Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and push docker image with soci indexes to ghcr | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- 'INFRA-2132-soci' | |
jobs: | |
build-and-push-image: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
runs-on: a100-runner | |
permissions: | |
contents: write | |
packages: write | |
# This is used to complete the identity challenge | |
# with sigstore/fulcio when running outside of PRs. | |
id-token: write | |
security-events: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Free Disk Space (Ubuntu) | |
uses: jlumbroso/free-disk-space@main | |
with: | |
tool-cache: false | |
android: true | |
dotnet: true | |
haskell: true | |
large-packages: false | |
swap-storage: true | |
- name: Install soci | |
uses: lerentis/[email protected] | |
with: | |
soci-release: 'v0.4.0' | |
# - name: Set up QEMU | |
# uses: docker/[email protected] | |
# - name: Set up Docker Buildx | |
# uses: docker/[email protected] | |
- name: Set up containerd for ubuntu | |
uses: crazy-max/[email protected] | |
- name: Install skopeo | |
run: sudo apt-get -y update && sudo apt-get -y install skopeo | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
ghcr.io/predibase/lorax | |
tags: | | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=sha,prefix=,suffix=,format=short | |
type=raw,value=latest | |
- name: Build Docker Image | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
file: ./Dockerfile # Path to your Dockerfile | |
push: false | |
tags: ${{ steps.meta.outputs.tags }} | |
- name: Export image to OCI using skopeo | |
env: | |
tags: ${{ steps.meta.outputs.tags }} | |
run: | | |
for tag in $tags | |
do | |
tag_sanitized=$(echo -n "$tag" | md5sum) | |
echo "Converting $tag to OCI" | |
skopeo copy docker-daemon:$tag oci:/tmp/lorax-$tag_sanitized.tar | |
done | |
- name: Import image in containerd | |
env: | |
tags: ${{ steps.meta.outputs.tags }} | |
run: | | |
for tag in $tags | |
do | |
tag_sanitized=$(echo -n "$tag" | md5sum) | |
echo "Importing $tag_sanitized to GHCR" | |
sudo ctr i import --digests /tmp/lorax-$tag_sanitized.tar | |
done | |
- name: Log in to GitHub Container Registry | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GHCR_PAT }} | |
- name: Push image with containerd | |
env: | |
tags: ${{ steps.meta.outputs.tags }} | |
run: | | |
for tag in $tags | |
do | |
echo "Pushing $tag to GHCR" | |
sudo ctr i push --user "${{ github.repository_owner }}:${{ secrets.GHCR_PAT }}" $tag | |
done | |
- name: Create and push soci index | |
env: | |
tags: ${{ steps.meta.outputs.tags }} | |
run: | | |
export SOCI_PATH=$HOME/.soci/soci | |
for tag in $tags | |
do | |
echo "Creating soci index for $tag" | |
sudo $SOCI_PATH create $tag | |
echo "Pushing soci index for $tag" | |
sudo $SOCI_PATH push --user ${{ github.repository_owner }}:${{ secrets.GHCR_PAT }} $tag | |
done | |
- name: Prune older images | |
env: | |
sha_short: ${{ steps.vars.outputs.sha_short }} | |
run: | | |
# Delete images older than a day from docker store | |
docker image prune -a -f --filter "until=24h" | |
# Delete the on disk copy | |
for tag in $tags | |
do | |
tag_sanitized=$(echo -n "$tag" | md5sum) | |
echo "Deleting $tag_sanitized from Disk" | |
rm -rf "/tmp/lorax-$tag_sanitized.tar" | |
done | |
# Delete the SHA image(s) from containerd store | |
sudo ctr i rm $(sudo ctr i ls -q) | |