diff --git a/.github/workflows/odh-build-and-publish-images.yaml b/.github/workflows/odh-build-and-publish-images.yaml new file mode 100644 index 0000000000..7a117b64dc --- /dev/null +++ b/.github/workflows/odh-build-and-publish-images.yaml @@ -0,0 +1,116 @@ +# Reusable workflows for publishing Training Operator images. +# Copied from the build-and-publish-images.yaml +name: ODH Build And Publish Operator Image + +on: + workflow_call: + inputs: + component-name: + required: true + type: string + platforms: + required: true + type: string + dockerfile: + required: true + type: string + context: + required: false + type: string + default: "." + quay-repo-name: + required: false + type: string + default: "opendatahub" + secrets: + QUAY_USERNAME: + required: false + QUAY_TOKEN: + required: false + +jobs: + build-and-publish-opeator: + name: ODH - Publish Operator Image + runs-on: ubuntu-latest + env: + GOPATH: ${{ github.workspace }}/go + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: '1.20' + + - name: Login to Quay.io + id: podman-login-quay + # Trigger workflow only for ${{ inputs.github-org }}/training-operator repository with specific branch (master, v.*-branch) or tag (v.*). + if: >- + (github.ref == 'refs/heads/master' || (startsWith(github.ref, 'refs/heads/v') && endsWith(github.ref, '-branch')) || startsWith(github.ref, 'refs/tags/v')) + shell: bash + run: | + podman login --username ${{ secrets.QUAY_USERNAME }} --password ${{ secrets.QUAY_TOKEN }} quay.io + - name: Run go mod + shell: bash + run: | + go mod download + - name: Add Docker Tags + id: meta + uses: docker/metadata-action@v5 + with: + images: quay.io/${{ inputs.quay-repo-name }}/${{ inputs.component-name }} + tags: | + type=raw,latest + type=sha,prefix=v1- + + # Build operators inside the gh runner vm directly and then copy the go binaries to docker images using the Dockerfile.buildx + - name: Build linux/amd64 Operator go binary + env: + CGO_ENABLED: 1 + GOOS: linux + GOARCH: amd64 + shell: bash + run: | + CGO_ENABLED=$CGO_ENABLED GOOS=$GOOS GOARCH=$GOARCH go build -tags strictfipsruntime -a -o manager-$GOARCH cmd/training-operator.v1/main.go + + - name: Build linux/arm64 Operator go binary + env: + CC: aarch64-linux-gnu-gcc + CGO_ENABLED: 1 + GOOS: linux + GOARCH: arm64 + shell: bash + run: | + sudo apt-get update + sudo apt-get install -y gcc-aarch64-linux-gnu libc6-dev-arm64-cross + CC=$CC CGO_ENABLED=$CGO_ENABLED GOOS=$GOOS GOARCH=$GOARCH go build -tags strictfipsruntime -a -o manager-$GOARCH cmd/training-operator.v1/main.go + + - name: Build image + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: quay.io/${{ inputs.quay-repo-name }}/${{ inputs.component-name }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + platforms: ${{ inputs.platforms }} + containerfiles: | + ${{ inputs.dockerfile }} + + - name: Push To quay.io + if: always() && steps.podman-login-quay.outcome == 'success' && steps.build-image.outcome == 'success' + id: push-to-quay + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + + - name: Print image url + if: steps.push-to-quay.outcome == 'success' + shell: bash + run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" + + - name: Logout from Quay.io + if: always() && steps.podman-login-quay.outcome == 'success' + run: | + podman logout quay.io diff --git a/.github/workflows/odh-build-and-publish-operator-image.yaml b/.github/workflows/odh-build-and-publish-operator-image.yaml new file mode 100644 index 0000000000..ddb34f104c --- /dev/null +++ b/.github/workflows/odh-build-and-publish-operator-image.yaml @@ -0,0 +1,98 @@ +# This is a copy of the publish-core-images.yaml and has been customized to +# use the quay login credentials. +# The unused parts of the original have been commented out on purpose. +name: ODH -- Publish Training Operator Core Images + +on: + - push + - pull_request + +jobs: + build-and-publish-opeator: + name: ODH - Publish Operator Image + runs-on: ubuntu-latest + env: + GOPATH: ${{ github.workspace }}/go + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v3 + with: +# go-version: '1.20' + go-version-file: go.mod + + - name: Login to Quay.io + id: podman-login-quay + # Trigger workflow only for specific branch (master, v.