Merge pull request #48 from NVIDIA/dependabot/docker/ci/ubuntu-24.04 #1827
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2024 NVIDIA CORPORATION | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| # Run this workflow on pull requests or merge to main/release branches | |
| name: image | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| branches: | |
| - main | |
| - release-* | |
| push: | |
| branches: | |
| - main | |
| - release-* | |
| jobs: | |
| image: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| driver: | |
| - 535.261.03 | |
| - 570.172.08 | |
| - 580.82.07 | |
| dist: | |
| - ubuntu20.04 | |
| - ubuntu22.04 | |
| - ubuntu24.04 | |
| - rhel8 | |
| - rhel9 | |
| ispr: | |
| - ${{github.event_name == 'pull_request'}} | |
| exclude: | |
| - ispr: true | |
| dist: ubuntu20.04 | |
| driver: 535.261.03 | |
| - dist: ubuntu24.04 | |
| driver: 535.261.03 | |
| - dist: ubuntu20.04 | |
| driver: 580.82.07 | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v5 | |
| name: Check out code | |
| - name: Calculate build vars | |
| id: vars | |
| run: | | |
| echo "COMMIT_SHORT_SHA=${GITHUB_SHA:0:8}" >> $GITHUB_ENV | |
| echo "LOWERCASE_REPO_OWNER=$(echo "${GITHUB_REPOSITORY_OWNER}" | awk '{print tolower($0)}')" >> $GITHUB_ENV | |
| REPO_FULL_NAME="${{ github.event.pull_request.head.repo.full_name }}" | |
| echo "${REPO_FULL_NAME}" | |
| echo "LABEL_IMAGE_SOURCE=https://github.com/${REPO_FULL_NAME}" >> $GITHUB_ENV | |
| GENERATE_ARTIFACTS="false" | |
| if [[ "${{ github.actor }}" == "dependabot[bot]" ]]; then | |
| GENERATE_ARTIFACTS="false" | |
| elif [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" == "${{ github.repository }}" ]]; then | |
| GENERATE_ARTIFACTS="true" | |
| elif [[ "${{ github.event_name }}" == "push" ]]; then | |
| GENERATE_ARTIFACTS="true" | |
| fi | |
| echo "PUSH_ON_BUILD=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV | |
| echo "BUILD_MULTI_ARCH_IMAGES=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV | |
| if [[ "${{ matrix.dist }}" =~ "rhel" ]]; then | |
| echo "CVE_UPDATES=libarchive libxml2 pam python3 sqlite-libs" >> $GITHUB_ENV | |
| fi | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v6.2.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build image | |
| env: | |
| IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/driver | |
| VERSION: ${COMMIT_SHORT_SHA} | |
| run: | | |
| DRIVER_VERSIONS=${{ matrix.driver }} make build-${{ matrix.dist }}-${{ matrix.driver }} | |
| pre-compiled: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| driver: | |
| - 535 | |
| - 570 | |
| - 580 | |
| flavor: | |
| - aws | |
| - azure | |
| - generic | |
| - nvidia | |
| - oracle | |
| dist: | |
| - ubuntu22.04 | |
| - ubuntu24.04 | |
| lts_kernel: | |
| - 5.15 | |
| - 6.8 | |
| ispr: | |
| - ${{github.event_name == 'pull_request'}} | |
| exclude: | |
| - ispr: true | |
| flavor: azure | |
| - ispr: true | |
| flavor: aws | |
| - ispr: true | |
| flavor: nvidia | |
| - ispr: true | |
| flavor: oracle | |
| - driver: 535 | |
| dist: ubuntu24.04 | |
| - lts_kernel: 5.15 | |
| dist: ubuntu24.04 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| name: Check out code | |
| - name: Calculate build vars | |
| id: vars | |
| run: | | |
| echo "COMMIT_SHORT_SHA=${GITHUB_SHA:0:8}" >> $GITHUB_ENV | |
| echo "LOWERCASE_REPO_OWNER=$(echo "${GITHUB_REPOSITORY_OWNER}" | awk '{print tolower($0)}')" >> $GITHUB_ENV | |
| REPO_FULL_NAME="${{ github.event.pull_request.head.repo.full_name }}" | |
| echo "${REPO_FULL_NAME}" | |
| echo "LABEL_IMAGE_SOURCE=https://github.com/${REPO_FULL_NAME}" >> $GITHUB_ENV | |
| GENERATE_ARTIFACTS="false" | |
| if [[ "${{ github.actor }}" == "dependabot[bot]" ]]; then | |
| GENERATE_ARTIFACTS="false" | |
| elif [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" == "${{ github.repository }}" ]]; then | |
| GENERATE_ARTIFACTS="true" | |
| elif [[ "${{ github.event_name }}" == "push" ]]; then | |
| GENERATE_ARTIFACTS="true" | |
| fi | |
| echo "PUSH_ON_BUILD=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV | |
| echo "BUILD_MULTI_ARCH_IMAGES=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v6.2.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build base image and get kernel version | |
| env: | |
| IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/driver | |
| VERSION: ${COMMIT_SHORT_SHA} | |
| LTS_KERNEL: ${{ matrix.lts_kernel }} | |
| run: | | |
| if [[ "${{ matrix.dist }}" == "ubuntu22.04" ]]; then | |
| BASE_TARGET="jammy" | |
| elif [[ "${{ matrix.dist }}" == "ubuntu24.04" ]]; then | |
| BASE_TARGET="noble" | |
| fi | |
| make DRIVER_BRANCH=${{ matrix.driver }} KERNEL_FLAVOR=${{ matrix.flavor }} LTS_KERNEL=${LTS_KERNEL} build-base-${BASE_TARGET} | |
| trap "docker rm -f base-${BASE_TARGET}-${{ matrix.flavor }}" EXIT | |
| docker run -d --name base-${BASE_TARGET}-${{ matrix.flavor }} ghcr.io/nvidia/driver:base-${BASE_TARGET}-${LTS_KERNEL}-${{ matrix.flavor }}-${{ matrix.driver }} | |
| # try 3 times every 10 seconds to get the file, if success exit the loop | |
| for i in {1..3}; do | |
| docker cp base-${BASE_TARGET}-${{ matrix.flavor }}:/var/kernel_version.txt kernel_version.txt && break | |
| sleep 10 | |
| done | |
| - name: Build image | |
| env: | |
| IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/driver | |
| VERSION: ${COMMIT_SHORT_SHA} | |
| PRECOMPILED: "true" | |
| DIST: signed_${{ matrix.dist }} | |
| run: | | |
| source kernel_version.txt && \ | |
| make DRIVER_VERSIONS=${DRIVER_VERSIONS} DRIVER_BRANCH=${{ matrix.driver }} build-${DIST}-${DRIVER_VERSION} |