# SPDX-FileCopyrightText: Copyright (c) 2024-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. # SPDX-License-Identifier: Apache-2.0 name: Build Frontend Image on: push: branches: - main - "pull-request/[0-9]+" # Note: release/* branches are handled by release.yml which calls this workflow workflow_call: secrets: AWS_ACCOUNT_ID: required: true AWS_DEFAULT_REGION: required: true AWS_ACCESS_KEY_ID: required: true AWS_SECRET_ACCESS_KEY: required: true AZURE_ACR_HOSTNAME: required: true AZURE_ACR_USER: required: true AZURE_ACR_PASSWORD: required: true CI_TOKEN: required: true SCCACHE_S3_BUCKET: required: true concurrency: group: ${{ github.workflow }}-${{ github.ref_name == 'main' && github.run_id || github.ref_name }} cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: changed-files: runs-on: ubuntu-latest outputs: frontend: ${{ steps.changes.outputs.frontend }} steps: - name: Checkout code uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 with: fetch-depth: 0 - name: Check for changes id: changes uses: ./.github/actions/changed-files with: gh_token: ${{ github.token }} build-frontend-image: name: Build Frontend Image (${{ matrix.platform.arch }}) needs: changed-files if: needs.changed-files.outputs.frontend == 'true' strategy: fail-fast: false matrix: platform: - { arch: amd64, runner: gpu-l40-amd64 } - { arch: arm64, runner: cpu-arm-r8g-4xlarge } runs-on: ${{ matrix.platform.runner }} steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Go uses: actions/setup-go@v5 with: go-version: '1.24' - name: Install dependencies shell: bash run: | set -euo pipefail # Install system dependencies from apt sudo apt-get update && sudo apt-get install -y git build-essential protobuf-compiler # Install Rust (cargo + rustc) curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain stable # Make cargo available to later steps echo "$HOME/.cargo/bin" >> "$GITHUB_PATH" - name: Install cbindgen shell: bash run: | set -euo pipefail cargo install cbindgen - name: Docker Login uses: ./.github/actions/docker-login with: aws_default_region: ${{ secrets.AWS_DEFAULT_REGION }} aws_account_id: ${{ secrets.AWS_ACCOUNT_ID }} azure_acr_hostname: ${{ secrets.AZURE_ACR_HOSTNAME }} azure_acr_user: ${{ secrets.AZURE_ACR_USER }} azure_acr_password: ${{ secrets.AZURE_ACR_PASSWORD }} - name: Build Frontend Container id: build-image uses: ./.github/actions/docker-build env: PLATFORMS: linux/${{ matrix.platform.arch }} TARGETARCH: ${{ matrix.platform.arch }} with: framework: none target: frontend platform: ${{ env.PLATFORMS }} ci_token: ${{ secrets.CI_TOKEN }} aws_default_region: ${{ secrets.AWS_DEFAULT_REGION }} sccache_s3_bucket: ${{ secrets.SCCACHE_S3_BUCKET }} aws_account_id: ${{ secrets.AWS_ACCOUNT_ID }} aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Docker Tag and Push Frontend Image uses: ./.github/actions/docker-tag-push with: local_image: ${{ steps.build-image.outputs.image_tag }} push_tags: ai-dynamo/dynamo:${{ github.sha }}-frontend-${{ matrix.platform.arch }} aws_push: 'true' azure_push: 'true' aws_account_id: ${{ secrets.AWS_ACCOUNT_ID }} aws_default_region: ${{ secrets.AWS_DEFAULT_REGION }} azure_acr_hostname: ${{ secrets.AZURE_ACR_HOSTNAME }} azure_acr_user: ${{ secrets.AZURE_ACR_USER }} azure_acr_password: ${{ secrets.AZURE_ACR_PASSWORD }} frontend-status-check: runs-on: ubuntu-latest needs: [changed-files, build-frontend-image] if: always() steps: - name: "Check all dependent jobs" run: | echo '${{ toJson(needs) }}' | jq -e 'to_entries | map(.value.result) | all(. as $result | ["success", "skipped"] | any($result == .))'