yc #1

	name: build-image-ya
	on:
	push:
	branches:
	- main

	concurrency:
	group: ${{ github.ref }}-${{ github.workflow }}
	cancel-in-progress: true

	jobs:
	build-image:
	name: build-image
	runs-on: ubuntu-latest

	# Add "id-token" with the intended permissions.
	permissions:
	contents: "read"
	id-token: "write"

	steps:
	- uses: actions/checkout@v4

	- id: "auth"
	name: "Authenticate to Google Cloud"
	uses: "google-github-actions/auth@v2"
	with:
	workload_identity_provider: "projects/753698311885/locations/global/workloadIdentityPools/github-pool/providers/github-provider"
	service_account: "github-service-account@nitraai.iam.gserviceaccount.com"

	- id: secrets
	uses: google-github-actions/get-secretmanager-secrets@main
	with:
	secrets: \|-
	docker-hub:nitraai/docker-hub

	- name: Login to DockerHub
	uses: docker/login-action@v3
	with:
	username: vitaliytv
	password: ${{ steps.secrets.outputs.docker-hub }}

	- name: Set up Docker Context for Buildx
	id: buildx-context
	run: \|
	docker context create builders

	- name: Set up Docker Buildx
	id: buildx
	uses: docker/setup-buildx-action@v1
	with:
	version: latest
	endpoint: builders

	- name: build and push amd64
	run: \|
	docker buildx build \
	-f ya.Dockerfile . \
	--platform linux/amd64 \
	--tag nitra/actions-runner-ya:latest \
	--tag "nitra/actions-runner-ya:${GITHUB_SHA::8}" \
	--push

Provide feedback