-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.yml
189 lines (175 loc) · 7.62 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
name: Setup Docker
version: 2.0.0
description: |
Setup Docker with layer caching, and login to container registry.
see https://docs.docker.com/build/ci/github-actions/cache/#local-cache
permissions:
contents: write
packages: write
inputs:
GITHUB_TOKEN:
description: |
GitHub token
This input is passed to the step that uses the action [docker/login-action] and will be set in the [password] input
This input is passed to the step that uses the action [actions/create-release] and will be set as the [env.GITHUB_TOKEN]
You'll likely pass this from a repository secret
For example: `secrets.GITHUB_TOKEN` which an org-level context variable setup for you by Github, or you can use your personal access token by setting it as a repository secret for use like this: `secrets.MY_PAT`
required: true
APP_DIRECTORY:
description: |
The root directory of the app being built.
Useful for multi-app repos.
For example:
- Single-app repository: .
- Multi-app repository: ./app-dir
This input is passed to the action [docker/build-push-action] as the [context] input
required: true
default: .
DOCKERFILE_LOCATION:
description: |
The location of the Dockerfile, relative to the root of this repository.
Note: Not relative to WORKING_DIRECTORY.
If this is a multi-app repository, include the full path from the root of the repository to the subdirectory of the app.
For example:
- Single app repository: ./Dockerfile
- Multi-app repository: ./app-dir/Dockerfile
This input is passed to the step that uses the action [docker/build-push-action] and will be set in the [file] input
required: true
default: ./Dockerfile
IMAGE_NAME:
description: |
The name of the docker image.
Do not include the tag.
For example:
- my_custom_docker_image
The full image name to pull will be [ghcr.io/enfuse/my_custom_docker_image:latest]
This input is passed to the step that uses the action [docker/build-push-action] and will be set in the [tags] input after being interpolated
This input is passed to the step that uses the action [docker/metadata-action] and will be set in the [images] input after being interpolated as the image name
required: true
GIT_TAG_PREFIX:
description: |
This is the tag name that will trigger a release, and become the release version prefix.
Do not include a version number (it will be extracted from the pushed tag)
This input is used to detect a newly pushed tag so the version number can be extracted and used as the release version
For example:
- name_of_my_custom_app
It's assumed that this will be the prefix of a pushed tag that looks like: [name_of_my_custom_app-1.0.3]
This input is passed to the step with the id [extract_version]
This input is passed to the step that uses the action [actions/create-release], and will be set in the [tag_name] and [release_name] inputs
required: true
DOCKER_BUILD_ARGUMENTS:
description: |
Build args for the dockerfile.
These should be key-value pairs coupled with "=" and delimited with newlines
(use the | character to make a multiline yaml string that preserves newlines)
For example:
|
"HF_TOKEN=my-huggingface-token"
"NVIDIA_API_KEY=my-nvidia-api-key"
Note that the example above is passing secrets into the image, which isn't best-practice, but it's better than committing secrets as hardcoded values
This input is passed to the step that uses the action [docker/build-push-action] and will be set in the [build-args] input
required: false
INTEGRATION_TEST_SCRIPT_PATH:
description: |
Optionally run integration tests after building the image, but before pushing it.
Omitting a path will skip this step
The path should lead to a script that will run the integration tests
The script must return an exit code when completed to indicate success/failure, so we only push the image if the tests pass
required: false
DOCKER_BUILD_NO_CACHE:
description: |
Disable the use of cached layers when building the image
default: false
required: false
runs:
using: "composite"
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
lfs: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Create cache directory
shell: bash
run: mkdir -p /tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}
- name: Cache Docker layers
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Log in to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ inputs.GITHUB_TOKEN }}
- name: Extract version number from the tag
id: extract_version
shell: bash
run: |
version_number=$(echo "${GITHUB_REF}" | sed 's/refs\/tags\/${{ inputs.GIT_TAG_PREFIX }}-//')
echo "version_number=$version_number" >> $GITHUB_ENV
- name: Extract metadata for Docker
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/enfuse/${{ inputs.IMAGE_NAME }}:${{ env.version_number }}
# build local image
- name: Build local Docker image for integration test
id: build-for-integration-test
uses: docker/build-push-action@v2
with:
context: ${{ inputs.APP_DIRECTORY }}
file: ${{ inputs.DOCKERFILE_LOCATION }}
load: true
tags: |
ghcr.io/enfuse/${{ inputs.IMAGE_NAME }}:${{ env.version_number }}
ghcr.io/enfuse/${{ inputs.IMAGE_NAME }}:latest
labels: ${{ steps.meta.outputs.labels }}
no-cache: ${{ inputs.DOCKER_BUILD_NO_CACHE }}
cache-from: type=local,src=/tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}
cache-to: type=local,dest=/tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}-new,mode=max
build-args: |
${{ inputs.DOCKER_BUILD_ARGUMENTS }}
- # Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
name: Roll cache
shell: bash
run: |
rm -rf /tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}
mv /tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}-new /tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}
# integration test
- name: Run integration test
if: ${{ inputs.INTEGRATION_TEST_SCRIPT_PATH != '' }}
shell: bash
run: |
bash ${{ inputs.INTEGRATION_TEST_SCRIPT_PATH }}
# push image to container repo
- name: Push Docker image
id: push
uses: docker/build-push-action@v2
with:
context: ${{ inputs.APP_DIRECTORY }}
file: ${{ inputs.DOCKERFILE_LOCATION }}
push: true
tags: |
ghcr.io/enfuse/${{ inputs.IMAGE_NAME }}:${{ env.version_number }}
ghcr.io/enfuse/${{ inputs.IMAGE_NAME }}:latest
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=local,src=/tmp/.buildx-cache-${{ inputs.IMAGE_NAME }}
build-args: |
${{ inputs.DOCKER_BUILD_ARGUMENTS }}
- name: Create release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ inputs.GITHUB_TOKEN }}
with:
tag_name: ${{ inputs.GIT_TAG_PREFIX }}-${{ env.version_number }}
release_name: Release ${{ inputs.GIT_TAG_PREFIX }}-${{ env.version_number }}
draft: false
prerelease: false