mirror of
https://github.com/NVIDIA/nvidia-container-toolkit
synced 2024-11-22 16:29:18 +00:00
2d07385e81
This change pulls images from public staging repositories to scan and release. This ensures that the bits built and tested in public CI (off the master branch, for example) match those scanned and released. This also serves to reduce the load on our internal CI runners as these don't have to store artifacts and build images. Two CI variables: STAGING_REGISTRY and STAGING_VERSION are used to control which image is pulled for release, with the latter defaulting to the CI_COMMIT_SHORT_SHA. Signed-off-by: Evan Lezar <elezar@nvidia.com>
380 lines
7.6 KiB
YAML
380 lines
7.6 KiB
YAML
# Copyright (c) 2019-2021, NVIDIA CORPORATION. All rights reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
include:
|
|
- .common-ci.yml
|
|
|
|
build-dev-image:
|
|
stage: image
|
|
script:
|
|
- apk --no-cache add make bash
|
|
- make .build-image
|
|
- docker login -u "${CI_REGISTRY_USER}" -p "${CI_REGISTRY_PASSWORD}" "${CI_REGISTRY}"
|
|
- make .push-build-image
|
|
|
|
.requires-build-image:
|
|
image: "${BUILDIMAGE}"
|
|
|
|
.go-check:
|
|
extends:
|
|
- .requires-build-image
|
|
stage: go-checks
|
|
|
|
fmt:
|
|
extends:
|
|
- .go-check
|
|
script:
|
|
- make assert-fmt
|
|
|
|
vet:
|
|
extends:
|
|
- .go-check
|
|
script:
|
|
- make vet
|
|
|
|
lint:
|
|
extends:
|
|
- .go-check
|
|
script:
|
|
- make lint
|
|
allow_failure: true
|
|
|
|
ineffassign:
|
|
extends:
|
|
- .go-check
|
|
script:
|
|
- make ineffassign
|
|
allow_failure: true
|
|
|
|
misspell:
|
|
extends:
|
|
- .go-check
|
|
script:
|
|
- make misspell
|
|
|
|
go-build:
|
|
extends:
|
|
- .requires-build-image
|
|
stage: go-build
|
|
script:
|
|
- make build
|
|
|
|
unit-tests:
|
|
extends:
|
|
- .requires-build-image
|
|
stage: unit-tests
|
|
script:
|
|
- make coverage
|
|
|
|
# Define the package build helpers
|
|
.multi-arch-build:
|
|
before_script:
|
|
- apk add --no-cache coreutils build-base sed git bash make
|
|
- '[[ -n "${SKIP_QEMU_SETUP}" ]] || docker run --rm --privileged multiarch/qemu-user-static --reset -p yes -c yes'
|
|
|
|
.package-artifacts:
|
|
variables:
|
|
ARTIFACTS_NAME: "toolkit-container-${CI_PIPELINE_ID}"
|
|
ARTIFACTS_ROOT: "toolkit-container-${CI_PIPELINE_ID}"
|
|
DIST_DIR: ${CI_PROJECT_DIR}/${ARTIFACTS_ROOT}
|
|
|
|
.package-build:
|
|
extends:
|
|
- .multi-arch-build
|
|
- .package-artifacts
|
|
stage: package-build
|
|
script:
|
|
- ./scripts/release.sh ${DIST}-${ARCH}
|
|
|
|
artifacts:
|
|
name: ${ARTIFACTS_NAME}
|
|
paths:
|
|
- ${ARTIFACTS_ROOT}
|
|
|
|
# Define the package build targets
|
|
package-amazonlinux1-x86_64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-amazonlinux1
|
|
- .arch-x86_64
|
|
|
|
package-amazonlinux2-aarch64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-amazonlinux2
|
|
- .arch-aarch64
|
|
|
|
