diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 00000000..4efcaf2a --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,53 @@ +# Copyright 2025 NVIDIA CORPORATION +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: CI Pipeline + +on: + push: + branches: + - "pull-request/[0-9]+" + - main + - release-* + +jobs: + code-scanning: + uses: ./.github/workflows/code_scanning.yaml + + variables: + runs-on: ubuntu-latest + outputs: + version: ${{ steps.version.outputs.version }} + steps: + - name: Generate Commit Short SHA + id: version + run: echo "version=$(echo $GITHUB_SHA | cut -c1-8)" >> "$GITHUB_OUTPUT" + + golang: + uses: ./.github/workflows/golang.yaml + + image: + uses: ./.github/workflows/image.yaml + needs: [variables, golang, code-scanning] + secrets: inherit + with: + version: ${{ needs.variables.outputs.version }} + build_multi_arch_images: ${{ github.ref_name == 'main' || startsWith(github.ref_name, 'release-') }} + + e2e-test: + needs: [image, variables] + secrets: inherit + uses: ./.github/workflows/e2e.yaml + with: + version: ${{ needs.variables.outputs.version }} diff --git a/.github/workflows/code_scanning.yaml b/.github/workflows/code_scanning.yaml index 214c432e..39774a59 100644 --- a/.github/workflows/code_scanning.yaml +++ b/.github/workflows/code_scanning.yaml @@ -15,6 +15,7 @@ name: "CodeQL" on: + workflow_call: {} pull_request: types: - opened @@ -22,10 +23,6 @@ on: branches: - main - release-* - push: - branches: - - main - - release-* jobs: analyze: diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index dd2259b3..c5d8e158 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -16,7 +16,10 @@ name: End-to-end Tests on: workflow_call: - inputs: {} + inputs: + version: + required: true + type: string secrets: AWS_ACCESS_KEY_ID: required: true @@ -67,8 +70,8 @@ jobs: - name: Run e2e tests env: - IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/container-toolkit - VERSION: ${COMMIT_SHORT_SHA} + IMAGE_NAME: ghcr.io/nvidia/container-toolkit + VERSION: ${{ inputs.version }} SSH_KEY: ${{ secrets.AWS_SSH_KEY }} E2E_SSH_USER: ${{ secrets.E2E_SSH_USER }} E2E_SSH_HOST: ${{ steps.holodeck_public_dns_name.outputs.result }} diff --git a/.github/workflows/golang.yaml b/.github/workflows/golang.yaml index 6822dfae..0a7e07d9 100644 --- a/.github/workflows/golang.yaml +++ b/.github/workflows/golang.yaml @@ -15,6 +15,7 @@ name: Golang on: + workflow_call: {} pull_request: types: - opened @@ -22,10 +23,6 @@ on: branches: - main - release-* - push: - branches: - - main - - release-* jobs: check: diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml index 43fe1909..b338b69c 100644 --- a/.github/workflows/image.yaml +++ b/.github/workflows/image.yaml @@ -16,11 +16,14 @@ name: image on: - push: - branches: - - "pull-request/[0-9]+" - - main - - release-* + workflow_call: + inputs: + version: + required: true + type: string + build_multi_arch_images: + required: true + type: string jobs: packages: @@ -46,20 +49,25 @@ jobs: - ispr: true target: centos8-ppc64le fail-fast: false + steps: - uses: actions/checkout@v4 name: Check out code + - name: Set up QEMU uses: docker/setup-qemu-action@v3 with: image: tonistiigi/binfmt:master + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: build ${{ matrix.target }} packages run: | sudo apt-get install -y coreutils build-essential sed git bash make echo "Building packages" ./scripts/build-packages.sh ${{ matrix.target }} + - name: 'Upload Artifacts' uses: actions/upload-artifact@v4 with: @@ -84,24 +92,15 @@ jobs: steps: - uses: actions/checkout@v4 name: Check out code - - name: Calculate build vars - id: vars - run: | - echo "COMMIT_SHORT_SHA=${GITHUB_SHA:0:8}" >> $GITHUB_ENV - echo "LOWERCASE_REPO_OWNER=$(echo "${GITHUB_REPOSITORY_OWNER}" | awk '{print tolower($0)}')" >> $GITHUB_ENV - BUILD_MULTI_ARCH_IMAGES="true" - if [[ "${{ matrix.ispr }}" == "true" ]]; then - BUILD_MULTI_ARCH_IMAGES="false" - fi - echo "PUSH_ON_BUILD=true" >> $GITHUB_ENV - echo "BUILD_MULTI_ARCH_IMAGES=${BUILD_MULTI_ARCH_IMAGES}" >> $GITHUB_ENV - name: Set up QEMU uses: docker/setup-qemu-action@v3 with: image: tonistiigi/binfmt:master + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Get built packages uses: actions/download-artifact@v4 with: @@ -115,16 +114,13 @@ jobs: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Build image env: - IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/container-toolkit - VERSION: ${COMMIT_SHORT_SHA} + IMAGE_NAME: ghcr.io/nvidia/container-toolkit + VERSION: ${{ inputs.version }} + PUSH_ON_BUILD: "true" + BUILD_MULTI_ARCH_IMAGES: ${{ inputs.build_multi_arch_images }} run: | echo "${VERSION}" make -f deployments/container/Makefile build-${{ matrix.dist }} - - test: - name: End-to-end Tests - uses: ./.github/workflows/e2e.yaml - secrets: inherit - needs: image