Allow to have different k8s distro images for testing (#3197) #93
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Build ARM images (Master)' | |
| on: | |
| push: | |
| branches: | |
| - master | |
| permissions: read-all | |
| concurrency: | |
| group: ci-arm-${{ github.head_ref || github.ref }}-${{ github.repository }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: ${{ matrix.base_image }} | |
| uses: ./.github/workflows/reusable-build-flavor.yaml | |
| secrets: inherit | |
| permissions: | |
| id-token: write # OIDC support | |
| contents: write | |
| security-events: write | |
| actions: read | |
| attestations: read | |
| checks: read | |
| deployments: read | |
| discussions: read | |
| issues: read | |
| packages: read | |
| pages: read | |
| pull-requests: read | |
| repository-projects: read | |
| statuses: read | |
| with: | |
| base_image: ${{ matrix.base_image }} | |
| variant: ${{ matrix.variant }} | |
| model: ${{ matrix.model }} | |
| arch: "arm64" | |
| event_type: ${{ github.event_name }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| variant: ["core"] | |
| model: ["generic", "rpi4", "rpi3"] | |
| base_image: | |
| - "ubuntu:24.04" | |
| - "alpine:3.19" | |
| build-nvidia-base: | |
| runs-on: fast | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check if cache image is available | |
| id: cache | |
| run: | | |
| if docker pull quay.io/kairos/cache:nvidia-base; then | |
| echo "cache_available=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "cache_available=false" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Get changed files | |
| id: changed-files | |
| uses: tj-actions/changed-files@v45 | |
| with: | |
| files_yaml: | | |
| nvidia: | |
| - 'images/Dockerfile.nvidia' | |
| - name: Release space from worker | |
| if: ${{ steps.cache.outputs.cache_available == 'false' || steps.changed-files.outputs.nvidia_any_changed == 'true' }} | |
| run: | | |
| echo "Listing top largest packages" | |
| pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr) | |
| head -n 30 <<< "${pkgs}" | |
| echo | |
| df -h | |
| echo | |
| sudo apt-get remove -y '^llvm-.*|^libllvm.*' || true | |
| sudo apt-get remove --auto-remove android-sdk-platform-tools || true | |
| sudo apt-get purge --auto-remove android-sdk-platform-tools || true | |
| sudo rm -rf /usr/local/lib/android | |
| sudo apt-get remove -y '^dotnet-.*|^aspnetcore-.*' || true | |
| sudo rm -rf /usr/share/dotnet | |
| sudo apt-get remove -y '^mono-.*' || true | |
| sudo apt-get remove -y '^ghc-.*' || true | |
| sudo apt-get remove -y '.*jdk.*|.*jre.*' || true | |
| sudo apt-get remove -y 'php.*' || true | |
| sudo apt-get remove -y hhvm || true | |
| sudo apt-get remove -y powershell || true | |
| sudo apt-get remove -y firefox || true | |
| sudo apt-get remove -y monodoc-manual || true | |
| sudo apt-get remove -y msbuild || true | |
| sudo apt-get remove -y microsoft-edge-stable || true | |
| sudo apt-get remove -y '^google-.*' || true | |
| sudo apt-get remove -y azure-cli || true | |
| sudo apt-get remove -y '^mongo.*-.*|^postgresql-.*|^mysql-.*|^mssql-.*' || true | |
| sudo apt-get remove -y '^gfortran-.*' || true | |
| sudo apt-get remove -y '^gcc-*' || true | |
| sudo apt-get remove -y '^g++-*' || true | |
| sudo apt-get remove -y '^cpp-*' || true | |
| sudo apt-get autoremove -y | |
| sudo apt-get clean | |
| echo | |
| echo "Listing top largest packages" | |
| pkgs=$(dpkg-query -Wf '${Installed-Size}\t${Package}\t${Status}\n' | awk '$NF == "installed"{print $1 "\t" $2}' | sort -nr) | |
| head -n 30 <<< "${pkgs}" | |
| echo | |
| sudo rm -rfv build || true | |
| df -h | |
| - name: Set up Docker Buildx | |
| if: ${{ steps.cache.outputs.cache_available == 'false' || steps.changed-files.outputs.nvidia_any_changed == 'true' && runner.environment == 'github-hosted' }} | |
| uses: docker/setup-buildx-action@master | |
| - name: Set up Docker Buildx for custom runners | |
| if: ${{ steps.cache.outputs.cache_available == 'false' || steps.changed-files.outputs.nvidia_any_changed == 'true' && runner.environment == 'self-hosted' }} | |
| uses: docker/setup-buildx-action@master | |
| with: | |
| buildkitd-config-inline: | | |
| [registry."docker.io"] | |
| mirrors = ["registry.docker-mirror.svc.cluster.local:5000"] | |
| [registry."registry.docker-mirror.svc.cluster.local:5000"] | |
| insecure = true | |
| http = true | |
| - name: Block all traffic to metadata ip # For cloud runners, the metadata ip can interact with our test machines | |
| if: ${{ steps.cache.outputs.cache_available == 'false' || steps.changed-files.outputs.nvidia_any_changed == 'true' && runner.environment == 'self-hosted' }} | |
| run: | | |
| sudo iptables -I INPUT -s 169.254.169.254 -j DROP | |
| sudo iptables -I OUTPUT -d 169.254.169.254 -j DROP | |
| - name: Login to Quay Registry | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' && (steps.cache.outputs.cache_available == 'false' || steps.changed-files.outputs.nvidia_any_changed == 'true') }} | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - name: Build 🔧 & Push 🚀 | |
| if: ${{ steps.cache.outputs.cache_available == 'false' || steps.changed-files.outputs.nvidia_any_changed == 'true' }} | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: images/ | |
| file: images/Dockerfile.nvidia | |
| platforms: linux/arm64 | |
| push: true | |
| tags: quay.io/kairos/cache:nvidia-base | |
| build-nvidia: | |
| name: ${{ matrix.base_image }} | |
| uses: ./.github/workflows/reusable-build-flavor.yaml | |
| secrets: inherit | |
| permissions: | |
| id-token: write # OIDC support | |
| contents: write | |
| security-events: write | |
| actions: read | |
| attestations: read | |
| checks: read | |
| deployments: read | |
| discussions: read | |
| issues: read | |
| packages: read | |
| pages: read | |
| pull-requests: read | |
| repository-projects: read | |
| statuses: read | |
| with: | |
| base_image: ${{ matrix.base_image }} | |
| variant: ${{ matrix.variant }} | |
| model: ${{ matrix.model }} | |
| arch: "arm64" | |
| event_type: ${{ github.event_name }} | |
| needs: | |
| - build-nvidia-base | |
| strategy: | |
| matrix: | |
| base_image: ["quay.io/kairos/cache:nvidia-base"] | |
| variant: ["core"] | |
| model: ["nvidia-jetson-agx-orin"] |