only pass hf tokens #88

Workflow file for this run

.github/workflows/build-vector-serve.yml at 81d78ed

	name: Build and deploy embedding server

	on:
	push:
	branches:
	- main
	paths:
	- ".github/workflows/build-vector-serve.yml"
	- "vector-serve/**"

	pull_request:
	branches:
	- main
	paths:
	- ".github/workflows/build-vector-serve.yml"
	- "vector-serve/**"

	permissions:
	id-token: write
	contents: read

	defaults:
	run:
	shell: bash

	jobs:
	tests:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: 3.12.7
	- name: Setup
	working-directory: ./vector-serve/
	run: make setup
	- name: Init Model Cache
	working-directory: ./vector-serve/
	run: make download.models
	- name: Lints
	working-directory: ./vector-serve/
	run: make check
	- name: Tests
	working-directory: ./vector-serve/
	run: make test

	build_and_push_amd64:
	name: Build and push AMD64 images
	runs-on:
	- self-hosted
	- dind
	- large-8x8
	outputs:
	short_sha: ${{ steps.versions.outputs.SHORT_SHA }}
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set version strings
	id: versions
	run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to Quay
	uses: docker/login-action@v2
	with:
	registry: quay.io/tembo
	username: ${{ secrets.QUAY_USER_TEMBO }}
	password: ${{ secrets.QUAY_PASSWORD_TEMBO }}

	- name: Build and push -- Commit
	run: \|
	docker build \
	-f ./vector-serve/Dockerfile \
	-t quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}-amd64 .
	docker push quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}-amd64

	- name: Build and push -- Release
	if: github.ref == 'refs/heads/main'
	run: \|
	docker build \
	-f ./vector-serve/Dockerfile \
	-t quay.io/tembo/vector-serve:latest-amd64 .
	docker push quay.io/tembo/vector-serve:latest-amd64

	- name: ECR Build and push -- Commit
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.GHA_IAM_ROLE }}
	role-session-name: images-gha-docker-build-and-push
	aws-region: ${{ secrets.AWS_REGION }}

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	- name: Build and push
	uses: docker/build-push-action@v6
	with:
	file: ./vector-serve/Dockerfile
	context: ./
	platforms: linux/amd64
	push: true
	tags: \|
	${{ secrets.ECR_REGISTRY }}/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}
	cache-from: type=local,src=/tmp/.buildx-cache
	cache-to: type=local,dest=/tmp/.buildx-cache
	provenance: false

	build_and_push_arm64:
	name: Build and push ARM64 images
	runs-on:
	- arm64-4x16
	outputs:
	short_sha: ${{ steps.versions.outputs.SHORT_SHA }}
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set version strings
	id: versions
	run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to Quay
	uses: docker/login-action@v2
	with:
	registry: quay.io/tembo
	username: ${{ secrets.QUAY_USER_TEMBO }}
	password: ${{ secrets.QUAY_PASSWORD_TEMBO }}

	- name: Build and push -- Commit
	run: \|
	docker build \
	-f ./vector-serve/Dockerfile \
	--platform linux/arm64 \
	-t quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}-arm64 .
	docker push quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}-arm64

	- name: Build and push -- Release
	if: github.ref == 'refs/heads/main'
	run: \|
	docker build \
	-f ./vector-serve/Dockerfile \
	--platform linux/arm64 \
	-t quay.io/tembo/vector-serve:latest-arm64 .
	docker push quay.io/tembo/vector-serve:latest-arm64

	create_manifest:
	name: Create and Push Manifest

	runs-on: ubuntu-latest
	needs: [build_and_push_arm64, build_and_push_amd64]
	outputs:
	short_sha: ${{ steps.versions.outputs.SHORT_SHA }}

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Login to Quay
	uses: docker/login-action@v2
	with:
	registry: quay.io/tembo
	username: ${{ secrets.QUAY_USER_TEMBO }}
	password: ${{ secrets.QUAY_PASSWORD_TEMBO }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Set version string
	id: versions
	run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

	- name: Create and push Docker manifest -- Commit
	run: \|
	docker manifest create \
	quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }} \
	quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}-arm64 \
	quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}-amd64

	docker manifest annotate quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }} quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}-amd64 --arch amd64 --os linux
	docker manifest push quay.io/tembo/vector-serve:${{ steps.versions.outputs.SHORT_SHA }}

	- name: Create and push Docker manifest -- latest (main)
	# only push latest off main
	if: github.ref == 'refs/heads/main'
	run: \|
	docker manifest create \
	quay.io/tembo/vector-serve:latest \
	quay.io/tembo/vector-serve:latest-arm64 \
	quay.io/tembo/vector-serve:latest-amd64

	docker manifest annotate quay.io/tembo/vector-serve:latest quay.io/tembo/vector-serve:latest-arm64 --arch arm64 --os linux
	docker manifest annotate quay.io/tembo/vector-serve:latest quay.io/tembo/vector-serve:latest-amd64 --arch amd64 --os linux
	docker manifest push quay.io/tembo/vector-serve:latest

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

only pass hf tokens #88

Workflow file

only pass hf tokens #88

Jobs

Run details

Workflow file for this run