-
Notifications
You must be signed in to change notification settings - Fork 147
145 lines (123 loc) · 4.8 KB
/
compiler_publish_docker_images.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# Build and publish Docker images for different applications using AWS EC2.
name: Compiler - Docker images build & publish
on:
workflow_dispatch:
inputs:
instance_id:
description: 'Instance ID'
type: string
instance_image_id:
description: 'Instance AMI ID'
type: string
instance_type:
description: 'Instance product type'
type: string
runner_name:
description: 'Action runner name'
type: string
request_id:
description: 'Slab request ID'
type: string
matrix_item:
description: 'Build matrix item'
type: string
# concurrency:
# group: compiler_publish_docker_images-${{ github.ref }}
# cancel-in-progress: true
env:
THIS_FILE: .github/workflows/compiler_publish_docker_images.yml
jobs:
BuildAndPushDockerImages:
needs: [BuildAndPublishHPXDockerImage, BuildAndPublishCUDADockerImage]
name: Build & Publish Docker Images
runs-on: ${{ github.event.inputs.runner_name }}
strategy:
matrix:
include:
- name: test-env
image: ghcr.io/zama-ai/concrete-compiler
dockerfile: docker/Dockerfile.concrete-compiler-env
steps:
- name: Instance configuration used
run: |
echo "IDs: ${{ inputs.instance_id }}"
echo "AMI: ${{ inputs.instance_image_id }}"
echo "Type: ${{ inputs.instance_type }}"
echo "Request ID: ${{ inputs.request_id }}"
# SSH private key is required as some dependencies are from private repos
- uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.CONCRETE_CI_SSH_PRIVATE }}
- uses: actions/checkout@v3
with:
submodules: recursive
token: ${{ secrets.CONCRETE_ACTIONS_TOKEN }}
- name: Login to Registry
run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login -u ${{ secrets.GHCR_LOGIN }} --password-stdin ghcr.io
# label was initially a need from the frontend CI
- name: Build Image
run: |
DOCKER_BUILDKIT=1 docker build --no-cache \
--ssh default=${{ env.SSH_AUTH_SOCK }} \
--label "commit-sha=${{ github.sha }}" -t ${{ matrix.image }} -f ${{ matrix.dockerfile }} .
- name: Tag and Publish Image
run: |
docker image tag ${{ matrix.image }} ${{ matrix.image }}:${{ github.sha }}
docker image push ${{ matrix.image }}:latest
docker image push ${{ matrix.image }}:${{ github.sha }}
- name: Tag and Publish Release Image
if: startsWith(github.ref, 'refs/tags/v')
run: |
docker image tag ${{ matrix.image }} ${{ matrix.image }}:${{ github.ref_name }}
docker image push ${{ matrix.image }}:${{ github.ref_name }}
BuildAndPublishHPXDockerImage:
name: Build & Publish HPX Docker Image
runs-on: ${{ github.event.inputs.runner_name }}
env:
IMAGE: ghcr.io/zama-ai/hpx
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up env
run: |
echo "HOME=/home/ubuntu" >> "${GITHUB_ENV}"
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v44
- name: Login
id: login
if: contains(steps.changed-files.outputs.modified_files, 'docker/Dockerfile.hpx-env') || contains(steps.changed-files.outputs.modified_files, env.THIS_FILE)
run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login -u ${{ secrets.GHCR_LOGIN }} --password-stdin ghcr.io
- name: Build Tag and Publish
if: ${{ steps.login.conclusion != 'skipped' }}
run: |
docker build -t "${IMAGE}" -f docker/Dockerfile.hpx-env .
docker push "${IMAGE}:latest"
BuildAndPublishCUDADockerImage:
name: Build & Publish CUDA Docker Image
runs-on: ${{ github.event.inputs.runner_name }}
env:
IMAGE: ghcr.io/zama-ai/cuda
TAG: "12-3"
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up env
run: |
echo "HOME=/home/ubuntu" >> "${GITHUB_ENV}"
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v44
- name: Login
id: login
if: contains(steps.changed-files.outputs.modified_files, 'docker/Dockerfile.cuda-env') || contains(steps.changed-files.outputs.modified_files, env.THIS_FILE)
run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login -u ${{ secrets.GHCR_LOGIN }} --password-stdin ghcr.io
- name: Build Tag and Publish
if: ${{ steps.login.conclusion != 'skipped' }}
run: |
docker build -t "${IMAGE}" -f docker/Dockerfile.cuda-env .
docker image tag "${IMAGE}" "${IMAGE}:${TAG}"
docker push "${IMAGE}:latest"
docker push "${IMAGE}:${TAG}"