From cb0641fce7d83762175415aa6b9e2bf137bcdafc Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Sun, 28 Jan 2024 11:52:00 +0100 Subject: [PATCH 1/7] Remove blossom-ci Signed-off-by: Evan Lezar --- .github/workflows/blossom-ci.yml | 113 ------------------------------- .github/workflows/pre-sanity.yml | 22 ------ 2 files changed, 135 deletions(-) delete mode 100644 .github/workflows/blossom-ci.yml delete mode 100644 .github/workflows/pre-sanity.yml diff --git a/.github/workflows/blossom-ci.yml b/.github/workflows/blossom-ci.yml deleted file mode 100644 index a5b37eb4..00000000 --- a/.github/workflows/blossom-ci.yml +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright (c) 2020-2023, NVIDIA CORPORATION. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# A workflow to trigger ci on hybrid infra (github + self hosted runner) -name: Blossom-CI -on: - issue_comment: - types: [created] - workflow_dispatch: - inputs: - platform: - description: 'runs-on argument' - required: false - args: - description: 'argument' - required: false -jobs: - Authorization: - name: Authorization - runs-on: blossom - outputs: - args: ${{ env.args }} - - # This job only runs for pull request comments - if: | - contains( '\ - anstockatnv,\ - rorajani,\ - cdesiniotis,\ - shivamerla,\ - ArangoGutierrez,\ - elezar,\ - klueska,\ - zvonkok,\ - ', format('{0},', github.actor)) && - github.event.comment.body == '/blossom-ci' - steps: - - name: Check if comment is issued by authorized person - run: blossom-ci - env: - OPERATION: 'AUTH' - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} - REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} - - Vulnerability-scan: - name: Vulnerability scan - needs: [Authorization] - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v2 - with: - repository: ${{ fromJson(needs.Authorization.outputs.args).repo }} - ref: ${{ fromJson(needs.Authorization.outputs.args).ref }} - lfs: 'true' - - # repo specific steps - #- name: Setup java - # uses: actions/setup-java@v1 - # with: - # java-version: 1.8 - - # add blackduck properties https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/631308372/Methods+for+Configuring+Analysis#Using-a-configuration-file - #- name: Setup blackduck properties - # run: | - # PROJECTS=$(mvn -am dependency:tree | grep maven-dependency-plugin | awk '{ out="com.nvidia:"$(NF-1);print out }' | grep rapids | xargs | sed -e 's/ /,/g') - # echo detect.maven.build.command="-pl=$PROJECTS -am" >> application.properties - # echo detect.maven.included.scopes=compile >> application.properties - - - name: Run blossom action - uses: NVIDIA/blossom-action@main - env: - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} - REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} - with: - args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }} - args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }} - args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }} - - Job-trigger: - name: Start ci job - needs: [Vulnerability-scan] - runs-on: blossom - steps: - - name: Start ci job - run: blossom-ci - env: - OPERATION: 'START-CI-JOB' - CI_SERVER: ${{ secrets.CI_SERVER }} - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - Upload-Log: - name: Upload log - runs-on: blossom - if : github.event_name == 'workflow_dispatch' - steps: - - name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here) - run: blossom-ci - env: - OPERATION: 'POST-PROCESSING' - CI_SERVER: ${{ secrets.CI_SERVER }} - REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pre-sanity.yml b/.github/workflows/pre-sanity.yml deleted file mode 100644 index 7e2ef582..00000000 --- a/.github/workflows/pre-sanity.