From 7b60ccc68c3c9a18cbe0a9ad02abaa47fc9cf6c7 Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Sun, 28 Jan 2024 18:23:35 +0100 Subject: [PATCH] Add github actions Signed-off-by: Carlos Eduardo Arango Gutierrez --- .github/ISSUE_TEMPLATE | 29 +++++ .github/dependabot.yml | 20 ++++ .github/workflows/blossom-ci.yml | 113 ------------------- .github/workflows/golang.yaml | 56 ++++++++++ .github/workflows/image.yaml | 185 +++++++++++++++++++++++++++++++ .github/workflows/pre-sanity.yml | 22 ---- 6 files changed, 290 insertions(+), 135 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE create mode 100644 .github/dependabot.yml delete mode 100644 .github/workflows/blossom-ci.yml create mode 100644 .github/workflows/golang.yaml create mode 100644 .github/workflows/image.yaml delete mode 100644 .github/workflows/pre-sanity.yml diff --git a/.github/ISSUE_TEMPLATE b/.github/ISSUE_TEMPLATE new file mode 100644 index 00000000..25618f50 --- /dev/null +++ b/.github/ISSUE_TEMPLATE @@ -0,0 +1,29 @@ +--- +name: Container Toolkit Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: elezar, kklues + +--- + +_The template below is mostly useful for bug reports and support questions. Feel free to remove anything which doesn't apply to you and add more information where it makes sense._ + +_**Important Note: NVIDIA AI Enterprise customers can get support from NVIDIA Enterprise support. Please open a case [here](https://enterprise-support.nvidia.com/s/create-case)**._ + + +### 1. Quick Debug Information +* OS/Version(e.g. RHEL8.6, Ubuntu22.04): +* Kernel Version: +* Container Runtime Type/Version(e.g. Containerd, CRI-O, Docker): + +### 2. Issue or feature description +_Briefly explain the issue in terms of expected behavior and current behavior._ + +### 3. Information to [attach](https://help.github.com/articles/file-attachments-on-issues-and-pull-requests/) (optional if deemed irrelevant) + +Common error checking: + - [ ] The output of `nvidia-smi -a` on your host + - [ ] Your docker configuration file (e.g: `/etc/docker/daemon.json`) + - [ ] The k8s-device-plugin container logs + - [ ] The kubelet logs on the node (e.g: `sudo journalctl -r -u kubelet`) diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..15d60e54 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,20 @@ +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "gomod" + target-branch: main + directory: "/" + schedule: + interval: "weekly" + day: "sunday" + ignore: + - dependency-name: k8s.io/* + labels: + - dependencies + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" \ No newline at end of file diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml deleted file mode 100644 index a5b37eb4..00000000 --- a/.github/workflows/blossom-ci.yml +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright (c) 2020-2023, NVIDIA CORPORATION. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# A workflow to trigger ci on hybrid infra (github + self hosted runner) -name: Blossom-CI -on: - issue_comment: - types: [created] - workflow_dispatch: - inputs: - platform: - description: 'runs-on argument' - required: false - args: - description: 'argument' - required: false -jobs: - Authorization: - name: Authorization - runs-on: blossom - outputs: - args: ${{ env.args }} - - # This job only runs for pull request comments - if: | - contains( '\ - anstockatnv,\ - rorajani,\ - cdesiniotis,\ - shivamerla,\ - ArangoGutierrez,\ - elezar,\ - klueska,\ - zvonkok,\ - ', format('{0},', github.actor)) && - github.event.comment.body == '/blossom-ci' - steps: - - name: Check if comment is issued by authorized person - run: blossom-ci - env: - OPERATION: 'AUTH' - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} - REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} - - Vulnerability-scan: - name: Vulnerability scan - needs: [Authorization] - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v2 - with: - repository: ${{ fromJson(needs.Authorization.outputs.args).repo }} - ref: ${{ fromJson(needs.Authorization.outputs.args).ref }} - lfs: 