Skip to content

Workflow file for this run

name: Build and push docker image with soci indexes to ghcr
on:
workflow_dispatch:
push:
branches:
- 'INFRA-2132-soci'
jobs:
build-and-push-image:
concurrency:
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
runs-on: a100-runner
permissions:
contents: write
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
submodules: recursive
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: false
swap-storage: true
- name: Install soci
uses: lerentis/[email protected]
with:
soci-release: 'v0.4.0'
# - name: Set up QEMU
# uses: docker/[email protected]
# - name: Set up Docker Buildx
# uses: docker/[email protected]
- name: Set up containerd for ubuntu
uses: crazy-max/[email protected]
- name: Install skopeo
run: sudo apt-get -y update && sudo apt-get -y install skopeo
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/predibase/lorax
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
type=raw,value=latest
- name: Build Docker Image
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile # Path to your Dockerfile
push: false
tags: ${{ steps.meta.outputs.tags }}
- name: Export image to OCI using skopeo
env:
tags: ${{ steps.meta.outputs.tags }}
run: |
for tag in $tags
do
tag_sanitized=$(echo -n "$tag" | md5sum)
echo "Converting $tag to OCI"
skopeo copy docker-daemon:$tag oci:/tmp/lorax-$tag_sanitized.tar
done
- name: Import image in containerd
env:
tags: ${{ steps.meta.outputs.tags }}
run: |
for tag in $tags
do
tag_sanitized=$(echo -n "$tag" | md5sum)
echo "Importing $tag_sanitized to GHCR"
sudo ctr i import --digests /tmp/lorax-$tag_sanitized.tar
done
- name: Log in to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_PAT }}
- name: Push image with containerd
env:
tags: ${{ steps.meta.outputs.tags }}
run: |
for tag in $tags
do
echo "Pushing $tag to GHCR"
sudo ctr i push --user "${{ github.repository_owner }}:${{ secrets.GHCR_PAT }}" $tag
done
- name: Create and push soci index
env:
tags: ${{ steps.meta.outputs.tags }}
run: |
export SOCI_PATH=$HOME/.soci/soci
for tag in $tags
do
echo "Creating soci index for $tag"
sudo $SOCI_PATH create $tag
echo "Pushing soci index for $tag"
sudo $SOCI_PATH push --user ${{ github.repository_owner }}:${{ secrets.GHCR_PAT }} $tag
done
- name: Prune older images
env:
sha_short: ${{ steps.vars.outputs.sha_short }}
run: |
# Delete images older than a day from docker store
docker image prune -a -f --filter "until=24h"
# Delete the on disk copy
for tag in $tags
do
tag_sanitized=$(echo -n "$tag" | md5sum)
echo "Deleting $tag_sanitized from Disk"
rm -rf "/tmp/lorax-$tag_sanitized.tar"
done
# Delete the SHA image(s) from containerd store
sudo ctr i rm $(sudo ctr i ls -q)