[no-relnote] COnfigure all GitHub actions as reusable workflow

Signed-off-by: Carlos Eduardo Arango Gutierrez <[email protected]>
NVIDIA · Feb 11, 2025 · 63ef912 · 63ef912
1 parent fa1379c
commit 63ef912
Show file tree

Hide file tree

Showing 5 changed files with 101 additions and 49 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -0,0 +1,70 @@
+# Copyright 2025 NVIDIA CORPORATION
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: CI Pipeline
+
+on:
+  push:
+    branches:
+      - "pull-request/[0-9]+"
+      - main
+      - release-*
+
+jobs:
+  code-scanning:
+    uses: ./.github/workflows/code_scanning.yaml
+
+  prepare-variables:
+    needs: code-scanning
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+      build_multi_arch_images: ${{ steps.build_multi_arch_images.outputs.value }}
+    steps:
+      - name: Generate Commit Short SHA
+        id: version
+        run: echo "version=$(echo $GITHUB_SHA | cut -c1-8)" >> "$GITHUB_OUTPUT"
+
+      - name: Convert Repository Owner to Lowercase
+        id: lowercase_repo_owner
+        run: echo "lowercase_repo_owner=$(echo "${GITHUB_REPOSITORY_OWNER}" | awk '{print tolower($0)}')" >> $GITHUB_OUTPUT
+
+      - name: Determine Multi-Arch Build Setting
+        id: build_multi_arch_images
+        run: |
+          if [[ "${{ github.ref_name != 'main' && !startsWith(github.ref_name, 'release-') }}" == "true" ]]; then
+            echo "build_multi_arch_images=false" >> $GITHUB_OUTPUT
+          else
+            echo "build_multi_arch_images=true" >> $GITHUB_OUTPUT
+          fi
+
+  golang:
+    needs: code-scanning
+    uses: ./.github/workflows/golang.yaml
+
+  image:
+    uses: ./.github/workflows/image.yaml
+    needs: prepare-variables
+    secrets: inherit
+    with:
+      version: ${{ needs.prepare-variables.outputs.version }}
+      build_multi_arch_images: ${{ needs.prepare-variables.outputs.build_multi_arch_images }}
+      push_on_build: "true"
+
+  e2e-test:
+    needs: image
+    secrets: inherit
+    uses: ./.github/workflows/e2e.yaml
+    with:
+      version: ${{ needs.prepare-variables.outputs.version }}
diff --git a/.github/workflows/code_scanning.yaml b/.github/workflows/code_scanning.yaml
@@ -15,17 +15,7 @@
 name: "CodeQL"
 
 on:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-    branches:
-      - main
-      - release-*
-  push:
-    branches:
-      - main
-      - release-*
+  workflow_call:
 
 jobs:
   analyze:

diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -16,7 +16,10 @@ name: End-to-end Tests
 
 on:
   workflow_call:
-    inputs: {}
+    inputs:
+      version:
+        required: true
+        type: string
     secrets:
       AWS_ACCESS_KEY_ID:
         required: true
@@ -67,8 +70,8 @@ jobs:
 
       - name: Run e2e tests
         env:
-          IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/container-toolkit
-          VERSION: ${COMMIT_SHORT_SHA}
+          IMAGE_NAME: ghcr.io/nvidia/container-toolkit
+          VERSION: ${{ steps.vars.outputs.version }}
           SSH_KEY: ${{ secrets.AWS_SSH_KEY }}
           E2E_SSH_USER: ${{ secrets.E2E_SSH_USER }}
           E2E_SSH_HOST: ${{ steps.holodeck_public_dns_name.outputs.result }}

diff --git a/.github/workflows/golang.yaml b/.github/workflows/golang.yaml
@@ -15,17 +15,7 @@
 name: Golang
 
 on:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-    branches:
-      - main
-      - release-*
-  push:
-    branches:
-      - main
-      - release-*
+  workflow_call:
 
 jobs:
   check:

diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml
@@ -16,11 +16,17 @@
 name: image
 
 on:
-  push:
-    branches:
-      - "pull-request/[0-9]+"
-      - main
-      - release-*
+  workflow_call:
+    inputs:
+      version:
+        required: true
+        type: string
+      build_multi_arch_images:
+        required: true
+        type: string
+      push_on_build:
+        required: true
+        type: string
 
 jobs:
   packages:
@@ -46,20 +52,25 @@ jobs:
           - ispr: true
             target: centos8-ppc64le
       fail-fast: false
+
     steps:
       - uses: actions/checkout@v4
         name: Check out code
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
         with:
           image: tonistiigi/binfmt:master
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
+
       - name: build ${{ matrix.target }} packages
         run: |
           sudo apt-get install -y coreutils build-essential sed git bash make
           echo "Building packages"
           ./scripts/build-packages.sh ${{ matrix.target }}
+
       - name: 'Upload Artifacts'
         uses: actions/upload-artifact@v4
         with:
@@ -84,24 +95,15 @@ jobs:
     steps:
       - uses: actions/checkout@v4
         name: Check out code
-      - name: Calculate build vars
-        id: vars
-        run: |
-          echo "COMMIT_SHORT_SHA=${GITHUB_SHA:0:8}" >> $GITHUB_ENV
-          echo "LOWERCASE_REPO_OWNER=$(echo "${GITHUB_REPOSITORY_OWNER}" | awk '{print tolower($0)}')" >> $GITHUB_ENV
 
-          BUILD_MULTI_ARCH_IMAGES="true"
-          if [[ "${{ matrix.ispr }}" == "true" ]]; then
-            BUILD_MULTI_ARCH_IMAGES="false"
-          fi
-          echo "PUSH_ON_BUILD=true" >> $GITHUB_ENV
-          echo "BUILD_MULTI_ARCH_IMAGES=${BUILD_MULTI_ARCH_IMAGES}" >> $GITHUB_ENV
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
         with:
           image: tonistiigi/binfmt:master
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
+
       - name: Get built packages
         uses: actions/download-artifact@v4
         with:
@@ -115,16 +117,13 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Build image
         env:
-          IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/container-toolkit
-          VERSION: ${COMMIT_SHORT_SHA}
+          IMAGE_NAME: ghcr.io/nvidia/container-toolkit
+          VERSION: ${{ inputs.version }}
+          PUSH_ON_BUILD: ${{ inputs.push_on_build }}
+          BUILD_MULTI_ARCH_IMAGES: ${{ inputs.build_multi_arch_images }}
         run: |
           echo "${VERSION}"
           make -f deployments/container/Makefile build-${{ matrix.dist }}
-
-  test:
-    name: End-to-end Tests
-    uses: ./.github/workflows/e2e.yaml
-    secrets: inherit
-    needs: image