ci: Test runner with containerd and local cache #393
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish zk-environment Docker images | |
on: | |
# Workflow dispatch, to allow building and pushing new environments. | |
# It will NOT mark them as latest. | |
workflow_dispatch: | |
inputs: | |
build_cuda: | |
description: "Build CUDA images or not" | |
type: boolean | |
required: false | |
default: false | |
push: | |
branches: | |
- main | |
paths: | |
- "docker/zk-environment/**" | |
- ".github/workflows/zk-environment-publish.yml" | |
pull_request: | |
branches: | |
- main | |
paths: | |
- "docker/zk-environment/**" | |
- ".github/workflows/zk-environment-publish.yml" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
jobs: | |
changed_files: | |
outputs: | |
zk_environment: ${{ steps.changed-files-yaml.outputs.zk_env_any_changed }} | |
zk_environment_cuda_11_8: ${{ steps.changed-files-yaml.outputs.zk_env_cuda_11_8_any_changed }} | |
zk_environment_cuda_12_0: ${{ steps.changed-files-yaml.outputs.zk_env_cuda_12_any_changed }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
submodules: "recursive" | |
- name: Get changed files | |
id: changed-files-yaml | |
uses: tj-actions/changed-files@fea790cb660e33aef4bdf07304e28fedd77dfa13 # v39 | |
with: | |
files_yaml: | | |
zk_env: | |
- docker/zk-environment/Dockerfile | |
- .github/workflows/zk-environment-publish.yml | |
zk_env_cuda_11_8: | |
- docker/zk-environment/22.04_amd64_cuda_11_8.Dockerfile | |
- .github/workflows/zk-environment-publish.yml | |
zk_env_cuda_12: | |
- docker/zk-environment/22.04_amd64_cuda_12_0.Dockerfile | |
- .github/workflows/zk-environment-publish.yml | |
get_short_sha: | |
if: ${{ (needs.changed_files.outputs.zk_environment == 'true') || (github.event_name == 'workflow_dispatch') }} | |
needs: [changed_files] | |
runs-on: ubuntu-latest | |
outputs: | |
short_sha: ${{ steps.set_short_sha.outputs.short_sha }} | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
submodules: "recursive" | |
- name: Set short SHA | |
id: set_short_sha | |
run: echo "short_sha=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT | |
zk_environment: | |
# Build and push new environment, if workflow dispatch is requested. | |
if: ${{ (needs.changed_files.outputs.zk_environment == 'true') || (github.event_name == 'workflow_dispatch') }} | |
# Needed to push to Gihub Package Registry | |
permissions: | |
packages: write | |
contents: read | |
needs: [changed_files, get_short_sha] | |
name: Build and optionally push zk-environment Docker images to Docker Hub | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- runner: matterlabs-ci-runner-high-performance-test | |
arch: amd64 | |
- runner: matterlabs-ci-runner-arm | |
arch: arm64 | |
runs-on: ${{ matrix.runner }} | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
submodules: "recursive" | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0 | |
- name: Log in to Docker Hub | |
if: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch') }} | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
username: ${{ secrets.DOCKERHUB_USER }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
if: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch') }} | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and optionally push zk-environment lightweight | |
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 | |
with: | |
file: docker/zk-environment/Dockerfile | |
target: rust-lightweight | |
tags: | | |
matterlabs/zk-environment:${{ needs.get_short_sha.outputs.short_sha }}-lightweight-${{ matrix.arch }} | |
ghcr.io/${{ github.repository_owner }}/zk-environment:${{ needs.get_short_sha.outputs.short_sha }}-lightweight-${{ matrix.arch }} | |
build-args: ARCH=${{ matrix.arch }} | |
push: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch') }} | |
- name: Build and optionally push zk-environment lightweight Rust nightly | |
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 | |
with: | |
file: docker/zk-environment/Dockerfile | |
target: rust-lightweight-nightly | |
tags: | | |
matterlabs/zk-environment:${{ needs.get_short_sha.outputs.short_sha }}-lightweight-nightly-${{ matrix.arch }} | |
ghcr.io/${{ github.repository_owner }}/zk-environment:${{ needs.get_short_sha.outputs.short_sha }}-lightweight-nightly-${{ matrix.arch }} | |
build-args: ARCH=${{ matrix.arch }} | |
push: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch') }} | |
