feat: add nvidia-tuning-gke to support GKE container optimized OS #63
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: Copyright (c) 2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved. | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| name: Build Changed Packages (PR) | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| # First job: detect which packages have changed | |
| detect-changes: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| packages: ${{ steps.changes.outputs.packages }} | |
| has_changes: ${{ steps.changes.outputs.has_changes }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Detect changed packages | |
| id: changes | |
| run: | | |
| # Get list of changed files compared to base branch | |
| CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) | |
| echo "Changed files:" | |
| echo "$CHANGED_FILES" | |
| # Find unique package directories that have changes | |
| # A package is any directory containing a Dockerfile | |
| PACKAGES="" | |
| for dir in */; do | |
| dir_name="${dir%/}" | |
| # Skip hidden directories and non-package directories | |
| [[ "$dir_name" == .* ]] && continue | |
| [[ "$dir_name" == "scripts" ]] && continue | |
| # Check if this directory has a Dockerfile | |
| if [ -f "${dir_name}/Dockerfile" ]; then | |
| # Check if any files in this package changed | |
| if echo "$CHANGED_FILES" | grep -q "^${dir_name}/"; then | |
| if [ -n "$PACKAGES" ]; then | |
| PACKAGES="${PACKAGES},\"${dir_name}\"" | |
| else | |
| PACKAGES="\"${dir_name}\"" | |
| fi | |
| echo "Package changed: ${dir_name}" | |
| fi | |
| fi | |
| done | |
| if [ -n "$PACKAGES" ]; then | |
| echo "packages=[${PACKAGES}]" >> $GITHUB_OUTPUT | |
| echo "has_changes=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "packages=[]" >> $GITHUB_OUTPUT | |
| echo "has_changes=false" >> $GITHUB_OUTPUT | |
| echo "No package changes detected" | |
| fi | |
| # Second job: validate changed packages | |
| validate: | |
| needs: detect-changes | |
| if: needs.detect-changes.outputs.has_changes == 'true' | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| package: ${{ fromJson(needs.detect-changes.outputs.packages) }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check if package changed and config.json exists | |
| id: check-config | |
| shell: bash | |
| run: | | |
| CONFIG_FILE="${{ matrix.package }}/config.json" | |
| DOCKERFILE="${{ matrix.package }}/Dockerfile" | |
| PACKAGE_DIR="${{ matrix.package }}/" | |
| # Check if config.json exists | |
| if [ ! -f "$CONFIG_FILE" ]; then | |
| # Check if Dockerfile exists and has a FROM that references a skyhook-packages image | |
| if [ -f "$DOCKERFILE" ]; then | |
| # Check if FROM line contains "skyhook-packages" (indicating it inherits from another package) | |
| if grep -q "^FROM.*skyhook-packages" "$DOCKERFILE"; then | |
| echo "config_exists=false" >> $GITHUB_OUTPUT | |
| echo "config_changed=false" >> $GITHUB_OUTPUT | |
| echo "No config.json found, but Dockerfile inherits from skyhook-packages image - validation skipped" | |
| else | |
| # If we get here, config.json is missing and it's not inheriting from skyhook-packages | |
| echo "ERROR: config.json is required for package ${{ matrix.package }}" >&2 | |
| echo "Package must have a config.json file unless it inherits from another skyhook-packages image." >&2 | |
| echo "Current Dockerfile FROM line:" >&2 | |
| grep "^FROM" "$DOCKERFILE" >&2 || echo " (no FROM line found)" >&2 | |
| exit 1 | |
| fi | |
| else | |
| echo "ERROR: config.json is required for package ${{ matrix.package }}" >&2 | |
| exit 1 | |
| fi | |
| else | |
| echo "config_exists=true" >> $GITHUB_OUTPUT | |
| fi | |
| # Check if any file in the package changed (for validation) | |
| CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) | |
| if echo "$CHANGED_FILES" | grep -q "^${PACKAGE_DIR}"; then | |
| echo "package_changed=true" >> $GITHUB_OUTPUT | |
| echo "Package ${{ matrix.package }} has changed files, validation will run if config.json exists" | |
| # If config.json exists, we should validate it when package changes | |
| if [ -f "$CONFIG_FILE" ]; then | |
| echo "config_changed=true" >> $GITHUB_OUTPUT | |
| echo "Package changed and config.json exists, validation required" | |
| else | |
| echo "config_changed=false" >> $GITHUB_OUTPUT | |
| fi | |
| else | |
| echo "package_changed=false" >> $GITHUB_OUTPUT | |
| echo "config_changed=false" >> $GITHUB_OUTPUT | |
| echo "No files changed in package ${{ matrix.package }}, skipping validation" | |
| fi | |
| - name: Check if package inherits from skyhook-packages | |
| id: check-inheritance | |
| if: steps.check-config.outputs.config_exists == 'true' && steps.check-config.outputs.package_changed == 'true' | |
| shell: bash | |
| run: | | |
| DOCKERFILE="${{ matrix.package }}/Dockerfile" | |
| if [ -f "$DOCKERFILE" ] && grep -q "^FROM.*skyhook-packages" "$DOCKERFILE"; then | |
| echo "inherits_from_skyhook_packages=true" >> $GITHUB_OUTPUT | |
| echo "Package inherits from skyhook-packages image - will use validate-inherited target" | |
| else | |