package-amazonlinux2-x86_64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-amazonlinux2
|
|
- .arch-x86_64
|
|
|
|
package-centos7-ppc64le:
|
|
extends:
|
|
- .package-build
|
|
- .dist-centos7
|
|
- .arch-ppc64le
|
|
|
|
package-centos7-x86_64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-centos7
|
|
- .arch-x86_64
|
|
|
|
package-centos8-aarch64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-centos8
|
|
- .arch-aarch64
|
|
|
|
package-centos8-ppc64le:
|
|
extends:
|
|
- .package-build
|
|
- .dist-centos8
|
|
- .arch-ppc64le
|
|
|
|
package-centos8-x86_64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-centos8
|
|
- .arch-x86_64
|
|
|
|
package-debian10-amd64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-debian10
|
|
- .arch-amd64
|
|
|
|
package-debian9-amd64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-debian9
|
|
- .arch-amd64
|
|
|
|
package-opensuse-leap15.1-x86_64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-opensuse-leap15.1
|
|
- .arch-x86_64
|
|
|
|
package-ubuntu16.04-amd64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-ubuntu16.04
|
|
- .arch-amd64
|
|
|
|
package-ubuntu16.04-ppc64le:
|
|
extends:
|
|
- .package-build
|
|
- .dist-ubuntu16.04
|
|
- .arch-ppc64le
|
|
|
|
package-ubuntu18.04-amd64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-ubuntu18.04
|
|
- .arch-amd64
|
|
|
|
package-ubuntu18.04-arm64:
|
|
extends:
|
|
- .package-build
|
|
- .dist-ubuntu18.04
|
|
- .arch-arm64
|
|
|
|
package-ubuntu18.04-ppc64le:
|
|
extends:
|
|
- .package-build
|
|
- .dist-ubuntu18.04
|
|
- .arch-ppc64le
|
|
|
|
# Define the image build targets
|
|
.image-build:
|
|
stage: image-build
|
|
variables:
|
|
IMAGE_NAME: "${CI_REGISTRY_IMAGE}/container-toolkit"
|
|
VERSION: "${CI_COMMIT_SHORT_SHA}"
|
|
before_script:
|
|
- apk add --no-cache bash make
|
|
- 'echo "Logging in to CI registry ${CI_REGISTRY}"'
|
|
- docker login -u "${CI_REGISTRY_USER}" -p "${CI_REGISTRY_PASSWORD}" "${CI_REGISTRY}"
|
|
script:
|
|
- make -f build/container/Makefile build-${DIST}
|
|
- make -f build/container/Makefile push-${DIST}
|
|
|
|
image-centos7:
|
|
extends:
|
|
- .image-build
|
|
- .package-artifacts
|
|
- .dist-centos7
|
|
needs:
|
|
- package-centos7-ppc64le
|
|
- package-centos7-x86_64
|
|
|
|
image-centos8:
|
|
extends:
|
|
- .image-build
|
|
- .package-artifacts
|
|
- .dist-centos8
|
|
needs:
|
|
- package-centos8-aarch64
|
|
- package-centos8-x86_64
|
|
- package-centos8-ppc64le
|
|
|
|
image-ubi8:
|
|
extends:
|
|
- .image-build
|
|
- .package-artifacts
|
|
- .dist-ubi8
|
|
needs:
|
|
# Note: The ubi8 image currently uses the centos7 packages
|
|
- package-centos7-ppc64le
|
|
- package-centos7-x86_64
|
|
|
|
image-ubuntu18.04:
|
|
extends:
|
|
- .image-build
|
|
- .package-artifacts
|
|
- .dist-ubuntu18.04
|
|
needs:
|
|
- package-ubuntu18.04-amd64
|
|
- package-ubuntu18.04-arm64
|
|
