# Copyright 2022 The TensorFlow Authors. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ============================================================================== name: Build SIG Build containers as presubmits on: pull_request: types: [labeled, opened, synchronize, reopened] paths: - '.github/workflows/sigbuild-docker-presubmit.yml' - 'tensorflow/tools/tf_sig_build_dockerfiles/**' - '!tensorflow/tools/tf_sig_build_dockerfiles/README.md' permissions: contents: read jobs: docker: if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks runs-on: ubuntu-latest strategy: matrix: python-version: [python3.9, python3.10, python3.11, python3.12] permissions: contents: read pull-requests: write steps: - name: Delete unnecessary tools folder run: | df -h rm -rf /opt/hostedtoolcache df -h - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Login to GCR if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging') uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: gcr.io username: _json_key password: ${{ secrets.GCP_CREDS }} - name: Login to AR # Once this is verified, change the label's name. For now, we will piggyback on gcr.io actions. if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging') uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: us-central1-docker.pkg.dev username: _json_key password: ${{ secrets.GCP_CREDS }} - name: Grab the date to do cache busting (assumes same day OK to keep) run: | echo "DATE=$(date +'%Y-%m-%d')" >> "$GITHUB_OUTPUT" id: date - name: Build containers, and push to GCR only if the 'build and push to gcr.io for staging' label is applied id: docker_build uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: push: ${{ contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging') }} context: ./tensorflow/tools/tf_sig_build_dockerfiles target: devel build-args: | PYTHON_VERSION=${{ matrix.python-version }} CACHEBUSTER=${{ steps.date.outputs.DATE }} tags: | gcr.io/tensorflow-sigs/build:${{ github.event.number }}-${{ matrix.python-version }} us-central1-docker.pkg.dev/tensorflow-sigs/tensorflow/build:${{ github.event.number }}-${{ matrix.python-version }} cache-from: | type=registry,ref=tensorflow/build:latest-${{ matrix.python-version }} type=registry,ref=gcr.io/tensorflow-sigs/build:${{ github.event.number }}-${{ matrix.python-version }} cache-to: type=inline - name: Add a comment with the pushed containers uses: mshick/add-pr-comment@dd126dd8c253650d181ad9538d8b4fa218fc31e8 # v2 if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging') with: repo-token: ${{ secrets.GITHUB_TOKEN }} message: | I pushed these containers: - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.12` - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.11` - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.10` - `gcr.io/tensorflow-sigs/build:${{ github.event.number }}-python3.9` Re-apply the `build and push to gcr.io for staging` label to rebuild and push again. This comment will only be posted once. - name: Print image digest run: echo ${{ steps.docker_build.outputs.digest }}