| echo "inherits_from_skyhook_packages=false" >> $GITHUB_OUTPUT | |
| echo "Package is standalone - will use validate-standalone target" | |
| fi | |
| - name: Validate config.json (standalone packages) | |
| if: steps.check-config.outputs.config_exists == 'true' && steps.check-config.outputs.package_changed == 'true' && steps.check-inheritance.outputs.inherits_from_skyhook_packages == 'false' | |
| shell: bash | |
| run: | | |
| make validate-standalone PACKAGE="${{ matrix.package }}" | |
| - name: Validate config.json (inherited packages) | |
| if: steps.check-config.outputs.config_exists == 'true' && steps.check-config.outputs.package_changed == 'true' && steps.check-inheritance.outputs.inherits_from_skyhook_packages == 'true' | |
| shell: bash | |
| run: | | |
| make validate-inherited PACKAGE="${{ matrix.package }}" | |
| # Third job: test changed packages | |
| test: | |
| needs: [detect-changes, validate] | |
| if: needs.detect-changes.outputs.has_changes == 'true' | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| package: ${{ fromJson(needs.detect-changes.outputs.packages) }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check if package changed | |
| id: check-package | |
| shell: bash | |
| run: | | |
| PACKAGE_DIR="${{ matrix.package }}/" | |
| CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) | |
| if echo "$CHANGED_FILES" | grep -q "^${PACKAGE_DIR}"; then | |
| echo "package_changed=true" >> $GITHUB_OUTPUT | |
| echo "Package ${{ matrix.package }} has changed files, tests will run" | |
| else | |
| echo "package_changed=false" >> $GITHUB_OUTPUT | |
| echo "No files changed in package ${{ matrix.package }}, skipping tests" | |
| fi | |
| - name: Install test dependencies | |
| if: steps.check-package.outputs.package_changed == 'true' | |
| shell: bash | |
| run: | | |
| make test-deps | |
| - name: Verify Docker is available for tests | |
| if: steps.check-package.outputs.package_changed == 'true' | |
| shell: bash | |
| run: | | |
| # Verify Docker daemon is running and accessible | |
| docker info > /dev/null 2>&1 || { | |
| echo "ERROR: Docker daemon is not accessible. Tests require Docker to run containers." >&2 | |
| exit 1 | |
| } | |
| echo "Docker is available and ready for tests" | |
| - name: Run tests for package | |
| if: steps.check-package.outputs.package_changed == 'true' | |
| shell: bash | |
| run: | | |
| make test-package PACKAGE="${{ matrix.package }}" | |
| # Fourth job: build changed packages | |
| build: | |
| needs: [detect-changes, validate, test] | |
| if: needs.detect-changes.outputs.has_changes == 'true' | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| package: ${{ fromJson(needs.detect-changes.outputs.packages) }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get latest tag and short SHA | |
| id: version | |
| run: | | |
| # Get short SHA | |
| SHORT_SHA="sha$(git rev-parse --short HEAD)" | |
| echo "short_sha=${SHORT_SHA}" >> $GITHUB_OUTPUT | |
| # Find the latest tag for this package (format: package/X.Y.Z) | |
| LATEST_TAG=$(git tag -l "${{ matrix.package }}/*" --sort=-v:refname | head -1) | |
| if [ -n "$LATEST_TAG" ]; then | |
| # Extract version from tag (e.g., "nvidia_tuned/1.2.0" -> "1.2.0") | |
| VERSION=$(echo "$LATEST_TAG" | cut -d'/' -f2) | |
| echo "Found latest tag: $LATEST_TAG (version: $VERSION)" | |
| else | |
| # No existing tag, use 0.0.0 as base | |
| VERSION="0.0.0" | |
| echo "No existing tags found for ${{ matrix.package }}, using $VERSION" | |
| fi | |
| echo "version=${VERSION}" >> $GITHUB_OUTPUT | |
| echo "full_tag=${VERSION}-dev.${SHORT_SHA}" >> $GITHUB_OUTPUT | |
| - name: Build and push Docker image | |
| uses: ./.github/actions/build-package | |
| with: | |
| package_name: ${{ matrix.package }} | |
| tags: | | |
| type=raw,value=${{ steps.version.outputs.full_tag }} | |
| registry: ${{ env.REGISTRY }} | |
| image_name: ${{ env.IMAGE_NAME }} | |
| generate_attestation: 'false' | |
| save_image_info: 'true' | |
| # Summary job to report status | |
| build-summary: | |
| needs: [detect-changes, validate, test, build] | |
| if: always() | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download all image info artifacts | |
| if: needs.build.result == 'success' | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: image-info-* | |
| path: /tmp/image-info | |
| merge-multiple: true | |
| - name: Check build results and list images | |
| run: | | |
| if [ "${{ needs.detect-changes.outputs.has_changes }}" == "false" ]; then | |
| echo "✅ No packages changed - nothing to build" | |
| exit 0 | |
| fi | |
| if [ "${{ needs.build.result }}" == "success" ]; then | |
| echo "✅ All changed packages built and pushed successfully" | |
| echo "" | |
| echo "## Images Pushed" | |
| echo "" | |
| # List all pushed images from artifacts | |
| for file in /tmp/image-info/*.txt; do | |
| [ -f "$file" ] || continue | |
| IMAGE=$(cat "$file") | |
| echo "- \`${IMAGE}\`" | |
| done | |
| elif [ "${{ needs.build.result }}" == "skipped" ]; then | |
| echo "⏭️ Build was skipped" | |
| else | |
| echo "❌ Some packages failed to build" | |
| exit 1 | |
| fi |