name: Build and Upload the Coordinator on: workflow_dispatch: push: branches: - main jobs: build-coordinator: name: "Build the Coordinator" runs-on: ubuntu-latest env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} outputs: coordinator-name: ${{ steps.copy.outputs.coordinator-name }} steps: - name: Checkout id: checkout uses: actions/checkout@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Cache Docker layers uses: actions/cache@v2 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Install Dependencies id: prepare run: sudo apt-get update && sudo apt-get -y install awscli - name: Build the Coordinator uses: docker/build-push-action@v2 with: context: . file: Dockerfile.build outputs: . push: false cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # This ugly bit is necessary if you don't want your cache to grow forever # till it hits GitHub's limit of 5GB. # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Copy Coordinator to S3 if not exists id: copy run: > aws s3api head-object --bucket ${{ secrets.PUBLIC_BUCKET_NAME }} --key coordinator/$(ls | grep "coordinator-") || ( echo "::set-output name=coordinator-name::$(ls | grep "coordinator-")" && aws s3 cp ${{ github.workspace }}/ s3://${{ secrets.PUBLIC_BUCKET_NAME }}/coordinator/ --exclude "*" --include "coordinator-*" --include "constellation" --recursive --quiet) shell: bash {0} call-coreos: needs: build-coordinator if: startsWith(needs.build-coordinator.outputs.coordinator-name, 'coordinator-') uses: ./.github/workflows/build-coreos.yml with: coordinator-name: ${{ needs.build-coordinator.outputs.coordinator-name }} secrets: CI_GITHUB_REPOSITORY: ${{ secrets.CI_GITHUB_REPOSITORY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} BUCKET_NAME: ${{ secrets.BUCKET_NAME }} PUBLIC_BUCKET_NAME: ${{ secrets.PUBLIC_BUCKET_NAME }} AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} call-aws-enclave: needs: build-coordinator if: startsWith(needs.build-coordinator.outputs.coordinator-name, 'coordinator-') uses: ./.github/workflows/build-enclave.yml with: coordinator-name: ${{ needs.build-coordinator.outputs.coordinator-name }} secrets: CI_GITHUB_REPOSITORY: ${{ secrets.CI_GITHUB_REPOSITORY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} BUCKET_NAME: ${{ secrets.BUCKET_NAME }} PUBLIC_BUCKET_NAME: ${{ secrets.PUBLIC_BUCKET_NAME }} SSH_PUB_KEY: ${{ secrets.SSH_PUB_KEY }} call-aws-ami: needs: call-aws-enclave uses: ./.github/workflows/build-ami.yml secrets: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} BUCKET_NAME: ${{ secrets.BUCKET_NAME }}