'true' - - # repo specific steps - #- name: Setup java - # uses: actions/setup-java@v1 - # with: - # java-version: 1.8 - - # add blackduck properties https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/631308372/Methods+for+Configuring+Analysis#Using-a-configuration-file - #- name: Setup blackduck properties - # run: | - # PROJECTS=$(mvn -am dependency:tree | grep maven-dependency-plugin | awk '{ out="com.nvidia:"$(NF-1);print out }' | grep rapids | xargs | sed -e 's/ /,/g') - # echo detect.maven.build.command="-pl=$PROJECTS -am" >> application.properties - # echo detect.maven.included.scopes=compile >> application.properties - - - name: Run blossom action - uses: NVIDIA/blossom-action@main - env: - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} - REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} - with: - args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }} - args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }} - args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }} - - Job-trigger: - name: Start ci job - needs: [Vulnerability-scan] - runs-on: blossom - steps: - - name: Start ci job - run: blossom-ci - env: - OPERATION: 'START-CI-JOB' - CI_SERVER: ${{ secrets.CI_SERVER }} - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - Upload-Log: - name: Upload log - runs-on: blossom - if : github.event_name == 'workflow_dispatch' - steps: - - name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here) - run: blossom-ci - env: - OPERATION: 'POST-PROCESSING' - CI_SERVER: ${{ secrets.CI_SERVER }} - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/golang.yaml b/.github/workflows/golang.yaml new file mode 100644 index 00000000..7485204f --- /dev/null +++ b/.github/workflows/golang.yaml @@ -0,0 +1,56 @@ +# Copyright 2024 NVIDIA CORPORATION +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: Golang + +on: + pull_request: + branches: + - main + - release-* + push: + branches: + - main + - release-* + +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + args: -v --timeout 5m + skip-cache: true + test: + name: Unit test + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: '1.20' + - run: make test + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Build + run: make docker-build \ No newline at end of file diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml new file mode 100644 index 00000000..c8d3466f --- /dev/null +++ b/.github/workflows/image.yaml @@ -0,0 +1,185 @@ +# Copyright 2024 NVIDIA CORPORATION +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Run this workflow on pull requests +name: image + +on: + pull_request: + types: + - opened + - synchronize + branches: + - main + - release-* + push: + branches: + - main + - release-* + +jobs: + meta-packages: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + packaging: [deb, rpm] + steps: + - uses: actions/checkout@v4 + name: Check out code + - name: Calculate build vars + id: vars + run: | + echo "DIST_DIR=${{ github.workspace }}/toolkit-container-${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_NAME=toolkit-container-${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_ROOT=toolkit-container-${{ github.run_id }}" >> $GITHUB_ENV + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: build meta-packages + env: + SKIP_LIBNVIDIA_CONTAINER: "yes" + SKIP_NVIDIA_CONTAINER_TOOLKIT: "yes" + run: | + sudo apt-get install -y coreutils build-essential sed git bash make + echo "Building packages" + ./scripts/build-packages.sh ${{ matrix.packaging }} + - name: 'Upload Artifacts' + uses: actions/upload-artifact@v4 + with: + compression-level: 0 + name: toolkit-container-${{ github.run_id }} + path: ${{ github.workspace }}/toolkit-container-${{ matrix.packaging }}-${{ github.run_id }} + + ubuntu-packages: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arch: [amd64, arm64] + steps: + - uses: actions/checkout@v4 + name: Check out code + - name: Calculate build vars + id: vars + run: | + echo "DIST_DIR=${{ github.workspace }}/toolkit-container-ubuntu18.04-${{ matrix.arch }}${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_NAME=toolkit-container-ubuntu18.04-${{ matrix.arch }}${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_ROOT=toolkit-container-ubuntu18.04-${{ matrix.arch }}${{ github.run_id }}" >> $GITHUB_ENV + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: build meta-packages + env: + ARCH: ${{ matrix.arch }} + run: | + sudo apt-get install -y coreutils build-essential sed git bash make + echo "Building packages" + ./scripts/build-packages.sh ubuntu18.04-${{ matrix.arch }} + - name: 'Upload Artifacts' + uses: actions/upload-artifact@v4 + with: + compression-level: 0 + name: toolkit-container-${{ github.run_id }} + path: ${{ github.workspace }}/toolkit-container-ubuntu18.04-${{ matrix.arch }}-${{ github.run_id }} + + centos7-packages: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arch: [aarch64, x86_64] + steps: + - uses: actions/checkout@v4 + name: Check out code + - name: Calculate build vars + id: vars + run: | + echo "DIST_DIR=${{ github.workspace }}/toolkit-container-centos7-${{ matrix.arch }}-${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_NAME=toolkit-container-centos7-${{ matrix.arch }}-${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_ROOT=toolkit-container-centos7-${{ matrix.arch }}-${{ github.run_id }}" >> $GITHUB_ENV + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: build meta-packages + env: + ARCH: ${{ matrix.arch }} + run: | + sudo apt-get install -y coreutils build-essential sed git bash make + echo "Building packages" + ./scripts/build-packages.sh centos7-${{ matrix.arch }} + - name: 'Upload Artifacts' + uses: actions/upload-artifact@v4 + with: + compression-level: 0 + name: toolkit-container-${{ github.run_id }} + path: ${{ github.workspace }}/toolkit-container-centos7-${{ matrix.arch }}-${{ github.run_id }} + + build: + runs-on: ubuntu-latest + needs: [meta-packages, ubuntu-packages, centos7-packages] + strategy: + matrix: + dist: [ubuntu20.04, centos7, ubi8] + steps: + - uses: actions/checkout@v4 + name: Check out code + - name: Calculate build vars + id: vars + run: | + echo "COMMIT_SHORT_SHA=${GITHUB_SHA:0:8}" >> $GITHUB_ENV + echo "LOWERCASE_REPO_OWNER=$(echo "${GITHUB_REPOSITORY_OWNER}" | awk '{print tolower($0)}')" >> $GITHUB_ENV + REPO_FULL_NAME="${{ github.event.pull_request.head.repo.full_name }}" + echo "${REPO_FULL_NAME}" + echo "LABEL_IMAGE_SOURCE=https://github.com/${REPO_FULL_NAME}" >> $GITHUB_ENV + + echo "DIST_DIR=${{ github.workspace }}/toolkit-container-${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_NAME=toolkit-container-${{ github.run_id }}" >> $GITHUB_ENV + echo "ARTIFACTS_ROOT=toolkit-container-${{ github.run_id }}" >> $GITHUB_ENV + + GENERATE_ARTIFACTS="false" + if [[ "${{ github.actor }}" == "dependabot[bot]" ]]; then + GENERATE_ARTIFACTS="false" + elif [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" == "${{ github.repository }}" ]]; then + GENERATE_ARTIFACTS="true" + elif [[ "${{ github.event_name }}" == "push" ]]; then + GENERATE_ARTIFACTS="true" + fi + echo "PUSH_ON_BUILD=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV + echo "BUILD_MULTI_ARCH_IMAGES=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Get built packages + uses: actions/download-artifact@v4 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build image + env: + IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/container-toolkit + VERSION: ${COMMIT_SHORT_SHA} + run: | + echo "${VERSION}" + make -f build/container/Makefile build-${{ matrix.dist }} \ No newline at end of file diff --git a/.github/workflows/pre-sanity.yml b/.github/workflows/pre-sanity.yml deleted file mode 100644 index 7e2ef582..00000000 --- a/.github/workflows/pre-sanity.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: Run pre sanity - -# run this workflow for each commit -on: [pull_request] - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Build dev image - run: make .build-image - - - name: Build - run: make docker-build - - - name: Tests - run: make docker-coverage - - - name: Checks - run: make docker-check