsaltares/fetch-gh-release-asset@1.1.0 # Action to download assets
+        with:
+          repo: 'microsoft/onnxruntime-github-actions' # The repo containing the actions
+          version: 'tags/v0.0.2' # The specific tag/version to use
+          file: 'onnxruntime-actions-v0.0.2.zip' # The asset filename (matches release workflow output)
+          target: 'onnxruntime-actions.zip' # Local filename to save as
+        env:
+          # Use default token for public repos, provide PAT for private if necessary
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      # 2. Unzip the downloaded actions
+      - name: Unzip ORT Actions
+        run: |
+          mkdir -p ./.github/_downloaded_actions # Create a directory to hold them
+          unzip onnxruntime-actions.zip -d ./.github/_downloaded_actions
+          echo "Unzipped contents:"
+          ls -lR ./.github/_downloaded_actions # Verify structure
+
+      # 3. Use the action via its local path
+      - name: Run Build Script in Docker
+        # Reference the action.yml inside the unzipped structure
+        uses: ./.github/_downloaded_actions/run-build-script-in-docker
+        with:
+          # Provide inputs for the action
+          docker_image: 'your-build-image:latest'
+          build_config: 'Release'
+          mode: 'build' # Or 'update', 'test'
+          execution_providers: 'cuda tensorrt'
+          # ... other inputs ...
+```
+
+# Integration Test
+
+Before making a release, please use the following steps to do an integration test with ONNX Runtime's main repo. While the standard release process involves tags and downloadable assets (as described in the "Usage" section), we need to test changes in a consuming repository _before_ an official release is tagged, using the direct `uses:` syntax. This can be achieved by temporarily committing the compiled `build/` directory to a specific branch or commit.
+
+**Note:** This method involves committing build artifacts to the Git repository, which is generally discouraged for the `main` branch as it increases repository size and complicates diffs. Use this approach primarily on short-lived development/feature branches for integration testing purposes.
+
+**Steps that should be done in this repo:**
+
+1.  **Create a Branch:** Create a new development branch in _this_ repository (e.g., `dev/feature-xyz`).
+2.  **Make Changes:** Modify the action source code (`src/`) and/or metadata (`actions/`).
+3.  **Build:** Run `npm run build` from the repository root. This generates the output in the `build/` directory.
+4.  **Commit Build Output:** Stage and commit **both** your source code changes AND the entire generated `build/` directory. You may need to bypass the `.gitignore` for the `build/` directory:
+    ```bash
+    git add src/ actions/ # Stage source changes
+    git add --force build/ # Force staging of the ignored build directory
+    git commit -m "feat: Update action XYZ (including build output for testing)"
+    ```
+5.  **Push Branch:** Push your development branch to the origin: `git push origin dev/feature-xyz`.
+6.  **Get Commit SHA (Recommended):** After pushing, get the full commit SHA of your latest commit on the development branch (e.g., using `git rev-parse HEAD` or from the GitHub UI).
+
+**Steps that should be done in the main ONNX Runtime repo**
+
+1.  Create a dev branch
+2.  Modify the `uses:` line for the action you want to test to point to the specific branch or commit SHA in _this_ actions repository:
+
+    ```yaml
+    steps:
+      - name: Run Pre-Release Build Script in Docker
+        # Option 1: Using the branch name (updates automatically if branch changes)
+        # uses: microsoft/onnxruntime-github-actions/build/run-build-script-in-docker@dev/feature-xyz
+
+        # Option 2: Using the specific commit SHA (safer - pins to exact version)
+        uses: microsoft/onnxruntime-github-actions/build/run-build-script-in-docker@<full_commit_sha_from_actions_repo>
+        with:
+          # ... inputs ...
+    ```
+
+    _(Replace `<full_commit_sha_from_actions_repo>` with the actual SHA obtained in step 6 above)._
+
+## Contributing
+
+This project welcomes contributions and suggestions. Most contributions require you to agree to a
+Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
+the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
+
+When you submit a pull request, a CLA bot will automatically determine whether you need to provide
+a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
+provided by the bot. You will only need to do this once across all repos using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
+contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+
+## Trademarks
+
+This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft
+trademarks or logos is subject to and must follow
+[Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).
+Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
+Any use of third-party trademarks or logos are subject to those third-party's policies.

SECURITY.md

@@ -0,0 +1,41 @@
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.9 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet) and [Xamarin](https://github.com/xamarin).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/security.md/msrc/create-report).
+
+If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/security.md/msrc/pgp).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/security.md/msrc/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

SUPPORT.md

@@ -0,0 +1,3 @@
+# Support
+
+This repo is for supporting ONNX Runtime's engineering system. If you'd like to use it in another places, everything is provided as is.

build-and-prep-ort-files/action.yml

@@ -0,0 +1,5 @@
+name: 'Build Full ORT and Prepare Test Files'
+description: 'Installs requirements, builds full ORT wheel, installs it, and generates ORT format models and config files for minimal build tests in $RUNNER_TEMP.'
+runs:
+  using: 'node20'
+  main: 'dist/index.js'