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: Run pre sanity - -# run this workflow for each commit -on: [pull_request] - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Build dev image - run: make .build-image - - - name: Build - run: make docker-build - - - name: Tests - run: make docker-coverage - - - name: Checks - run: make docker-check From 36610e2a1bb175247d6480c46d9961a75418ffc4 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Sun, 28 Jan 2024 11:53:40 +0100 Subject: [PATCH 2/7] Add GitHub actions Signed-off-by: Evan Lezar --- .github/workflows/golang.yaml | 56 ++++++++++++++++++++++++++ .github/workflows/image.yaml | 75 +++++++++++++++++++++++++++++++++++ 2 files changed, 131 insertions(+) create mode 100644 .github/workflows/golang.yaml create mode 100644 .github/workflows/image.yaml diff --git a/.github/workflows/golang.yaml b/.github/workflows/golang.yaml new file mode 100644 index 00000000..f29ecfcd --- /dev/null +++ b/.github/workflows/golang.yaml @@ -0,0 +1,56 @@ +# Copyright 2024 NVIDIA CORPORATION +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: Golang + +on: + pull_request: + branches: + - main + - release-* + push: + branches: + - main + - release-* + +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + args: -v --timeout 5m + skip-cache: true + test: + name: Unit test + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: '1.20' + - run: make test + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Build + run: make docker-build diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml new file mode 100644 index 00000000..a8c278f7 --- /dev/null +++ b/.github/workflows/image.yaml @@ -0,0 +1,75 @@ +# Copyright 2024 NVIDIA CORPORATION +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Run this workflow on pull requests +name: image + +on: + pull_request: + types: + - opened + - synchronize + branches: + - main + - release-* + push: + branches: + - main + - release-* + +jobs: + build: + runs-on: ubuntu-latest + strategy: + matrix: + dist: [ubuntu20.04, ubi8] + steps: + - uses: actions/checkout@v4 + name: Check out code + - name: Calculate build vars + id: vars + run: | + echo "COMMIT_SHORT_SHA=${GITHUB_SHA:0:8}" >> $GITHUB_ENV + echo "LOWERCASE_REPO_OWNER=$(echo "${GITHUB_REPOSITORY_OWNER}" | awk '{print tolower($0)}')" >> $GITHUB_ENV + REPO_FULL_NAME="${{ github.event.pull_request.head.repo.full_name }}" + echo "${REPO_FULL_NAME}" + echo "LABEL_IMAGE_SOURCE=https://github.com/${REPO_FULL_NAME}" >> $GITHUB_ENV + + GENERATE_ARTIFACTS="false" + if [[ "${{ github.actor }}" == "dependabot[bot]" ]]; then + GENERATE_ARTIFACTS="false" + elif [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" == "${{ github.repository }}" ]]; then + GENERATE_ARTIFACTS="true" + elif [[ "${{ github.event_name }}" == "push" ]]; then + GENERATE_ARTIFACTS="true" + fi + echo "PUSH_ON_BUILD=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV + echo "BUILD_MULTI_ARCH_IMAGES=${GENERATE_ARTIFACTS}" >> $GITHUB_ENV + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build image + env: + IMAGE_NAME: ghcr.io/${LOWERCASE_REPO_OWNER}/k8s-device-plugin + VERSION: ${COMMIT_SHORT_SHA} + run: | + echo "${VERSION}" + make -f deployments/container/Makefile build-${{ matrix.dist }} From bff6fa783f2ffa0c14dbaa633babb49a71e4cb80 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Sun, 28 Jan 2024 11:58:11 +0100 Subject: [PATCH 3/7] Bump GOLANG_VERSION to v1.20.4 Signed-off-by: Evan Lezar --- docker/Dockerfile.devel | 2 +- versions.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/Dockerfile.devel b/docker/Dockerfile.devel index 18914f97..f1bc01dc 100644 --- a/docker/Dockerfile.devel +++ b/docker/Dockerfile.devel @@ -11,7 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -ARG GOLANG_VERSION=1.20.1 +ARG GOLANG_VERSION=1.20.4 FROM golang:${GOLANG_VERSION} RUN go install golang.org/x/lint/golint@6edffad5e6160f5949cdefc81710b2706fbcd4f6 diff --git a/versions.mk b/versions.mk index f635cf7b..59fe9aa1 100644 --- a/versions.mk +++ b/versions.mk @@ -18,7 +18,7 @@ VERSION ?= v0.5.5 vVERSION := v$(VERSION:v%=%) CUDA_VERSION := 12.2.2 -GOLANG_VERSION := 1.20.1 +GOLANG_VERSION := 1.20.4 NVIDIA_CTK_VERSION := v1.13.4 From 86bb919222538840416dd4192869b46ccbe68988 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Sun, 28 Jan 2024 12:22:58 +0100 Subject: [PATCH 4/7] Switch to CUDA base images Signed-off-by: Evan Lezar --- deployments/gpu-operator/Dockerfile.ubi8 | 34 ++++++++++++++++------ deployments/gpu-operator/Dockerfile.ubuntu | 34 ++++++++++++++++------ 2 files changed, 50 insertions(+), 18 deletions(-) diff --git a/deployments/gpu-operator/Dockerfile.ubi8 b/deployments/gpu-operator/Dockerfile.ubi8 index 6342edab..8ffbeeec 100644 --- a/deployments/gpu-operator/Dockerfile.ubi8 +++ b/deployments/gpu-operator/Dockerfile.ubi8 @@ -12,18 +12,33 @@ # See the License for the specific language governing permissions and # limitations under the License. +ARG CUDA_VERSION=12.2.0 ARG BASE_DIST=ubi8 -ARG CUDA_VERSION -ARG GOLANG_VERSION=x.x.x - -# NOTE: In cases where the libc version is a concern, we would have to use an -# image based on the target OS to build the golang executables here -- especially -# if cgo code is included. -FROM golang:${GOLANG_VERSION} AS build +FROM nvidia/cuda:${CUDA_VERSION}-base-${BASE_DIST} as build SHELL ["/bin/bash", "-c"] -ARG TARGETARCH +RUN yum install -y \ + wget make git gcc \ + && \ + rm -rf /var/cache/yum/* + +ARG GOLANG_VERSION=1.20.4 +RUN set -eux; \ + \ + arch="$(uname -m)"; \ + case "${arch##*-}" in \ + x86_64 | amd64) ARCH='amd64' ;; \ + ppc64el | ppc64le) ARCH='ppc64le' ;; \ + aarch64) ARCH='arm64' ;; \ + *) echo "unsupported architecture" ; exit 1 ;; \ + esac; \ + wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ + | tar -C /usr/local -xz + +ENV GOPATH /go +ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH + WORKDIR /build COPY . . @@ -34,7 +49,8 @@ RUN make PREFIX=/artifacts cmds RUN cp ./deployments/gpu-operator/reconfigure-mig.sh /artifacts/reconfigure-mig.sh -RUN OS_ARCH=${TARGETARCH/x86_64/amd64} && OS_ARCH=${OS_ARCH/aarch64/arm64} && curl -o /artifacts/kubectl -L "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${OS_ARCH}/kubectl"; +ARG TARGETARCH +RUN OS_ARCH=${TARGETARCH/x86_64/amd64} && OS_ARCH=${OS_ARCH/aarch64/arm64} && curl -o /artifacts/kubectl -L "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${OS_ARCH}/kubectl" RUN chmod a+x /artifacts/kubectl # Install the nvidia-ctk binary as a go executable diff --git a/deployments/gpu-operator/Dockerfile.ubuntu b/deployments/gpu-operator/Dockerfile.ubuntu index 07c11d22..d44e9796 100644 --- a/deployments/gpu-operator/Dockerfile.ubuntu +++ b/deployments/gpu-operator/Dockerfile.ubuntu @@ -12,18 +12,33 @@ # See the License for the specific language governing permissions and # limitations under the License. +ARG CUDA_VERSION=12.2.0 ARG BASE_DIST=ubuntu20.04 -ARG CUDA_VERSION -ARG GOLANG_VERSION=x.x.x - -# NOTE: In cases where the libc version is a concern, we would have to use an -# image based on the target OS to build the golang executables here -- especially -# if cgo code is included. -FROM golang:${GOLANG_VERSION} AS build +FROM nvidia/cuda:${CUDA_VERSION}-base-${BASE_DIST} as build SHELL ["/bin/bash", "-c"] -ARG TARGETARCH +RUN apt-get update && \ + apt-get install -y wget make git gcc curl \ + && \ + rm -rf /var/lib/apt/lists/* + +ARG GOLANG_VERSION=1.20.4 +RUN set -eux; \ + \ + arch="$(uname -m)"; \ + case "${arch##*-}" in \ + x86_64 | amd64) ARCH='amd64' ;; \ + ppc64el | ppc64le) ARCH='ppc64le' ;; \ + aarch64) ARCH='arm64' ;; \ + *) echo "unsupported architecture" ; exit 1 ;; \ + esac; \ + wget -nv -O - https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-${ARCH}.tar.gz \ + | tar -C /usr/local -xz + +ENV GOPATH /go +ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH + WORKDIR /build COPY . . @@ -34,7 +49,8 @@ RUN make PREFIX=/artifacts cmds RUN cp ./deployments/gpu-operator/reconfigure-mig.sh /artifacts/reconfigure-mig.sh -RUN OS_ARCH=${TARGETARCH/x86_64/amd64} && OS_ARCH=${OS_ARCH/aarch64/arm64} && curl -o /artifacts/kubectl -L "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${OS_ARCH}/kubectl"; +ARG TARGETARCH +RUN OS_ARCH=${TARGETARCH/x86_64/amd64} && OS_ARCH=${OS_ARCH/aarch64/arm64} && curl -o /artifacts/kubectl -L "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${OS_ARCH}/kubectl" RUN chmod a+x /artifacts/kubectl # Install the nvidia-ctk binary as a go executable From 55c1881f49047abb1991575b5d7bec18acd0c623 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Sun, 28 Jan 2024 12:28:28 +0100 Subject: [PATCH 5/7] Use k8s-test-infra devel image Signed-off-by: Evan Lezar --- Makefile | 32 ++++++-------------------------- docker/Dockerfile.devel | 24 ------------------------ versions.mk | 5 ++++- 3 files changed, 10 insertions(+), 51 deletions(-) delete mode 100644 docker/Dockerfile.devel diff --git a/Makefile b/Makefile index 8d55c579..79beea90 100644 --- a/Makefile +++ b/Makefile @@ -21,9 +21,6 @@ REGISTRY ?= nvidia IMAGE_NAME=$(REGISTRY)/mig-parted endif -BUILDIMAGE_TAG ?= golang$(GOLANG_VERSION) -BUILDIMAGE ?= $(IMAGE_NAME)-build:$(BUILDIMAGE_TAG) - EXAMPLES := $(patsubst ./examples/%/,%,$(sort $(dir $(wildcard ./examples/*/)))) EXAMPLE_TARGETS := $(patsubst %,example-%,$(EXAMPLES)) @@ -106,30 +103,12 @@ coverage: test cat $(COVERAGE_FILE) | grep -v "_mock.go" > $(COVERAGE_FILE).no-mocks go tool cover -func=$(COVERAGE_FILE).no-mocks -# Generate an image for containerized builds -# Note: This image is local only -.PHONY: .build-image .pull-build-image .push-build-image -.build-image: docker/Dockerfile.devel - if [ x"$(SKIP_IMAGE_BUILD)" = x"" ]; then \ - $(DOCKER) build \ - --progress=plain \ - --build-arg GOLANG_VERSION="$(GOLANG_VERSION)" \ - --tag $(BUILDIMAGE) \ - -f $(^) \ - docker; \ - fi - -.pull-build-image: - $(DOCKER) pull $(BUILDIMAGE) - -.push-build-image: - $(DOCKER) push $(BUILDIMAGE) - -$(DOCKER_TARGETS): docker-%: .build-image - @echo "Running 'make $(*)' in docker container $(BUILDIMAGE)" +$(DOCKER_TARGETS): docker-%: + @echo "Running 'make $(*)' in container image $(BUILDIMAGE)" $(DOCKER) run \ --rm \ - -e GOCACHE=/tmp/.cache \ + -e GOCACHE=/tmp/.cache/go \ + -e GOMODCACHE=/tmp/.cache/gomod \ -v $(PWD):/work \ -w /work \ --user $$(id -u):$$(id -g) \ @@ -142,7 +121,8 @@ PHONY: .shell $(DOCKER) run \ --rm \ -ti \ - -e GOCACHE=/tmp/.cache \ + -e GOCACHE=/tmp/.cache/go \ + -e GOMODCACHE=/tmp/.cache/gomod \ -v $(PWD):/work \ -w /work \ --user $$(id -u):$$(id -g) \ diff --git a/docker/Dockerfile.devel b/docker/Dockerfile.devel deleted file mode 100644 index f1bc01dc..00000000 --- a/docker/Dockerfile.devel +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -ARG GOLANG_VERSION=1.20.4 -FROM golang:${GOLANG_VERSION} - -RUN go install golang.org/x/lint/golint@6edffad5e6160f5949cdefc81710b2706fbcd4f6 -RUN go install github.com/matryer/moq@latest -RUN go install github.com/gordonklaus/ineffassign@d2c82e48359b033cde9cf1307f6d5550b8d61321 -RUN go install github.com/client9/misspell/cmd/misspell@latest - -# We need to set the /work directory as a safe directory. -# This allows git commands to run in the container. -RUN git config --file=/.gitconfig --add safe.directory /work diff --git a/versions.mk b/versions.mk index 59fe9aa1..81bb8ae9 100644 --- a/versions.mk +++ b/versions.mk @@ -20,6 +20,9 @@ vVERSION := v$(VERSION:v%=%) CUDA_VERSION := 12.2.2 GOLANG_VERSION := 1.20.4 -NVIDIA_CTK_VERSION := v1.13.4 +BUILDIMAGE_TAG ?= devel-go$(GOLANG_VERSION) +BUILDIMAGE ?= ghcr.io/nvidia/k8s-test-infra:$(BUILDIMAGE_TAG) GIT_COMMIT ?= $(shell git describe --match="" --dirty --long --always --abbrev=40 2> /dev/null || echo "") + +NVIDIA_CTK_VERSION := v1.13.4 From 3b3b7e7724d5a186e82161285c17e2b3027678a5 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Sun, 28 Jan 2024 13:35:38 +0100 Subject: [PATCH 6/7] Fix Makefile path Signed-off-by: Evan Lezar --- .github/workflows/image.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml index a8c278f7..a625c577 100644 --- a/.github/workflows/image.yaml +++ b/.github/workflows/image.yaml @@ -72,4 +72,4 @@ jobs: VERSION: ${COMMIT_SHORT_SHA} run: | echo "${VERSION}" - make -f deployments/container/Makefile build-${{ matrix.dist }} + make -f deployments/gpu-operator/Makefile build-${{ matrix.dist }} From 6f613fee77c68b20f7c9070d0afd531a5e380b67 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Sun, 28 Jan 2024 13:48:25 +0100 Subject: [PATCH 7/7] Skip golangci-lint Signed-off-by: Evan Lezar --- .github/workflows/golang.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/golang.yaml b/.github/workflows/golang.yaml index f29ecfcd..0b28a486 100644 --- a/.github/workflows/golang.yaml +++ b/.github/workflows/golang.yaml @@ -26,6 +26,9 @@ on: jobs: check: + # TODO: Disable golangci-lint until the repo has been onboarded. + # See https://github.com/NVIDIA/mig-parted/issues/34 + if: false runs-on: ubuntu-latest steps: - uses: actions/checkout@v4