daviestechlabs/kuberay-images
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
kuberay-images/.gitea/workflows/build-push.yaml
Billy D. ff6bce5b4f
All checks were successful
Build and Push Images / build (Dockerfile.ray-worker-rdna2, rdna2) (push) Has been skipped
Details
Build and Push Images / build (Dockerfile.ray-worker-strixhalo, strixhalo) (push) Has been skipped
Details
Build and Push Images / Release (push) Has been skipped
Details
Build and Push Images / determine-version (push) Successful in 1m6s
Details
Build and Push Images / build (Dockerfile.ray-worker-intel, intel) (push) Has been skipped
Details
Build and Push Images / build (Dockerfile.ray-worker-nvidia, nvidia) (push) Has been skipped
Details
Build and Push Images / Notify (push) Successful in 1s
Details
fix: switch to plain docker build/push with insecure registry [skip images] 
- Drop buildx (setup-buildx-action, build-push-action, buildkit config)
- Remove stale buildx builder cleanup step
- Use insecure registry config with SIGHUP daemon reload
- Use CLI docker login with org-level PAT secrets
- Drop registry build cache (incompatible with plain docker build)
2026-02-21 22:40:13 -05:00

227 lines
8.5 KiB
YAML
Raw Permalink Blame History

name: Build and Push Images
on:
push:
branches:
- main
tags:
- 'v*'
paths:
- 'dockerfiles/**'
- 'amdsmi-shim/**'
- '.gitea/workflows/build-push.yaml'
pull_request:
branches:
- main
paths:
- 'dockerfiles/**'
- 'amdsmi-shim/**'
- '.gitea/workflows/build-push.yaml'
workflow_dispatch:
inputs:
image:
description: 'Image to build (all, nvidia, rdna2, strixhalo, intel)'
required: false
default: 'all'
env:
# Use internal HTTP endpoint (avoids Cloudflare 100MB limit and HTTPS issues)
REGISTRY: gitea-http.gitea.svc.cluster.local:3000/daviestechlabs
REGISTRY_HOST: gitea-http.gitea.svc.cluster.local:3000
NTFY_URL: http://ntfy.observability.svc.cluster.local:80
jobs:
# Determine semantic version BEFORE building images
determine-version:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.version.outputs.version }}
bump: ${{ steps.version.outputs.bump }}
should_release: ${{ steps.version.outputs.should_release }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Calculate semantic version
id: version
run: |
# Skip version calculation for PRs and tag pushes
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
echo "version=pr-${{ github.event.number }}" >> $GITHUB_OUTPUT
echo "bump=none" >> $GITHUB_OUTPUT
echo "should_release=false" >> $GITHUB_OUTPUT
exit 0
fi
# For tag pushes, use the tag directly
if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
VERSION="${{ github.ref_name }}"
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "bump=tag" >> $GITHUB_OUTPUT
echo "should_release=false" >> $GITHUB_OUTPUT
exit 0
fi
# Get latest tag or default to v0.0.0
LATEST=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.0.0")
VERSION=${LATEST#v}
IFS='.' read -r MAJOR MINOR PATCH <<< "$VERSION"
# Check commit message for version bump keywords
MSG="${{ github.event.head_commit.message }}"
if echo "$MSG" | grep -qiE "^major:|BREAKING CHANGE"; then
MAJOR=$((MAJOR + 1)); MINOR=0; PATCH=0
BUMP="major"
elif echo "$MSG" | grep -qiE "^(minor:|feat:|feature:)"; then
MINOR=$((MINOR + 1)); PATCH=0
BUMP="minor"
else
PATCH=$((PATCH + 1))
BUMP="patch"
fi
NEW_VERSION="v${MAJOR}.${MINOR}.${PATCH}"
echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT
echo "bump=$BUMP" >> $GITHUB_OUTPUT
echo "should_release=true" >> $GITHUB_OUTPUT
echo "📦 Version: $LATEST → $NEW_VERSION ($BUMP bump)"
# Build all GPU worker images using a matrix strategy
# Runs sequentially on single runner, but one job definition = simpler dependency graph
build:
needs: [determine-version]
if: "!contains(github.event.head_commit.message, '[skip images]') && !contains(github.event.head_commit.message, '[ray-serve only]')"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- name: nvidia
dockerfile: Dockerfile.ray-worker-nvidia
- name: rdna2
dockerfile: Dockerfile.ray-worker-rdna2
- name: strixhalo