zk_environment_multiarch_manifest: | |
# We'll update the 'latest' tag, only on environments generated from 'main'. | |
if: needs.changed_files.outputs.zk_environment == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/main' | |
# Needed to push to Gihub Package Registry | |
permissions: | |
packages: write | |
contents: read | |
needs: [changed_files, get_short_sha, zk_environment] | |
# TODO: After migraton switch to CI | |
runs-on: [matterlabs-default-infra-runners] | |
steps: | |
- name: Login to DockerHub | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
username: ${{ secrets.DOCKERHUB_USER }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Create and push multi-arch zk-environment lightweight manifests for Dockerhub | |
shell: bash | |
run: | | |
images=("lightweight" "lightweight-nightly") | |
archs=("amd64" "arm64") | |
for img in "${images[@]}"; do | |
multiarch_tag="matterlabs/zk-environment:latest2.0-${img}" | |
individual_images=() | |
for arch in "${archs[@]}"; do | |
TAG="${{ needs.get_short_sha.outputs.short_sha }}-${img}-${arch}" | |
docker pull matterlabs/zk-environment:${TAG} --platform linux/${arch} | |
individual_images+=("matterlabs/zk-environment:${TAG}") | |
done | |
docker buildx imagetools create --tag "${multiarch_tag}" "${individual_images[@]}" | |
done | |
- name: Create and push multi-arch zk-environment lightweight manifests for GitHub Container Registry | |
shell: bash | |
run: | | |
images=("lightweight" "lightweight-nightly") | |
archs=("amd64" "arm64") | |
for img in "${images[@]}"; do | |
multiarch_tag="ghcr.io/${{ github.repository_owner }}/zk-environment:latest2.0-${img}" | |
individual_images=() | |
for arch in "${archs[@]}"; do | |
TAG="${{ needs.get_short_sha.outputs.short_sha }}-${img}-${arch}" | |
docker pull ghcr.io/${{ github.repository_owner }}/zk-environment:${TAG} --platform linux/${arch} | |
individual_images+=("ghcr.io/${{ github.repository_owner }}/zk-environment:${TAG}") | |
done | |
docker buildx imagetools create --tag "${multiarch_tag}" "${individual_images[@]}" | |
done | |
zk_environment_cuda: | |
# Needed to push to Gihub Package Registry | |
permissions: | |
packages: write | |
contents: read | |
needs: changed_files | |
runs-on: [matterlabs-ci-runner-high-performance-test] | |
strategy: | |
matrix: | |
cuda_version: ['11_8', '12_0'] | |
steps: | |
- name: Evaluate condition | |
id: condition | |
run: | | |
key="zk_environment_cuda_${{ matrix.cuda_version }}" | |
changed_files_output=$(echo '${{ toJson(needs.changed_files.outputs) }}' | jq -r ".$key") | |
echo "should_run=$changed_files_output" >> "$GITHUB_OUTPUT" | |
- name: Checkout code | |
if: ${{ (steps.condition.outputs.should_run == 'true') || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
submodules: "recursive" | |
- name: Log in to US GAR | |
if: ${{ (steps.condition.outputs.should_run == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
run: | | |
gcloud auth print-access-token --lifetime=7200 --impersonate-service-account=gha-ci-runners@matterlabs-infra.iam.gserviceaccount.com | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev | |
- name: Log in to Docker Hub | |
if: ${{ (steps.condition.outputs.should_run == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
username: ${{ secrets.DOCKERHUB_USER }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
if: ${{ (steps.condition.outputs.should_run == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up QEMU | |
if: ${{ (steps.condition.outputs.should_run == 'true') || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Set up Docker Buildx | |
if: ${{ (steps.condition.outputs.should_run == 'true') || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0 | |
- name: Build and optionally push | |
if: ${{ (steps.condition.outputs.should_run == 'true') || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 | |
with: | |
file: docker/zk-environment/22.04_amd64_cuda_${{ matrix.cuda_version }}.Dockerfile | |
push: ${{ ( github.event_name == 'push' && github.ref == 'refs/heads/main' ) || (github.event_name == 'workflow_dispatch' && inputs.build_cuda) }} | |
tags: | | |
us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/zk-environment-cuda-${{ matrix.cuda_version }}:latest | |
matterlabs/zk-environment:cuda-${{ matrix.cuda_version }}-latest | |
ghcr.io/${{ github.repository_owner }}/zk-environment:cuda-${{ matrix.cuda_version }}-latest |