*-branch) or tag (v.*). + if: >- + (github.ref == 'refs/heads/master' || (startsWith(github.ref, 'refs/heads/v') && endsWith(github.ref, '-branch')) || startsWith(github.ref, 'refs/tags/v')) + shell: bash + run: | + podman login --username ${{ secrets.QUAY_USERNAME }} --password ${{ secrets.QUAY_TOKEN }} quay.io + + - name: Run go mod + shell: bash + run: | + go mod download + + - name: Add Docker Tags + id: meta + uses: docker/metadata-action@v5 + with: + images: quay.io/${{ vars.QUAY_REPO_NAME }}/training-operator + tags: | + type=raw,latest + type=sha,prefix=v1- + + # Build operators inside the gh runner vm directly and then copy the go binaries to docker images using the Dockerfile.buildx + - name: Build linux/amd64 Operator go binary + env: + CGO_ENABLED: 1 + GOOS: linux + GOARCH: amd64 + shell: bash + run: | + CGO_ENABLED=$CGO_ENABLED GOOS=$GOOS GOARCH=$GOARCH go build -tags strictfipsruntime -a -o manager-$GOARCH cmd/training-operator.v1/main.go + + - name: Build linux/arm64 Operator go binary + env: + CC: aarch64-linux-gnu-gcc + CGO_ENABLED: 1 + GOOS: linux + GOARCH: arm64 + shell: bash + run: | + sudo apt-get update + sudo apt-get install -y gcc-aarch64-linux-gnu libc6-dev-arm64-cross + CC=$CC CGO_ENABLED=$CGO_ENABLED GOOS=$GOOS GOARCH=$GOARCH go build -tags strictfipsruntime -a -o manager-$GOARCH cmd/training-operator.v1/main.go + + - name: Build image + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: quay.io/${{ vars.QUAY_REPO_NAME }}/training-operator + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64,linux/arm64 + containerfiles: | + "build/images/training-operator/Dockerfile.buildx" + + - name: Push To quay.io + if: always() && steps.podman-login-quay.outcome == 'success' && steps.build-image.outcome == 'success' + id: push-to-quay + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + + - name: Print image url + if: steps.push-to-quay.outcome == 'success' + shell: bash + run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" + + - name: Logout from Quay.io + if: always() && steps.podman-login-quay.outcome == 'success' + run: | + podman logout quay.io diff --git a/.github/workflows/template-publish-image/action.yaml b/.github/workflows/template-publish-image/action.yaml index 3fdef3524d..b57580f5fc 100644 --- a/.github/workflows/template-publish-image/action.yaml +++ b/.github/workflows/template-publish-image/action.yaml @@ -59,10 +59,7 @@ runs: - name: Build and Push uses: docker/build-push-action@v3 with: - platforms: ${{ inputs.platforms }} - context: ${{ inputs.context }} - file: ${{ inputs.dockerfile }} - push: ${{ inputs.push }} + image: ${{ inputs.image }} tags: ${{ steps.meta.outputs.tags }} cache-from: type=gha cache-to: type=gha,mode=max diff --git a/build/images/training-operator/Dockerfile.buildx b/build/images/training-operator/Dockerfile.buildx new file mode 100644 index 0000000000..e6de911541 --- /dev/null +++ b/build/images/training-operator/Dockerfile.buildx @@ -0,0 +1,7 @@ +FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3 +ARG TARGETARCH +WORKDIR / +COPY ./manager-${TARGETARCH} ./manager +USER 65532:65532 + +ENTRYPOINT ["/manager"]