dockerfile: Dockerfile.ray-worker-strixhalo
- name: intel
dockerfile: Dockerfile.ray-worker-intel
steps:
# For workflow_dispatch, allow building a single image
- name: Check if should build this variant
id: check
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
INPUT="${{ github.event.inputs.image }}"
if [[ -n "$INPUT" && "$INPUT" != "all" && "$INPUT" != "${{ matrix.name }}" ]]; then
echo "skip=true" >> $GITHUB_OUTPUT
echo "⏭ Skipping ${{ matrix.name }} (dispatch requested: $INPUT)"
exit 0
fi
fi
echo "skip=false" >> $GITHUB_OUTPUT
echo "🔨 Building ${{ matrix.name }}"
- name: Checkout
if: steps.check.outputs.skip != 'true'
uses: actions/checkout@v4
- name: Configure insecure registry
if: steps.check.outputs.skip != 'true'
run: |
sudo mkdir -p /etc/docker
echo '{"insecure-registries": ["${{ env.REGISTRY_HOST }}"]}' | sudo tee /etc/docker/daemon.json
sudo kill -SIGHUP "$(pidof dockerd)" || true
sleep 3
- name: Login to Gitea Registry
if: steps.check.outputs.skip != 'true' && github.event_name != 'pull_request'
run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "${{ env.REGISTRY_HOST }}" -u "${{ secrets.REGISTRY_USER }}" --password-stdin
- name: Login to Docker Hub
if: steps.check.outputs.skip != 'true' && vars.DOCKERHUB_USERNAME != ''
run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ vars.DOCKERHUB_USERNAME }}" --password-stdin
- name: Extract metadata
if: steps.check.outputs.skip != 'true'
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/ray-worker-${{ matrix.name }}
tags: |
type=raw,value=${{ needs.determine-version.outputs.version }}
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push
if: steps.check.outputs.skip != 'true'
run: |
# Build with all tags
TAGS=""
while IFS= read -r tag; do
[ -n "$tag" ] && TAGS="$TAGS -t $tag"
done <<< "${{ steps.meta.outputs.tags }}"
docker build $TAGS \
--label "org.opencontainers.image.source=${{ gitea.server_url }}/${{ gitea.repository }}" \
--label "org.opencontainers.image.revision=${{ gitea.sha }}" \
-f dockerfiles/${{ matrix.dockerfile }} \
.
# Push each tag (skip for PRs)
if [[ "${{ github.event_name }}" != "pull_request" ]]; then
while IFS= read -r tag; do
[ -n "$tag" ] && docker push "$tag"
done <<< "${{ steps.meta.outputs.tags }}"
fi
release:
name: Release
runs-on: ubuntu-latest
needs: [determine-version, build]
if: "needs.determine-version.outputs.should_release == 'true' && github.ref == 'refs/heads/main' && github.event_name == 'push'"
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Create and push tag
run: |
VERSION="${{ needs.determine-version.outputs.version }}"
BUMP="${{ needs.determine-version.outputs.bump }}"
echo "📦 Creating release tag: $VERSION ($BUMP bump)"
git config user.name "gitea-actions[bot]"
git config user.email "actions@git.daviestechlabs.io"
git tag -a "$VERSION" -m "Release $VERSION ($BUMP)"
git push origin "$VERSION"
notify:
name: Notify
runs-on: ubuntu-latest
needs: [determine-version, build]
if: always()
steps:
- name: Notify on success
if: "needs.build.result == 'success' || needs.build.result == 'skipped'"
run: |
curl -s \
-H "Title: ✅ Images Built: ${{ gitea.repository }}" \
-H "Priority: default" \
-H "Tags: white_check_mark,docker" \
-H "Click: ${{ gitea.server_url }}/${{ gitea.repository }}/actions/runs/${{ gitea.run_id }}" \
-d "Branch: ${{ gitea.ref_name }}
Version: ${{ needs.determine-version.outputs.version }} (${{ needs.determine-version.outputs.bump }})
Build: ${{ needs.build.result }}" \
${{ env.NTFY_URL }}/gitea-ci
- name: Notify on failure or cancellation
if: "needs.build.result == 'failure' || needs.build.result == 'cancelled'"
run: |
curl -s \
-H "Title: ❌ Image Build Failed: ${{ gitea.repository }}" \
-H "Priority: high" \
-H "Tags: x,docker" \
-H "Click: ${{ gitea.server_url }}/${{ gitea.repository }}/actions/runs/${{ gitea.run_id }}" \
-d "Branch: ${{ gitea.ref_name }}
Version: ${{ needs.determine-version.outputs.version }}
Build: ${{ needs.build.result }}" \
${{ env.NTFY_URL }}/gitea-ci
Reference in New Issue View Git Blame Copy Permalink