llm-d · vMaroon · May 18, 2025 · May 15, 2025 · May 15, 2025 · May 15, 2025
diff --git a/.github/actions/docker-build-and-push/action.yml b/.github/actions/docker-build-and-push/action.yml
@@ -0,0 +1,43 @@
+name: Docker Build - ghcr
+description: Build image using buildx
+inputs:
+  image-name:
+    required: true
+    description: Image name
+  tag:
+    required: true
+    description: Image tag
+  github-token:
+    required: true
+    description: GitHub token for login
+  kv-cache-manager-token:
+    required: true
+    description: KV Cache Manager llm-d repo token
+  registry:
+    required: true
+    description: Container registry (e.g., ghcr.io/llm-d)
+runs:
+  using: "composite"
+  steps:
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Login to GitHub Container Registry
+      run: echo "${{ inputs.github-token }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+      shell: bash
+
+    - name: Print image info
+      run: |
+        echo "Image name: ${{ inputs.image-name }}"
+        echo "Tag: ${{ inputs.tag }}"
+        echo "Registry: ${{ inputs.registry }}"
+      shell: bash
+
+    - name: Build image and push
+      run: |
+        docker buildx build \
+          --platform linux/amd64 \
+          --build-arg KV_CACHE_MANAGER_TOKEN=${{ inputs.kv-cache-manager-token }} \
+          -t ${{ inputs.registry }}/${{ inputs.image-name }}:${{ inputs.tag }} \
+          --push .
+      shell: bash
diff --git a/.github/actions/trivy-scan/action.yml b/.github/actions/trivy-scan/action.yml
@@ -0,0 +1,19 @@
+name: Trivy Scan
+description: Scan container image with Trivy
+inputs:
+  image:
+    required: true
+runs:
+  using: "composite"
+  steps:
+    - name: Install Trivy
+      run: |
+        wget https://github.com/aquasecurity/trivy/releases/download/v0.44.1/trivy_0.44.1_Linux-64bit.deb
+        sudo dpkg -i trivy_0.44.1_Linux-64bit.deb
+      shell: bash
+
+
+    - name: Scan image
+      run: |
+        trivy image --severity HIGH,CRITICAL --no-progress ${{ inputs.image }}
+      shell: bash
diff --git a/.github/workflows/ci-pr-checks.yaml b/.github/workflows/ci-pr-checks.yaml
@@ -0,0 +1,50 @@
+name: CI - PR Checks
+
+on:
+  pull_request:
+    branches:
+      - dev
+      - main
+
+jobs:
+  lint-and-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@v4
+
+      - name: Sanity check repo contents
+        run: ls -la
+
+      - name: Extract Go version from go.mod
+        run: sed -En 's/^go (.*)$/GO_VERSION=\1/p' go.mod >> $GITHUB_ENV
+
+      - name: Set up Go with cache
+        uses: actions/setup-go@v5
+        with:
+          go-version: "${{ env.GO_VERSION }}"
+          cache-dependency-path: ./go.sum
+
+      - name: Configure Git to use token for private modules
+        run: |
+            git config --global url."https://${{ secrets.KV_CACHE_MANAGER_TOKEN }}@github.com/".insteadOf "https://github.com/"
+            go env -w GOPRIVATE=github.com/llm-d/*
+
+      - name: go mod tidy
+        run: go mod tidy
+
+      - name: Run lint checks
+        uses: golangci/golangci-lint-action@v8
+        with:
+          version: 'v2.1.6'
+          args: "--config=./.golangci.yml"
+
+      - name: Run make test
+        shell: bash 
+        run: |
+          make test
+
+      - name: Run make build
+        shell: bash
+        run: |
+          make build
diff --git a/.github/workflows/ci-push.yaml b/.github/workflows/ci-push.yaml
@@ -0,0 +1,48 @@
+name: CI - Push
+
+on:
+  push:
+    branches:
+      - dev
+      - main
+
+jobs:
+  docker-build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@v4
+
+      - name: Load version information
+        id: version
+        run: |
+          repo="${GITHUB_REPOSITORY##*/}"
+          VERSION_FILE=".version.json"
+          dev_version=$(jq -r '.["dev-version"]' "$VERSION_FILE")
+          prod_version=$(jq -r '.["prod-version"]' "$VERSION_FILE")
+
+          if [[ "${GITHUB_REF_NAME}" == "dev" ]]; then
+            echo "tag=$dev_version" >> "$GITHUB_OUTPUT"
+            echo "project_name=$repo-dev" >> "$GITHUB_OUTPUT"
+          elif [[ "${GITHUB_REF_NAME}" == "main" ]]; then
+            echo "tag=$prod_version" >> "$GITHUB_OUTPUT"
+            echo "project_name=$repo" >> "$GITHUB_OUTPUT"
+          else
+            echo "tag=$dev_version" >> "$GITHUB_OUTPUT"
+            echo "project_name=$repo-dev" >> "$GITHUB_OUTPUT"
+          fi
+        shell: bash
+
+      - name: Print project name and tag
+        run: |
+          echo "Project is ${{ steps.version.outputs.project_name }}"
+          echo "Tag is ${{ steps.version.outputs.tag }}"
+
+      - name: Build and push image
+        uses: ./.github/actions/docker-build-and-push
+        with:
+          tag: ${{ steps.version.outputs.tag }}
+          image-name: ${{ steps.version.outputs.project_name }}
+          registry: ghcr.io/llm-d
+          github-token: ${{ secrets.GHCR_TOKEN }}
+          kv-cache-manager-token: ${{ secrets.KV_CACHE_MANAGER_TOKEN }}
diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml
@@ -0,0 +1,50 @@
+name: CI - Release - Docker Container Image
+
+on:
+  push:
+    tags:
+      - 'v*'  # Runs when a tag like v0.1.0 is pushed
+  release:
+    types: [published]  # Also runs when a GitHub release is published
+
+jobs:
+  docker-build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@v4
+
+      - name: Set project name from repository
+        id: version
+        run: |
+          repo="${GITHUB_REPOSITORY##*/}"
+          echo "project_name=$repo" >> "$GITHUB_OUTPUT"
+
+      - name: Print project name
+        run: echo "Project is ${{ steps.version.outputs.project_name }}"
+
+      - name: Determine tag name
+        id: tag
+        run: |
+          if [[ "${GITHUB_EVENT_NAME}" == "release" ]]; then
+            echo "tag=${GITHUB_REF##refs/tags/}" >> "$GITHUB_OUTPUT"
+          elif [[ "${GITHUB_REF}" == refs/tags/* ]]; then
+            echo "tag=${GITHUB_REF##refs/tags/}" >> "$GITHUB_OUTPUT"
+          else
+            echo "tag=latest" >> "$GITHUB_OUTPUT"
+          fi
+        shell: bash
+
+      - name: Build and push image
+        uses: ./.github/actions/docker-build-and-push
+        with:
+          tag: ${{ steps.tag.outputs.tag }}
+          image-name: ${{ steps.version.outputs.project_name }}
+          registry: ghcr.io/llm-d
+          github-token: ${{ secrets.GHCR_TOKEN }}
+          kv-cache-manager-token: ${{ secrets.KV_CACHE_MANAGER_TOKEN }}
+
+      - name: Run Trivy scan
+        uses: ./.github/actions/trivy-scan
+        with:
+          image: ghcr.io/llm-d/${{ steps.version.outputs.project_name }}:${{ steps.tag.outputs.tag }}
diff --git a/.tekton/README.md b/.tekton/README.md
diff --git a/.tekton/benchmark.yaml b/.tekton/benchmark.yaml