-
Notifications
You must be signed in to change notification settings - Fork 8
185 lines (170 loc) · 7.67 KB
/
docker-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
name: Docker Build
on:
merge_group:
types: [ checks_requested ]
pull_request:
branches:
- main
push:
branches:
- main
tags:
- "[0-9]+.[0-9]+.[0-9]+"
- "[0-9]+.[0-9]+.[0-9]+-RC[0-9]+"
workflow_dispatch:
env:
REGISTRY: ghcr.io
IS_PR: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}
jobs:
build:
name: Build ${{ matrix.docker.jibImage || matrix.docker.image }} Docker Image
runs-on: ubuntu-24.04
permissions:
packages: write
strategy:
matrix:
# Define the Docker images to build. The job first builds an image using Docker which is used for the ui and for
# worker base images. Then the job builds an image using Jib. Both steps are optional, e.g., not all Jib builds
# need a base image, and the ui build does not need a Jib build.
#
# If the image is built with Docker:
# preparationTask (optional): Gradle task to run before building the image.
# image: Name of the image, used for the Docker image name.
# context: Path to the Docker context directory.
# dockerfile: Path of the Dockerfile to use, relative to context.
#
# If the image is built with Jib:
# jibImage: Name of the image built by Jib.
# task: Gradle task to build the image.
#
# Optional properties:
# freeDiskSpace: Whether to free disk space before building the image.
docker:
- jibImage: core
task: :core:jibDockerBuild
- jibImage: orchestrator
task: :orchestrator:jibDockerBuild
- jibImage: kubernetes-jobmonitor
task: :kubernetes:jobmonitor:jibDockerBuild
- jibImage: maintenance-tasks
task: :tasks:jibDockerBuild
- jibImage: advisor-worker
task: :workers:advisor:jibDockerBuild
- image: analyzer-worker-base-image
context: workers/analyzer/docker
dockerfile: Analyzer.Dockerfile
jibImage: analyzer-worker
task: :workers:analyzer:jibDockerBuild
freeDiskSpace: true
- image: config-worker-base-image
context: workers/config/docker
dockerfile: Config.Dockerfile
jibImage: config-worker
task: :workers:config:jibDockerBuild
- image: evaluator-worker-base-image
context: workers/evaluator/docker
dockerfile: Evaluator.Dockerfile
jibImage: evaluator-worker
task: :workers:evaluator:jibDockerBuild
- image: notifier-worker-base-image
context: workers/notifier/docker
dockerfile: Notifier.Dockerfile
jibImage: notifier-worker
task: :workers:notifier:jibDockerBuild
- image: reporter-worker-base-image
context: workers/reporter/docker
dockerfile: Reporter.Dockerfile
jibImage: reporter-worker
task: :workers:reporter:jibDockerBuild
- image: scanner-worker-base-image
context: workers/scanner/docker
dockerfile: Scanner.Dockerfile
jibImage: scanner-worker
task: :workers:scanner:jibDockerBuild
- jibImage: cli
task: :cli:jibDockerBuild
- preparationTask: :core:generateOpenApiSpec
image: ui
context: ui
dockerfile: docker/UI.Dockerfile
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Free Disk Space
if: ${{ matrix.docker.freeDiskSpace }}
uses: ./.github/actions/free-disk-space
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3
- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Gradle
uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4
- name: Get ORT-Server Version
run: |
ORT_SERVER_VERSION=$(./gradlew -q properties --property version | sed -nr 's/version: (.+)/\1/p')
echo "ORT_SERVER_VERSION=${ORT_SERVER_VERSION}" >> $GITHUB_ENV
- name: Run Preparation Task ${{ matrix.docker.preparationTask }}
if: ${{ matrix.docker.preparationTask != '' }}
run: ./gradlew ${{ matrix.docker.preparationTask }}
- name: Extract Docker Metadata for ${{ matrix.docker.image }} Image
if: ${{ matrix.docker.dockerfile != '' }}
id: meta-base
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5
with:
images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}
tags: |
type=raw,value=${{ env.ORT_SERVER_VERSION }}
type=ref,event=branch
type=sha
type=raw,value=latest,enable={{ is_default_branch }}
- name: Set cache-to
run: |
# Only write to the registry cache if the workflow is not running for a PR.
echo "CACHE_TO=$([[ ${{ env.IS_PR }} == 'false' ]] && echo 'type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}:cache,mode=max' || echo '')" >> $GITHUB_ENV
# Load the image to the Docker daemon if it is required as a base image for the Jib build.
echo "LOAD_IMAGE=$([[ '${{ matrix.docker.task }}' != '' ]] && echo 'true' || echo 'false')" >> $GITHUB_ENV
# Push the image to the registry if it is not a PR and no Jib build is configured.
echo "PUSH_IMAGE=$([[ ${{ env.IS_PR }} == 'false' && '${{ matrix.docker.task }}' == '' ]] && echo 'true' || echo 'false')" >> $GITHUB_ENV
- name: Build ${{ matrix.docker.image }} Image
if: ${{ matrix.docker.dockerfile != '' }}
uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6
with:
context: ${{ matrix.docker.context }}
file: ${{ matrix.docker.context }}/${{ matrix.docker.dockerfile }}
push: ${{ env.PUSH_IMAGE }}
load: ${{ env.LOAD_IMAGE }}
tags: ${{ steps.meta-base.outputs.tags }}
labels: ${{ steps.meta-base.outputs.labels }}
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}:cache
cache-to: ${{ env.CACHE_TO }}
- name: Extract Docker Metadata for ${{ matrix.docker.jibImage }} Image
if: ${{ matrix.docker.task != '' }}
id: meta
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5
with:
tags: |
type=raw,value=${{ env.ORT_SERVER_VERSION }}
type=ref,event=branch
type=sha
type=raw,value=latest,enable={{ is_default_branch }}
- name: Build ${{ matrix.docker.jibImage }} Image
if: ${{ matrix.docker.task != '' }}
run: |
./gradlew \
-PdockerBaseImagePrefix=docker://${{ env.REGISTRY }}/${{ github.repository_owner }}/ \
-PdockerBaseImageTag=${{ env.ORT_SERVER_VERSION }} \
-PdockerImagePrefix=${{ env.REGISTRY }}/${{ github.repository_owner }}/ \
-PdockerImageTag=${{ env.ORT_SERVER_VERSION }} \
${{ matrix.docker.task }} \
-Djib.console=plain \
-Djib.container.labels="$(echo "${{ steps.meta.outputs.labels }}" | tr '\n' ',' | sed 's/,$//')" \
-Djib.to.tags="$(echo "${{ steps.meta.outputs.tags }}" | tr '\n' ',' | sed 's/,$//')"
if [ "${{ env.IS_PR }}" = "false" ]; then
docker push ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.jibImage }} --all-tags
fi