Skip to content

Build and push cliain docker image #2064

Build and push cliain docker image

Build and push cliain docker image #2064

---
name: Build and push cliain docker image
on:
push:
branches:
- 'main'
- 'release-*'
pull_request:
paths:
- bin/cliain/**
merge_group:
workflow_dispatch:
jobs:
main:
name: Build binary
runs-on: [self-hosted, Linux, X64, large]
strategy:
max-parallel: 1
matrix:
runtime: [standard, liminal]
fail-fast: false
env:
ECR_PUBLIC_HOST: ${{ vars.ECR_PUBLIC_HOST }}
ECR_PUBLIC_REGISTRY: ${{ vars.ECR_PUBLIC_REGISTRY }}
AWS_MAINNET_ACCESS_KEY_ID: ${{ secrets.AWS_MAINNET_ACCESS_KEY_ID }}
AWS_MAINNET_SECRET_ACCESS_KEY: ${{ secrets.AWS_MAINNET_SECRET_ACCESS_KEY }}
CI_DEVNET_S3BUCKET_NAME: ${{ secrets.CI_DEVNET_S3BUCKET_NAME }}
steps:
- name: GIT | Checkout source code
uses: actions/checkout@v3
- name: Install Rust toolchain
uses: Cardinal-Cryptography/github-actions/install-rust-toolchain@v1
- name: Cargo | Build release binary
run: |
if [[ ${{ matrix.runtime }} = 'liminal' ]]; then
FEATURES="--features liminal"
fi
cd ./bin/cliain && cargo build --release ${FEATURES}
- name: Test SNARK relations
if: ${{ matrix.runtime == 'liminal' }}
run: ./.github/scripts/test_cliain_snark_relations.sh
- name: Call action get-ref-properties
id: get-ref-properties
uses: Cardinal-Cryptography/github-actions/get-ref-properties@v1
- name: Login to ECR
if: >
env.ECR_PUBLIC_HOST != '' &&
env.ECR_PUBLIC_REGISTRY != '' &&
env.AWS_MAINNET_ACCESS_KEY_ID != '' &&
env.AWS_MAINNET_SECRET_ACCESS_KEY != ''
uses: docker/login-action@v2
with:
registry: ${{ env.ECR_PUBLIC_HOST }}
username: ${{ env.AWS_MAINNET_ACCESS_KEY_ID }}
password: ${{ env.AWS_MAINNET_SECRET_ACCESS_KEY }}
- name: Build and push latest docker image
if: >
env.ECR_PUBLIC_HOST != '' &&
env.ECR_PUBLIC_REGISTRY != '' &&
env.AWS_MAINNET_ACCESS_KEY_ID != '' &&
env.AWS_MAINNET_SECRET_ACCESS_KEY != ''
id: build-image
env:
REGISTRY: ${{ env.ECR_PUBLIC_REGISTRY }}
IMAGE_NAME: ${{ matrix.runtime == 'standard' && 'cliain' || 'cliain-liminal' }}
TAG: ${{ matrix.runtime == 'standard' &&
(steps.get-ref-properties.outputs.branch-name-flattened == 'main' && 'latest' ||
steps.get-ref-properties.outputs.branch-name-flattened) ||
matrix.runtime == 'liminal' && steps.get-ref-properties.outputs.sha }}
run: |
docker build -t "${{ env.REGISTRY }}${{ env.IMAGE_NAME }}:${{ env.TAG }}" \
-f ./bin/cliain/Dockerfile ./bin/cliain
if [[ \
"${{ github.event_name }}" == "workflow_dispatch" || \
"${{ github.event_name }}" == "push" \
]]; then
docker push "${{ env.REGISTRY }}${{ env.IMAGE_NAME }}:${{ env.TAG }}"
fi
- name: Configure AWS credentials for S3 AWS
if: >
env.AWS_MAINNET_ACCESS_KEY_ID != '' &&
env.AWS_MAINNET_SECRET_ACCESS_KEY != '' &&
env.CI_DEVNET_S3BUCKET_NAME != ''
uses: aws-actions/configure-aws-credentials@v2
env:
AWS_ACCESS_KEY_ID: ""
AWS_SECRET_ACCESS_KEY: ""
AWS_SESSION_TOKEN: ""
AWS_DEFAULT_REGION: ""
AWS_REGION: us-east-1
with:
aws-access-key-id: ${{ secrets.AWS_DEVNET_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_DEVNET_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Copy binary to S3 AWS bucket (non-liminal)
if: >
matrix.runtime != 'liminal' &&
env.AWS_MAINNET_ACCESS_KEY_ID != '' &&
env.AWS_MAINNET_SECRET_ACCESS_KEY != '' &&
env.CI_DEVNET_S3BUCKET_NAME != ''
uses: Cardinal-Cryptography/github-actions/copy-file-to-s3@v1
with:
source-path: bin/cliain/target/release
source-filename: cliain
s3-bucket-path:
# yamllint disable-line rule:line-length
builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/cliain
s3-bucket-filename:
cliain-${{ steps.get-ref-properties.outputs.sha }}.tar.gz
s3-bucket-name: ${{ secrets.CI_DEVNET_S3BUCKET_NAME }}