diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 9ee88a4c026..95685b5359f 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -19,298 +19,323 @@ concurrency: cancel-in-progress: true jobs: - init: - runs-on: ubuntu-24.04 - outputs: - # To get an image from a feature branch, do one of the following: - # 1. Use a workflow dispatch - # 2. Add the `build-publish` label to your PR, and re-run the workflow (or push a commit) - should-run: >- - ${{ - steps.pr-labels.outputs.check-label-found == 'true' || - github.event_name == 'push' || - github.event_name == 'schedule' || - github.event_name == 'workflow_dispatch' - }} - runner-arm64: ${{ steps.runner-labels.outputs.runner-arm64 }} - runner-amd64: ${{ steps.runner-labels.outputs.runner-amd64 }} - checked-out-sha: ${{ steps.checkout-sha.outputs.checked-out-sha }} - version-tag: ${{ steps.version-info.outputs.version-tag }} + emit-pre-release-image-published-event: + name: Emit pre-release image published event + runs-on: ubuntu-latest + permissions: + contents: write steps: - - name: Get PR Labels - id: pr-labels - uses: smartcontractkit/.github/actions/get-pr-labels@get-pr-labels/v1 - with: - check-label: "build-publish" - skip-merge-group: "true" - - - name: Set runner labels - id: runner-labels - shell: bash + - name: Emit pre-release image published event env: - SH_RUNNER_LABEL_ARM64: runs-on=${{ github.run_id - }}/cpu=8/ram=16/family=c7g/volume=80gb/spot=false/image=ubuntu24-full-arm64 - SH_RUNNER_LABEL_AMD64: runs-on=${{ github.run_id - }}/cpu=8/ram=16/family=c7a/volume=80gb/spot=false/image=ubuntu24-full-x64 - GH_RUNNER_LABEL_ARM64: ubuntu-24.04-arm - GH_RUNNER_LABEL_AMD64: ubuntu-24.04 + DOCKER_MANIFEST_TAG: "2.43.2-rc.0" + REF_NAME: "v2.43.2-rc.0" + GH_TOKEN: ${{ github.token }} run: | - if [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then - echo "runner-arm64=${SH_RUNNER_LABEL_ARM64}" | tee -a "$GITHUB_OUTPUT" - echo "runner-amd64=${SH_RUNNER_LABEL_AMD64}" | tee -a "$GITHUB_OUTPUT" - else - # Use GitHub runner labels for non-PR events - echo "runner-arm64=${GH_RUNNER_LABEL_ARM64}" | tee -a "$GITHUB_OUTPUT" - echo "runner-amd64=${GH_RUNNER_LABEL_AMD64}" | tee -a "$GITHUB_OUTPUT" - fi + gh api \ + --method POST \ + -H "Accept: application/vnd.github+json" \ + "/repos/${GITHUB_REPOSITORY}/dispatches" \ + --input - <- + # ${{ + # steps.pr-labels.outputs.check-label-found == 'true' || + # github.event_name == 'push' || + # github.event_name == 'schedule' || + # github.event_name == 'workflow_dispatch' + # }} + # runner-arm64: ${{ steps.runner-labels.outputs.runner-arm64 }} + # runner-amd64: ${{ steps.runner-labels.outputs.runner-amd64 }} + # checked-out-sha: ${{ steps.checkout-sha.outputs.checked-out-sha }} + # version-tag: ${{ steps.version-info.outputs.version-tag }} + # steps: + # - name: Get PR Labels + # id: pr-labels + # uses: smartcontractkit/.github/actions/get-pr-labels@get-pr-labels/v1 + # with: + # check-label: "build-publish" + # skip-merge-group: "true" - - name: Checkout repository - uses: actions/checkout@v6 - with: - fetch-depth: 0 - ref: ${{ inputs.git-ref || github.sha }} + # - name: Set runner labels + # id: runner-labels + # shell: bash + # env: + # SH_RUNNER_LABEL_ARM64: runs-on=${{ github.run_id + # }}/cpu=8/ram=16/family=c7g/volume=80gb/spot=false/image=ubuntu24-full-arm64 + # SH_RUNNER_LABEL_AMD64: runs-on=${{ github.run_id + # }}/cpu=8/ram=16/family=c7a/volume=80gb/spot=false/image=ubuntu24-full-x64 + # GH_RUNNER_LABEL_ARM64: ubuntu-24.04-arm + # GH_RUNNER_LABEL_AMD64: ubuntu-24.04 + # run: | + # if [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then + # echo "runner-arm64=${SH_RUNNER_LABEL_ARM64}" | tee -a "$GITHUB_OUTPUT" + # echo "runner-amd64=${SH_RUNNER_LABEL_AMD64}" | tee -a "$GITHUB_OUTPUT" + # else + # # Use GitHub runner labels for non-PR events + # echo "runner-arm64=${GH_RUNNER_LABEL_ARM64}" | tee -a "$GITHUB_OUTPUT" + # echo "runner-amd64=${GH_RUNNER_LABEL_AMD64}" | tee -a "$GITHUB_OUTPUT" + # fi - - name: Resolve checked out SHA - id: checkout-sha - shell: bash - run: echo "checked-out-sha=$(git rev-parse HEAD)" | tee -a "$GITHUB_OUTPUT" + # - name: Checkout repository + # uses: actions/checkout@v6 + # with: + # fetch-depth: 0 + # ref: ${{ inputs.git-ref || github.sha }} - - name: Version Info - id: version-info - run: | - pkg_version=$(jq -r '.version' ./package.json) - version_tag="${pkg_version}-dev" - echo "version-tag=${version_tag}" | tee -a "$GITHUB_OUTPUT" + # - name: Resolve checked out SHA + # id: checkout-sha + # shell: bash + # run: echo "checked-out-sha=$(git rev-parse HEAD)" | tee -a "$GITHUB_OUTPUT" - docker-core: - needs: [ init ] - if: ${{ needs.init.outputs.should-run == 'true' }} - permissions: - contents: read - id-token: write - uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 - with: - aws-ecr-name: chainlink - aws-region-ecr: us-west-2 - aws-region-gati: us-west-2 - dockerfile: core/chainlink.Dockerfile - docker-build-context: . - docker-build-args: | - CHAINLINK_USER=chainlink - COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} - VERSION_TAG=${{ needs.init.outputs.version-tag }} - docker-manifest-sign: true - git-sha: ${{ needs.init.outputs.checked-out-sha }} - github-event-name: ${{ github.event_name }} - github-ref-name: ${{ github.ref_name }} - github-ref-type: ${{ github.ref_type}} - github-workflow-repository: ${{ github.repository }} - github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} - github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} - free-disk-space: "true" - secrets: - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} - AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} - AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} - AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + # - name: Version Info + # id: version-info + # run: | + # pkg_version=$(jq -r '.version' ./package.json) + # version_tag="${pkg_version}-dev" + # echo "version-tag=${version_tag}" | tee -a "$GITHUB_OUTPUT" - docker-core-plugins: - needs: [ init ] - if: ${{ needs.init.outputs.should-run == 'true' }} - permissions: - contents: read - id-token: write - uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 - with: - aws-ecr-name: chainlink - aws-region-ecr: us-west-2 - aws-region-gati: us-west-2 - dockerfile: plugins/chainlink.Dockerfile - docker-build-context: . - docker-build-args: | - CHAINLINK_USER=chainlink - COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} - VERSION_TAG=${{ needs.init.outputs.version-tag }} - CL_INSTALL_PRIVATE_PLUGINS=true - docker-manifest-sign: true - docker-tag-custom-suffix: "-plugins" - git-sha: ${{ needs.init.outputs.checked-out-sha }} - github-event-name: ${{ github.event_name }} - github-ref-name: ${{ github.ref_name }} - github-ref-type: ${{ github.ref_type}} - github-workflow-repository: ${{ github.repository }} - github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} - github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} - free-disk-space: "true" - secrets: - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} - AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} - AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} - AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + # docker-core: + # needs: [ init ] + # if: ${{ needs.init.outputs.should-run == 'true' }} + # permissions: + # contents: read + # id-token: write + # uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 + # with: + # aws-ecr-name: chainlink + # aws-region-ecr: us-west-2 + # aws-region-gati: us-west-2 + # dockerfile: core/chainlink.Dockerfile + # docker-build-context: . + # docker-build-args: | + # CHAINLINK_USER=chainlink + # COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} + # VERSION_TAG=${{ needs.init.outputs.version-tag }} + # docker-manifest-sign: true + # git-sha: ${{ needs.init.outputs.checked-out-sha }} + # github-event-name: ${{ github.event_name }} + # github-ref-name: ${{ github.ref_name }} + # github-ref-type: ${{ github.ref_type}} + # github-workflow-repository: ${{ github.repository }} + # github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} + # github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} + # free-disk-space: "true" + # secrets: + # AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} + # AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} + # AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} + # AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - docker-core-plugins-testing: - needs: [ init ] - if: ${{ needs.init.outputs.should-run == 'true' }} - permissions: - contents: read - id-token: write - uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 - with: - aws-ecr-name: chainlink - aws-region-ecr: us-west-2 - aws-region-gati: us-west-2 - dockerfile: plugins/chainlink.Dockerfile - docker-build-context: . - docker-build-args: | - CHAINLINK_USER=chainlink - COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} - VERSION_TAG=${{ needs.init.outputs.version-tag }} - CL_INSTALL_PRIVATE_PLUGINS=true - CL_INSTALL_TESTING_PLUGINS=true - docker-manifest-sign: true - docker-tag-custom-suffix: "-plugins-testing" - git-sha: ${{ needs.init.outputs.checked-out-sha }} - github-event-name: ${{ github.event_name }} - github-ref-name: ${{ github.ref_name }} - github-ref-type: ${{ github.ref_type}} - github-workflow-repository: ${{ github.repository }} - github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} - github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} - free-disk-space: "true" - secrets: - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} - AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} - AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} - AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + # docker-core-plugins: + # needs: [ init ] + # if: ${{ needs.init.outputs.should-run == 'true' }} + # permissions: + # contents: read + # id-token: write + # uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 + # with: + # aws-ecr-name: chainlink + # aws-region-ecr: us-west-2 + # aws-region-gati: us-west-2 + # dockerfile: plugins/chainlink.Dockerfile + # docker-build-context: . + # docker-build-args: | + # CHAINLINK_USER=chainlink + # COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} + # VERSION_TAG=${{ needs.init.outputs.version-tag }} + # CL_INSTALL_PRIVATE_PLUGINS=true + # docker-manifest-sign: true + # docker-tag-custom-suffix: "-plugins" + # git-sha: ${{ needs.init.outputs.checked-out-sha }} + # github-event-name: ${{ github.event_name }} + # github-ref-name: ${{ github.ref_name }} + # github-ref-type: ${{ github.ref_type}} + # github-workflow-repository: ${{ github.repository }} + # github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} + # github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} + # free-disk-space: "true" + # secrets: + # AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} + # AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} + # AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} + # AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - docker-ccip: - needs: [ init ] - if: ${{ needs.init.outputs.should-run == 'true' }} - permissions: - contents: read - id-token: write - uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 - with: - aws-ecr-name: ccip - aws-region-ecr: us-west-2 - aws-region-gati: us-west-2 - dockerfile: core/chainlink.Dockerfile - docker-build-context: . - docker-build-args: | - CHAINLINK_USER=chainlink - COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} - VERSION_TAG=${{ needs.init.outputs.version-tag }} - CL_INSTALL_PRIVATE_PLUGINS=true - CL_CHAIN_DEFAULTS=/ccip-config - CL_SOLANA_CMD= - docker-manifest-sign: true - git-sha: ${{ needs.init.outputs.checked-out-sha }} - github-event-name: ${{ github.event_name }} - github-ref-name: ${{ github.ref_name }} - github-ref-type: ${{ github.ref_type}} - github-workflow-repository: ${{ github.repository }} - github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} - github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} - free-disk-space: "true" - secrets: - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} - AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} - AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} - AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + # docker-core-plugins-testing: + # needs: [ init ] + # if: ${{ needs.init.outputs.should-run == 'true' }} + # permissions: + # contents: read + # id-token: write + # uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 + # with: + # aws-ecr-name: chainlink + # aws-region-ecr: us-west-2 + # aws-region-gati: us-west-2 + # dockerfile: plugins/chainlink.Dockerfile + # docker-build-context: . + # docker-build-args: | + # CHAINLINK_USER=chainlink + # COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} + # VERSION_TAG=${{ needs.init.outputs.version-tag }} + # CL_INSTALL_PRIVATE_PLUGINS=true + # CL_INSTALL_TESTING_PLUGINS=true + # docker-manifest-sign: true + # docker-tag-custom-suffix: "-plugins-testing" + # git-sha: ${{ needs.init.outputs.checked-out-sha }} + # github-event-name: ${{ github.event_name }} + # github-ref-name: ${{ github.ref_name }} + # github-ref-type: ${{ github.ref_type}} + # github-workflow-repository: ${{ github.repository }} + # github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} + # github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} + # free-disk-space: "true" + # secrets: + # AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} + # AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} + # AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} + # AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - docker-ccip-plugins: - needs: [ init ] - if: ${{ needs.init.outputs.should-run == 'true' }} - permissions: - contents: read - id-token: write - uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 - with: - aws-ecr-name: ccip - aws-region-ecr: us-west-2 - aws-region-gati: us-west-2 - dockerfile: plugins/chainlink.Dockerfile - docker-build-context: . - docker-build-args: | - CHAINLINK_USER=chainlink - COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} - VERSION_TAG=${{ needs.init.outputs.version-tag }} - CL_INSTALL_PRIVATE_PLUGINS=true - CL_CHAIN_DEFAULTS=/ccip-config - docker-manifest-sign: true - docker-tag-custom-suffix: "-plugins" - git-sha: ${{ needs.init.outputs.checked-out-sha }} - github-event-name: ${{ github.event_name }} - github-ref-name: ${{ github.ref_name }} - github-ref-type: ${{ github.ref_type}} - github-workflow-repository: ${{ github.repository }} - github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} - github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} - free-disk-space: "true" - secrets: - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} - AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} - AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} - AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + # docker-ccip: + # needs: [ init ] + # if: ${{ needs.init.outputs.should-run == 'true' }} + # permissions: + # contents: read + # id-token: write + # uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 + # with: + # aws-ecr-name: ccip + # aws-region-ecr: us-west-2 + # aws-region-gati: us-west-2 + # dockerfile: core/chainlink.Dockerfile + # docker-build-context: . + # docker-build-args: | + # CHAINLINK_USER=chainlink + # COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} + # VERSION_TAG=${{ needs.init.outputs.version-tag }} + # CL_INSTALL_PRIVATE_PLUGINS=true + # CL_CHAIN_DEFAULTS=/ccip-config + # CL_SOLANA_CMD= + # docker-manifest-sign: true + # git-sha: ${{ needs.init.outputs.checked-out-sha }} + # github-event-name: ${{ github.event_name }} + # github-ref-name: ${{ github.ref_name }} + # github-ref-type: ${{ github.ref_type}} + # github-workflow-repository: ${{ github.repository }} + # github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} + # github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} + # free-disk-space: "true" + # secrets: + # AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} + # AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} + # AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} + # AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - call-post-docker-build: - if: ${{ github.event_name == 'schedule' || github.event_name == - 'workflow_dispatch' }} - needs: [ init, docker-core ] - uses: ./.github/workflows/post-docker-build.yml - permissions: - actions: read - id-token: write - contents: read - with: - chainlink_core_image_tag: ${{ needs.docker-core.outputs.docker-manifest-tag }} - chainlink_version: ${{ needs.init.outputs.checked-out-sha }} - secrets: inherit + # docker-ccip-plugins: + # needs: [ init ] + # if: ${{ needs.init.outputs.should-run == 'true' }} + # permissions: + # contents: read + # id-token: write + # uses: smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml@f4ff50d0f4713ed7b247dbd8a58316484907f958 # 2026-01-13 + # with: + # aws-ecr-name: ccip + # aws-region-ecr: us-west-2 + # aws-region-gati: us-west-2 + # dockerfile: plugins/chainlink.Dockerfile + # docker-build-context: . + # docker-build-args: | + # CHAINLINK_USER=chainlink + # COMMIT_SHA=${{ needs.init.outputs.checked-out-sha }} + # VERSION_TAG=${{ needs.init.outputs.version-tag }} + # CL_INSTALL_PRIVATE_PLUGINS=true + # CL_CHAIN_DEFAULTS=/ccip-config + # docker-manifest-sign: true + # docker-tag-custom-suffix: "-plugins" + # git-sha: ${{ needs.init.outputs.checked-out-sha }} + # github-event-name: ${{ github.event_name }} + # github-ref-name: ${{ github.ref_name }} + # github-ref-type: ${{ github.ref_type}} + # github-workflow-repository: ${{ github.repository }} + # github-runner-arm64: ${{ needs.init.outputs.runner-arm64 }} + # github-runner-amd64: ${{ needs.init.outputs.runner-amd64 }} + # free-disk-space: "true" + # secrets: + # AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_SDLC }} + # AWS_ROLE_PUBLISH_ARN: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} + # AWS_ROLE_GATI_ARN: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} + # AWS_LAMBDA_GATI_URL: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - deploy-nightly-core: - if: false - # temporarily disabled - # if: ${{ github.event_name == 'schedule' }} - needs: [ docker-core ] - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v5 - - name: Deploy - uses: ./.github/actions/deploy-image - with: - aws-role-arn: ${{ secrets.AWS_RELENG_PROD_GATI_WORKFLOW_INVOKE_ARN }} - aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - aws-region: ${{ secrets.AWS_REGION }} - repo-destination: ${{ secrets.REPO_K8S_DEPLOY }} - oci-image-tag: ${{ needs.docker-core.outputs.docker-manifest-tag }} - oci-repository-url: ${{ format('{0}.dkr.ecr.{1}.amazonaws.com/chainlink', - secrets.AWS_ACCOUNT_ID_SDLC, secrets.AWS_REGION) }} - pr-close-enabled: false - products: | - cre + # call-post-docker-build: + # if: ${{ github.event_name == 'schedule' || github.event_name == + # 'workflow_dispatch' }} + # needs: [ init, docker-core ] + # uses: ./.github/workflows/post-docker-build.yml + # permissions: + # actions: read + # id-token: write + # contents: read + # with: + # chainlink_core_image_tag: ${{ needs.docker-core.outputs.docker-manifest-tag }} + # chainlink_version: ${{ needs.init.outputs.checked-out-sha }} + # secrets: inherit - deploy-nightly-ccip: - if: ${{ github.event_name == 'schedule' }} - needs: [ docker-ccip ] - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v5 - - name: Deploy - uses: ./.github/actions/deploy-image - with: - aws-role-arn: ${{ secrets.AWS_RELENG_PROD_GATI_WORKFLOW_INVOKE_ARN }} - aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - aws-region: ${{ secrets.AWS_REGION }} - repo-destination: ${{ secrets.REPO_K8S_DEPLOY }} - oci-image-tag: ${{ needs.docker-ccip.outputs.docker-manifest-tag }} - oci-repository-url: ${{ format('{0}.dkr.ecr.{1}.amazonaws.com/ccip', - secrets.AWS_ACCOUNT_ID_SDLC, secrets.AWS_REGION) }} - pr-close-enabled: false - products: | - ccip-nightlies + # deploy-nightly-core: + # if: false + # # temporarily disabled + # # if: ${{ github.event_name == 'schedule' }} + # needs: [ docker-core ] + # permissions: + # contents: read + # id-token: write + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@v5 + # - name: Deploy + # uses: ./.github/actions/deploy-image + # with: + # aws-role-arn: ${{ secrets.AWS_RELENG_PROD_GATI_WORKFLOW_INVOKE_ARN }} + # aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + # aws-region: ${{ secrets.AWS_REGION }} + # repo-destination: ${{ secrets.REPO_K8S_DEPLOY }} + # oci-image-tag: ${{ needs.docker-core.outputs.docker-manifest-tag }} + # oci-repository-url: ${{ format('{0}.dkr.ecr.{1}.amazonaws.com/chainlink', + # secrets.AWS_ACCOUNT_ID_SDLC, secrets.AWS_REGION) }} + # pr-close-enabled: false + # products: | + # cre + + # deploy-nightly-ccip: + # if: ${{ github.event_name == 'schedule' }} + # needs: [ docker-ccip ] + # permissions: + # contents: read + # id-token: write + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@v5 + # - name: Deploy + # uses: ./.github/actions/deploy-image + # with: + # aws-role-arn: ${{ secrets.AWS_RELENG_PROD_GATI_WORKFLOW_INVOKE_ARN }} + # aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + # aws-region: ${{ secrets.AWS_REGION }} + # repo-destination: ${{ secrets.REPO_K8S_DEPLOY }} + # oci-image-tag: ${{ needs.docker-ccip.outputs.docker-manifest-tag }} + # oci-repository-url: ${{ format('{0}.dkr.ecr.{1}.amazonaws.com/ccip', + # secrets.AWS_ACCOUNT_ID_SDLC, secrets.AWS_REGION) }} + # pr-close-enabled: false + # products: | + # ccip-nightlies