Update Buildpack and Run Image Versions #111
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Buildpack and Run Image Versions | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: New release version (e.g. 0.46.0) | |
| type: string | |
| required: true | |
| test_mode: | |
| description: Run the workflow in test mode (creates temporary branches/tags, no actual release) | |
| type: boolean | |
| required: false | |
| default: false | |
| pull_request: | |
| types: [closed] | |
| jobs: | |
| validate-tag: | |
| if: github.event_name == 'workflow_dispatch' | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| repo_lower: ${{ steps.lowercase_repo.outputs.REPO }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.ref }} | |
| - name: Create test branch if in test mode | |
| if: github.event.inputs.test_mode == 'true' | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git switch -c test-release/${{ github.ref_name }} | |
| git push origin test-release/${{ github.ref_name }} | |
| - name: Check if tag exists | |
| if: github.event.inputs.test_mode == 'false' | |
| run: | | |
| if git tag -l | grep -q "^${{ github.event.inputs.version }}$"; then | |
| echo "Error: Tag ${{ github.event.inputs.version }} already exists" | |
| exit 1 | |
| else | |
| echo "Tag ${{ github.event.inputs.version }} does not exist - proceeding" | |
| fi | |
| - name: Simulate tag check in test mode | |
| if: github.event.inputs.test_mode == 'true' | |
| run: | | |
| echo "Running in test mode, simulating tag check." | |
| echo "Proceeding with version ${{ github.event.inputs.version }}-test" | |
| - name: lowercase REPO | |
| id: lowercase_repo | |
| run: | | |
| echo "REPO=${GITHUB_REPOSITORY@L}" >> "${GITHUB_OUTPUT}" | |
| build-and-push-build-run-images: | |
| if: github.event_name == 'workflow_dispatch' | |
| runs-on: ubuntu-24.04 | |
| needs: validate-tag | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver: docker-container | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push run-image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./run-image | |
| file: ./run-image/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| target: run | |
| push: true | |
| tags: ghcr.io/${{ needs.validate-tag.outputs.repo_lower }}/run-image:${{ github.event.inputs.version }}${{ (github.event.inputs.test_mode && '-test') || '' }} | |
| labels: | | |
| io.buildpacks.base.distro.name=ubuntu | |
| io.buildpacks.base.distro.version=24.04 | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push cuda run-image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./run-image | |
| file: ./run-image/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| build-args: base_image=nvcr.io/nvidia/cuda-dl-base:25.10-cuda13.0-devel-ubuntu24.04 | |
| target: run | |
| push: true | |
| tags: ghcr.io/${{ needs.validate-tag.outputs.repo_lower }}/cuda-run-image:${{ github.event.inputs.version }}${{ (github.event.inputs.test_mode && '-test') || '' }} | |
| labels: | | |
| io.buildpacks.base.distro.name=ubuntu | |
| io.buildpacks.base.distro.version=24.04 | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push cuda build-image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./run-image | |
| file: ./run-image/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| build-args: base_image=nvcr.io/nvidia/cuda-dl-base:25.10-cuda13.0-devel-ubuntu24.04 | |
| target: build | |
| push: true | |
| tags: ghcr.io/${{ needs.validate-tag.outputs.repo_lower }}/cuda-build-image:${{ github.event.inputs.version }}${{ (github.event.inputs.test_mode && '-test') || '' }} | |
| labels: | | |
| io.buildpacks.base.distro.name=ubuntu | |
| io.buildpacks.base.distro.version=24.04 | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| create-version-update-pr: | |
| if: github.event_name == 'workflow_dispatch' | |
| runs-on: ubuntu-24.04 | |
| needs: [validate-tag, build-and-push-build-run-images] | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Update buildpack.toml versions | |
| run: make update-buildpack-versions RELEASE_VERSION=${{ github.event.inputs.version }}${{ (github.event.inputs.test_mode && '-test') || '' }} | |
| - name: Update builder.toml | |
| run: make update-builder-versions RELEASE_VERSION=${{ github.event.inputs.version }}${{ (github.event.inputs.test_mode && '-test') || '' }} | |
| - name: update build-image action | |
| run: make update-action-versions RELEASE_VERSION=${{ github.event.inputs.version }}${{ (github.event.inputs.test_mode && '-test') || '' }} | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v7 | |
| with: | |
| token: ${{ secrets.RENKUBOT_GITHUB_TOKEN }} | |
| commit-message: "chore(release): Update buildpack and run-image versions to ${{ github.event.inputs.version }}" | |
| title: "chore(release): Update versions to ${{ github.event.inputs.version }}" | |
| body: | | |
| Automated version update for release ${{ github.event.inputs.version }} | |
| - Updated buildpack.toml versions | |
| - Updated builder.toml versions | |
| This PR was created automatically by the release workflow. | |
| **Please review and merge to complete the release process.** | |
| branch: update-versions-${{ github.event.inputs.version }} | |
| base: ${{ (github.event.inputs.test_mode && format('test-release/{0}', github.ref_name)) || 'main' }} | |
| delete-branch: true | |
| labels: ${{ github.event.inputs.test_mode && 'test-release' || 'release' }} | |
| move-tag: | |
| if: github.event_name == 'pull_request' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'update-versions-') && contains(github.event.pull_request.labels.*.name, 'release') | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write | |
