diff --git a/.github/workflows/ci-image-dev.yml b/.github/workflows/ci-image-dev.yml index c6ecd4776..e812ee7ea 100644 --- a/.github/workflows/ci-image-dev.yml +++ b/.github/workflows/ci-image-dev.yml @@ -22,26 +22,26 @@ jobs: GCP_REGISTRY_DOMAIN: asia-docker.pkg.dev GCP_REGISTRY: asia-docker.pkg.dev/${{ secrets.GCP_STG_REGISTRY_PROJECT_ID }}/zilliqa-private steps: - - name: Clean environment - # Prune the Docker resources created over 10 days before the current execution (change the value for a more/less aggressive cleanup). - shell: bash - run: | - docker system df - docker system prune -a -f --filter "until=168h" - docker system df - - name: 'Checkout scm ${{ inputs.commitOrTag }}' - uses: actions/checkout@v3 - with: - fetch-depth: 0 - ref: ${{ inputs.commitOrTag }} - - name: Docker build and push - uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v1 - with: - file: docker/Dockerfile - push: true - tag: ${{ env.GCP_REGISTRY }}/scilla - tag-length: 8 - registry: ${{ env.GCP_REGISTRY_DOMAIN }} - workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" - service-account: "${{ secrets.GCP_STG_GITHUB_SA_DOCKER_REGISTRY }}" - cache-key: ${{ github.event.repository.name }} + - name: Clean environment + # Prune the Docker resources created over 10 days before the current execution (change the value for a more/less aggressive cleanup). + shell: bash + run: | + docker system df + docker system prune -a -f --filter "until=168h" + docker system df + - name: 'Checkout scm ${{ inputs.commitOrTag }}' + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ inputs.commitOrTag }} + - name: Docker build and push + uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v1 + with: + file: docker/Dockerfile + push: true + tag: ${{ env.GCP_REGISTRY }}/scilla + tag-length: 8 + registry: ${{ env.GCP_REGISTRY_DOMAIN }} + workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" + service-account: "${{ secrets.GCP_STG_GITHUB_SA_DOCKER_REGISTRY }}" + cache-key: ${{ github.event.repository.name }} diff --git a/.github/workflows/ci-image-release.yml b/.github/workflows/ci-image-release.yml index 0b3cf335a..8ae6c9c7f 100644 --- a/.github/workflows/ci-image-release.yml +++ b/.github/workflows/ci-image-release.yml @@ -17,6 +17,9 @@ jobs: id-token: write contents: write runs-on: docker + env: + GCP_REGISTRY_DOMAIN: asia-docker.pkg.dev + GCP_REGISTRY: asia-docker.pkg.dev/${{ secrets.GCP_PRD_REGISTRY_PROJECT_ID }}/zilliqa-private steps: - name: 'Checkout scm ${{ inputs.commitOrTag }}' uses: actions/checkout@v3 @@ -42,17 +45,16 @@ jobs: echo "latest=false" >> $GITHUB_OUTPUT fi shell: bash - - name: Docker build and push + - name: Docker build and push (GCP) uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v1 with: file: docker/Dockerfile push: true - tag: ${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }}.dkr.ecr.${{ secrets.AWS_REGION_ZILLIQA }}.amazonaws.com/scilla:${{ steps.set-tag.outputs.tag }} + tag: ${{ env.GCP_REGISTRY }}/scilla:${{ steps.set-tag.outputs.tag }} tag-latest: ${{ steps.check-latest.outputs.latest }} - registry: ${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }}.dkr.ecr.${{ secrets.AWS_REGION_ZILLIQA }}.amazonaws.com - aws-region: ${{ secrets.AWS_REGION_ZILLIQA }} - role-to-assume: ${{ secrets.ECR_DEPLOYER_ROLE }} - oidc-role: ${{ secrets.OIDC_ROLE }} + registry: ${{ env.GCP_REGISTRY_DOMAIN }} + workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" + service-account: "${{ secrets.GCP_PRD_GITHUB_SA_DOCKER_REGISTRY }}" cache-key: ${{ github.event.repository.name }} - name: Docker build and push (Dockerhub) uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v1 diff --git a/.github/workflows/ci-image-test.yml b/.github/workflows/ci-image-test.yml index e759f4d9f..6d60ae902 100644 --- a/.github/workflows/ci-image-test.yml +++ b/.github/workflows/ci-image-test.yml @@ -19,6 +19,9 @@ jobs: contents: write name: tests runs-on: docker + env: + GCP_REGISTRY_DOMAIN: asia-docker.pkg.dev + GCP_REGISTRY: asia-docker.pkg.dev/${{ secrets.GCP_STG_REGISTRY_PROJECT_ID }}/zilliqa-private steps: - name: Clean environment # Prune the Docker resources created over 10 days before the current execution (change the value for a more/less aggressive cleanup). @@ -32,19 +35,23 @@ jobs: with: fetch-depth: 0 ref: ${{ inputs.commitOrTag }} - # - name: Configure AWS Credentials - # uses: Zilliqa/gh-actions-workflows/actions/configure-aws-credentials@v1 - # with: - # role-to-assume: ${{ secrets.ECR_DEPLOYER_ROLE }} - # oidc-role: ${{ secrets.OIDC_ROLE }} - # aws-region: ${{ secrets.AWS_REGION_ZILLIQA }} - # - name: Login to the registry - # uses: docker/login-action@v2 - # with: - # registry: ${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }}.dkr.ecr.${{ secrets.AWS_REGION_ZILLIQA }}.amazonaws.com + - name: "Configure GCP Credentials" + id: google-auth + uses: "google-github-actions/auth@v1" + with: + token_format: "access_token" + workload_identity_provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" + service_account: "${{ secrets.GCP_STG_GITHUB_SA_DOCKER_REGISTRY }}" + create_credentials_file: true + - name: Login to the GCP registry + uses: docker/login-action@v2 + with: + registry: ${{ env.GCP_REGISTRY_DOMAIN }} + username: "oauth2accesstoken" + password: "${{ steps.google-auth.outputs.access_token }}" - name: Build Docker images run: | - DOCKER_BUILDKIT=1 docker build -t scilla:tests --build-arg ACCOUNT_ID=${{ secrets.AWS_ACCOUNT_ID_ZILLIQA }} -f docker/Dockerfile.test . + DOCKER_BUILDKIT=1 docker build -t scilla:tests --build-arg REGISTRY=${{ env.GCP_REGISTRY }} -f docker/Dockerfile.test . shell: bash - name: Run make test run: | diff --git a/docker/Dockerfile.test b/docker/Dockerfile.test index f1e533cb7..984abbcd2 100644 --- a/docker/Dockerfile.test +++ b/docker/Dockerfile.test @@ -1,6 +1,6 @@ -ARG ACCOUNT_ID +ARG REGISTRY -FROM ${ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/scilla:429e2f9 +FROM ${REGISTRY}/scilla:69dbcd05 ENV VCPKG_ROOT="/vcpkg" ENV SCILLA_REPO_ROOT="/scilla/0"