- package-ubuntu18.04-ppc64le
|
|
|
|
# The DIST=packaging target creates an image containing all built packages
|
|
image-packaging:
|
|
extends:
|
|
- .image-build
|
|
- .package-artifacts
|
|
- .dist-packaging
|
|
needs:
|
|
- package-amazonlinux1-x86_64
|
|
- package-amazonlinux2-aarch64
|
|
- package-amazonlinux2-x86_64
|
|
- package-centos7-ppc64le
|
|
- package-centos7-x86_64
|
|
- package-centos8-aarch64
|
|
- package-centos8-ppc64le
|
|
- package-centos8-x86_64
|
|
- package-debian10-amd64
|
|
- package-debian9-amd64
|
|
- package-opensuse-leap15.1-x86_64
|
|
- package-ubuntu16.04-amd64
|
|
- package-ubuntu16.04-ppc64le
|
|
- package-ubuntu18.04-amd64
|
|
- package-ubuntu18.04-arm64
|
|
- package-ubuntu18.04-ppc64le
|
|
|
|
# Define publish test helpers
|
|
.test:toolkit:
|
|
extends:
|
|
- .integration
|
|
variables:
|
|
TEST_CASES: "toolkit"
|
|
|
|
.test:docker:
|
|
extends:
|
|
- .integration
|
|
variables:
|
|
TEST_CASES: "docker"
|
|
|
|
.test:containerd:
|
|
# TODO: The containerd tests fail due to issues with SIGHUP.
|
|
# Until this is resolved with retry up to twice and allow failure here.
|
|
retry: 2
|
|
allow_failure: true
|
|
extends:
|
|
- .integration
|
|
variables:
|
|
TEST_CASES: "containerd"
|
|
|
|
.test:crio:
|
|
extends:
|
|
- .integration
|
|
variables:
|
|
TEST_CASES: "crio"
|
|
|
|
# Define the test targets
|
|
test-toolkit-ubuntu18.04:
|
|
extends:
|
|
- .test:toolkit
|
|
- .dist-ubuntu18.04
|
|
needs:
|
|
- image-ubuntu18.04
|
|
|
|
test-containerd-ubuntu18.04:
|
|
extends:
|
|
- .test:containerd
|
|
- .dist-ubuntu18.04
|
|
needs:
|
|
- image-ubuntu18.04
|
|
|
|
test-crio-ubuntu18.04:
|
|
extends:
|
|
- .test:crio
|
|
- .dist-ubuntu18.04
|
|
needs:
|
|
- image-ubuntu18.04
|
|
|
|
test-docker-ubuntu18.04:
|
|
extends:
|
|
- .test:docker
|
|
- .dist-ubuntu18.04
|
|
needs:
|
|
- image-ubuntu18.04
|
|
|
|
# build-all jobs build packages for every OS / ARCH combination we support.
|
|
#
|
|
# They are run under two conditions:
|
|
# 1) Automatically whenever a new tag is pushed to the repo (e.g. v1.1.0)
|
|
# 2) Manually by a reviewer just before merging a MR.
|
|
.build-all-for-arch:
|
|
variables:
|
|
# Setting DIST=docker invokes the docker- release targets
|
|
DIST: docker
|
|
extends:
|
|
- .package-build
|
|
stage: build-all
|
|
timeout: 2h 30m
|
|
rules:
|
|
- if: $CI_COMMIT_TAG
|
|
when: always
|
|
|
|
# The full set of build-all jobs organized to
|
|
# have builds for each ARCH run in parallel.
|
|
build-all-amd64:
|
|
extends:
|
|
- .build-all-for-arch
|
|
- .arch-amd64
|
|
|
|
build-all-x86_64:
|
|
extends:
|
|
- .build-all-for-arch
|
|
- .arch-x86_64
|
|
|
|
build-all-ppc64le:
|
|
extends:
|
|
- .build-all-for-arch
|
|
- .arch-ppc64le
|
|
|
|
build-all-arm64:
|
|
extends:
|
|
- .build-all-for-arch
|
|
- .arch-arm64
|
|
|
|
build-all-aarch64:
|
|
extends:
|
|
- .build-all-for-arch
|
|
- .arch-aarch64
|