| outputs: | |
| version: ${{ steps.extract_version.outputs.VERSION }} | |
| steps: | |
| - name: Extract version from branch name | |
| id: extract_version | |
| run: | | |
| VERSION=${GITHUB_HEAD_REF#update-versions-} | |
| echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT" | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Move tag to merged commit | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| TAG_NAME="${{ steps.extract_version.outputs.VERSION }}${{ (startsWith(github.event.pull_request.base.ref, 'test-release/') && '-test') || '' }}" | |
| git tag -f "$TAG_NAME" | |
| git push origin "$TAG_NAME" --force --tags | |
| publish-buildpacks: | |
| if: github.event_name == 'pull_request' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'update-versions-') && contains(github.event.pull_request.labels.*.name, 'release') | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| packages: write | |
| needs: [move-tag] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.sha }} | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: buildpacks/github-actions/setup-pack@v5.9.7 | |
| - name: publish buildpacks | |
| run: make publish_buildpacks | |
| publish-builders: | |
| if: github.event_name == 'pull_request' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'update-versions-') && contains(github.event.pull_request.labels.*.name, 'release') | |
| needs: [move-tag] | |
| permissions: | |
| packages: write | |
| strategy: | |
| matrix: | |
| arch: [amd64, arm64] | |
| builder: [selector, cuda-selector] | |
| include: | |
| - arch: amd64 | |
| runner: ubuntu-24.04 | |
| - arch: arm64 | |
| runner: ubuntu-24.04-arm | |
| - builder: selector | |
| builder-toml: builders/selector/builder.toml | |
| - builder: cuda-selector | |
| builder-toml: builders/cuda-selector/builder.toml | |
| runs-on: ${{ matrix.runner }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }}/${{ matrix.builder }} | |
| tags: | | |
| type=semver,pattern={{version}},value=${{ needs.move-tag.outputs.version }}${{ (startsWith(github.event.pull_request.base.ref, 'test-release/') && '-test') || '' }} | |
| type=semver,pattern={{version}} | |
| flavor: | | |
| suffix=-${{ matrix.arch }} | |
| - uses: buildpacks/github-actions/setup-pack@v5.9.7 | |
| - name: Get primary tag | |
| id: get-tag | |
| run: | | |
| PRIMARY_TAG=$(echo "${{ steps.meta.outputs.tags }}" | head -n1) | |
| echo "tag=$PRIMARY_TAG" >> $GITHUB_OUTPUT | |
| - name: Build and push arch-specific builder | |
| run: | | |
| pack builder create \ | |
| ${{ steps.get-tag.outputs.tag }} \ | |
| --config ${{ matrix.builder-toml }} \ | |
| --target linux/${{ matrix.arch }} | |
| docker push ${{ steps.get-tag.outputs.tag }} | |
| create-manifests: | |
| if: github.event_name == 'pull_request' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'update-versions-') && contains(github.event.pull_request.labels.*.name, 'release') | |
| needs: [move-tag, publish-builders] | |
| permissions: | |
| packages: write | |
| strategy: | |
| matrix: | |
| builder: [selector, cuda-selector] | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }}/${{ matrix.builder }} | |
| tags: | | |
| type=semver,pattern={{version}},value=${{ needs.move-tag.outputs.version }}${{ (startsWith(github.event.pull_request.base.ref, 'test-release/') && '-test') || '' }} | |
| type=semver,pattern={{version}} | |
| - name: Get primary tag | |
| id: get-tag | |
| run: | | |
| PRIMARY_TAG=$(echo "${{ steps.meta.outputs.tags }}" | head -n1) | |
| echo "tag=$PRIMARY_TAG" >> $GITHUB_OUTPUT | |
| - name: Create multi-arch manifest | |
| run: | | |
| docker buildx imagetools create \ | |
| -t ${{ steps.get-tag.outputs.tag }} \ | |
| ${{ steps.get-tag.outputs.tag }}-amd64 \ | |
| ${{ steps.get-tag.outputs.tag }}-arm64 | |
| release: | |
| if: github.event_name == 'pull_request' && github.event.pull_request.merged == true && startsWith(github.head_ref, 'update-versions-') && ! contains(github.event.pull_request.labels.*.name, 'test-release') | |
| runs-on: ubuntu-24.04 | |
| needs: [move-tag, create-manifests, publish-buildpacks] | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Create Release | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| tag: ${{ needs.move-tag.outputs.version }} | |
| name: Release ${{ needs.move-tag.outputs.version }} | |
| generateReleaseNotes: true | |
| draft: false | |
| prerelease: false | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| cleanup-test-resources: | |
| if: | | |
| always() && ( | |
| (github.event_name == 'workflow_dispatch' && github.event.inputs.test_mode == 'true') || | |
| (github.event_name == 'pull_request' && github.event.pull_request.merged == true && startsWith(github.event.pull_request.base.ref, 'test-release/')) | |
| ) | |
| runs-on: ubuntu-24.04 | |
| needs: [validate-tag, build-and-push-build-run-images, create-version-update-pr, move-tag, publish-buildpacks, publish-builders, create-manifests] | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Delete temporary branch | |
| run: | | |
| if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then | |
| git push origin --delete test-release/${{ github.ref_name }} || echo "Branch already deleted or doesn't exist" | |
| else | |
| git push origin --delete ${{ github.event.pull_request.base.ref }} || echo "Branch already deleted or doesn't exist" | |
| fi | |
| - name: Delete temporary tag | |
| run: | | |
| VERSION="${{ github.event.inputs.version || needs.move-tag.outputs.version }}" | |
| if [ -n "$VERSION" ]; then | |
| git push origin --delete "${VERSION}-test" || true | |
| fi |