-
Notifications
You must be signed in to change notification settings - Fork 92
115 lines (103 loc) · 4.14 KB
/
_build-and-push-cliain.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
---
name: Build/Check and optionally push cliain docker image
on:
workflow_call:
inputs:
check-only:
description: 'Set to true if compilation linking phase should be omitted'
required: true
type: boolean
default: false
push:
description: 'Set to true to push cliain image to ECR'
required: false
type: boolean
default: false
jobs:
build-or-check-cliain:
name: Build or check cliain binary
runs-on: [self-hosted, Linux, X64, large]
env:
CARGO_COMMAND: ${{ inputs.check-only && 'check' || 'build' }}
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Install Rust toolchain
uses: Cardinal-Cryptography/github-actions/install-rust-toolchain@v7
- name: ${{ env.CARGO_COMMAND }} cliain binary
run: |
cd ./bin/cliain && cargo ${{ env.CARGO_COMMAND }} --release ${{ env.FEATURES }}
- name: Upload cliain binary to GH artifacts
if: ${{ inputs.check-only != true }}
uses: actions/upload-artifact@v4
with:
name: cliain
path: bin/cliain/target/release/cliain
if-no-files-found: error
retention-days: 7
push-cliain-to-ecr:
name: Build and push cliain docker image to ecr
needs: [build-or-check-cliain]
if: ${{ inputs.check-only != true && inputs.push == true }}
runs-on: ubuntu-20.04
env:
ECR_PUBLIC_HOST: ${{ vars.ECR_PUBLIC_HOST }}
ECR_PUBLIC_REGISTRY: ${{ vars.ECR_PUBLIC_REGISTRY }}
AWS_MAINNET_ACCESS_KEY_ID: ${{ secrets.AWS_MAINNET_ACCESS_KEY_ID }}
AWS_MAINNET_SECRET_ACCESS_KEY: ${{ secrets.AWS_MAINNET_SECRET_ACCESS_KEY }}
CI_DEVNET_S3BUCKET_NAME: ${{ secrets.CI_DEVNET_S3BUCKET_NAME }}
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Call action get-ref-properties
id: get-ref-properties
uses: Cardinal-Cryptography/github-actions/get-ref-properties@v7
- name: Download cliain from GH artifact
uses: actions/download-artifact@v4
with:
name: cliain
path: bin/cliain/target/release/cliain
- name: Login to Public Amazon ECR
uses: docker/login-action@v3
with:
registry: ${{ vars.ECR_PUBLIC_HOST }}
username: ${{ secrets.AWS_MAINNET_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_MAINNET_SECRET_ACCESS_KEY }}
- name: Build and push latest docker image
env:
IMAGE: 'cliain'
TAG: ${{ steps.get-ref-properties.outputs.sha }}
REGISTRY: ${{ vars.ECR_PUBLIC_REGISTRY }}
run: |
registry='${{ env.REGISTRY }}'
image_and_tag='${{ env.IMAGE }}:${{ env.TAG }}'
docker build -t ${registry}${image_and_tag} -f ./bin/cliain/Dockerfile ./bin/cliain
docker push ${registry}${image_and_tag}
if [[ '${{ steps.get-ref-properties.outputs.branch }}' -eq 'main' ]]; then
docker tag ${registry}${image_and_tag} ${registry}'${{ env.IMAGE }}:latest'
docker push ${registry}'${{ env.IMAGE }}:latest'
fi
- name: Configure AWS credentials for S3 AWS
if: ${{ inputs.check-only != true }}
uses: aws-actions/configure-aws-credentials@v4
env:
AWS_ACCESS_KEY_ID: ""
AWS_SECRET_ACCESS_KEY: ""
AWS_SESSION_TOKEN: ""
AWS_DEFAULT_REGION: ""
AWS_REGION: us-east-1
with:
aws-access-key-id: ${{ secrets.AWS_DEVNET_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_DEVNET_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Copy binary to S3 AWS bucket
if: ${{ inputs.check-only != true }}
uses: Cardinal-Cryptography/github-actions/copy-file-to-s3@v7
with:
source-path: bin/cliain/target/release
source-filename: cliain
s3-bucket-path:
builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/cliain
s3-bucket-filename:
cliain-${{ steps.get-ref-properties.outputs.sha }}.tar.gz
s3-bucket-name: ${{ secrets.CI_DEVNET_S3BUCKET_NAME }}