pythonitalia
diff --git a/‎.editorconfig
+1-1 b/‎.editorconfig
+1-1
diff --git a/‎.github/workflows/build-backend.yml
+41 b/‎.github/workflows/build-backend.yml
+41
diff --git a/‎.github/workflows/build-base-pretix.yml
+1-1 b/‎.github/workflows/build-base-pretix.yml
+1-1
diff --git a/‎.github/workflows/build-frontend.yml
+65 b/‎.github/workflows/build-frontend.yml
+65
diff --git a/‎.github/workflows/build-pretix.yml
+39 b/‎.github/workflows/build-pretix.yml
+39
@@ -30,5 +30,5 @@ indent_size = 2
 [Makefile]
 indent_style = tab
 
-[*.tf]
+[{*.tf,*.tofu}]
 indent_size = 2
@@ -0,0 +1,41 @@
+on:
+  workflow_call:
+    inputs:
+      githash:
+        required: true
+        type: string
+
+jobs:
+  build:
+    name: Build
+    runs-on: [self-hosted]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref }}
+          fetch-depth: 0
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.aws_access_key_id }}
+          aws-secret-access-key: ${{ secrets.aws_secret_access_key }}
+          aws-region: eu-central-1
+      - name: Set up QEMU dependency
+        uses: docker/setup-qemu-action@v3
+      - name: Login to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v2
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: ./backend
+          file: ./backend/Dockerfile
+          builder: ${{ steps.buildx.outputs.name }}
+          provenance: false
+          push: true
+          tags: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com/pythonit/pycon-backend:arm-${{ inputs.githash }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache
+          platforms: linux/arm64
@@ -39,7 +39,7 @@ jobs:
           builder: ${{ steps.buildx.outputs.name }}
           provenance: false
           push: true
-          tags: ghcr.io/pythonitalia/pycon/arm-pretix:${{ inputs.version }}
+          tags: ghcr.io/pythonitalia/pycon/base-pretix:${{ inputs.version }}
           cache-from: type=local,src=/tmp/.buildx-cache
           cache-to: type=local,dest=/tmp/.buildx-cache
           platforms: linux/arm64
@@ -0,0 +1,65 @@
+on:
+  workflow_call:
+    inputs:
+      githash:
+        required: true
+        type: string
+      tf_environment:
+        required: true
+        type: string
+
+jobs:
+  build:
+    name: Build
+    runs-on: [self-hosted]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref }}
+          fetch-depth: 0
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.aws_access_key_id }}
+          aws-secret-access-key: ${{ secrets.aws_secret_access_key }}
+          aws-region: eu-central-1
+      - name: Set up QEMU dependency
+        uses: docker/setup-qemu-action@v3
+      - name: Login to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v2
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Get vars
+        id: vars
+        run: |
+          cms_hostname=$(aws ssm get-parameter --output text --query Parameter.Value --with-decryption --name /pythonit/${{ inputs.tf_environment }}/pycon-frontend/cms-hostname)
+          echo "CMS_HOSTNAME=$cms_hostname" >> "$GITHUB_OUTPUT"
+
+          conference_code=$(aws ssm get-parameter --output text --query Parameter.Value --with-decryption --name /pythonit/${{ inputs.tf_environment }}/pycon-frontend/conference-code)
+          echo "CONFERENCE_CODE=$conference_code" >> "$GITHUB_OUTPUT"
+
+          sentry_auth_token=$(aws ssm get-parameter --output text --query Parameter.Value --with-decryption --name /pythonit/${{ inputs.tf_environment }}/common/sentry-auth-token)
+          echo "::add-mask::$sentry_auth_token"
+          echo "SENTRY_AUTH_TOKEN=$sentry_auth_token" >> "$GITHUB_OUTPUT"
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: ./frontend
+          file: ./frontend/Dockerfile
+          builder: ${{ steps.buildx.outputs.name }}
+          provenance: false
+          push: true
+          tags: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com/pythonit/${{ inputs.tf_environment }}-pycon-frontend:${{ inputs.githash }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache
+          platforms: linux/arm64
+          build-args: |
+            API_URL_SERVER=https://${{ fromJSON('["pastaporto-", ""]')[github.ref == 'refs/heads/main'] }}admin.pycon.it
+            NEXT_PUBLIC_SITE_URL=${{ fromJSON('["pastaporto-frontend.", ""]')[github.ref == 'refs/heads/main'] }}pycon.it
+            CMS_ADMIN_HOST=${{ fromJSON('["pastaporto-", ""]')[github.ref == 'refs/heads/main'] }}admin.pycon.it
+            CMS_HOSTNAME=${{ steps.vars.outputs.cms_hostname }}
+            CONFERENCE_CODE=${{ steps.vars.outputs.conference_code }}
+            GIT_HASH=${{ inputs.githash }}
+          secrets: |
+            "sentry_auth_token=${{ steps.vars.outputs.sentry_auth_token }}"
@@ -0,0 +1,39 @@
+on:
+  workflow_call:
+    inputs:
+      githash:
+        required: true
+        type: string
+
+jobs:
+  build:
+    name: Build pretix
+    runs-on: [self-hosted]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref }}
+          fetch-depth: 0
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.aws_access_key_id }}
+          aws-secret-access-key: ${{ secrets.aws_secret_access_key }}
+          aws-region: eu-central-1
+      - name: Login to Amazon ECR
+        uses: aws-actions/amazon-ecr-login@v2
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and push pretix
+        uses: docker/build-push-action@v6
+        with:
+          context: ./pretix
+          file: ./pretix/Dockerfile
+          builder: ${{ steps.buildx.outputs.name }}
+          provenance: false
+          push: true
+          tags: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com/pythonit/pretix:arm-${{ inputs.githash }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache
+          platforms: linux/arm64