Skip to content

V48 (impl-only): Fix Sandbox.create git clone for branch+SHA deposits #439

V48 (impl-only): Fix Sandbox.create git clone for branch+SHA deposits

V48 (impl-only): Fix Sandbox.create git clone for branch+SHA deposits #439

name: Long-Runner Image
on:
push:
paths:
- "uapi/**"
- "Dockerfile.long-runner"
- ".github/workflows/long-runner-ci.yml"
jobs:
build-and-push:
runs-on: ubuntu-latest
env:
AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }}
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
permissions:
contents: read
id-token: write # For OIDC auth to cloud registry (e.g. AWS ECR)
steps:
- uses: actions/checkout@v4
- name: Resolve image tags
id: image
run: |
if [ "${GITHUB_REF}" = "refs/heads/main" ] && [ -n "${ECR_REPOSITORY}" ]; then
{
echo "push=true"
echo "runner_tag=${ECR_REPOSITORY}:latest"
echo "worker_tag=${ECR_REPOSITORY}:worker"
} >> "$GITHUB_OUTPUT"
else
{
echo "push=false"
echo "runner_tag=bitcode-long-runner:ci"
echo "worker_tag=bitcode-long-runner-worker:ci"
} >> "$GITHUB_OUTPUT"
fi
# Optionally configure AWS credentials – replace with GCP/Azure/Fly
- name: Configure AWS credentials
if: steps.image.outputs.push == 'true' && env.AWS_ROLE_TO_ASSUME != ''
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Login to Amazon ECR
if: steps.image.outputs.push == 'true' && env.AWS_ROLE_TO_ASSUME != ''
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and Push Runner
uses: docker/build-push-action@v5
with:
context: .
file: Dockerfile.long-runner
push: ${{ steps.image.outputs.push == 'true' }}
tags: ${{ steps.image.outputs.runner_tag }}
- name: Build and Push Worker
uses: docker/build-push-action@v5
with:
context: .
file: Dockerfile.long-runner-worker
push: ${{ steps.image.outputs.push == 'true' }}
tags: ${{ steps.image.outputs.worker_tag }}