-
Notifications
You must be signed in to change notification settings - Fork 16
125 lines (120 loc) · 4.06 KB
/
build-in-devcontainer.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
on:
workflow_call:
inputs:
sha:
type: string
arch:
type: string
default: '["amd64"]'
cuda:
type: string
default: '["12.0"]'
repo:
type: string
node_type:
type: string
default: "cpu8"
build_command:
type: string
required: true
# Note that this is the _name_ of a secret containing the key, not the key itself.
extra-repo-deploy-key:
required: false
type: string
default: ''
# Note that this is the _name_ of a secret containing the key, not the key itself.
extra-repo-deploy-key-2:
required: false
type: string
default: ''
# the use of secrets in shared-workflows is discouraged, especially for public repositories.
# these values were added for situations where the use of secrets is unavoidable.
secrets:
RAPIDS_AUX_SECRET_1:
required: false
permissions:
actions: read
checks: none
contents: read
deployments: none
discussions: none
id-token: write
issues: none
packages: read
pages: none
pull-requests: read
repository-projects: none
security-events: none
statuses: none
jobs:
build:
strategy:
fail-fast: false
matrix:
arch: ${{ fromJSON(inputs.arch) }}
cuda: ${{ fromJSON(inputs.cuda) }}
pkgr: ["conda", "pip"]
runs-on: "linux-${{ matrix.arch }}-${{ inputs.node_type }}"
steps:
- uses: actions/checkout@v4
env:
GIT_TRACE_PACKET: 1
GIT_TRACE: 1
GIT_CURL_VERBOSE: 1
with:
repository: ${{ inputs.repo }}
ref: ${{ inputs.sha }}
fetch-depth: 0
- name: Check if repo has devcontainer
run: |
echo "REPOSITORY=$(basename $(pwd))" | tee -a "${GITHUB_ENV}";
if test -f .devcontainer/cuda${{ matrix.cuda }}-${{ matrix.pkgr }}/devcontainer.json; then
echo "HAS_DEVCONTAINER=true" >> "${GITHUB_ENV}";
else
echo "HAS_DEVCONTAINER=false" >> "${GITHUB_ENV}";
fi
- if: ${{ env.HAS_DEVCONTAINER == 'true' }}
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ vars.AWS_ROLE_ARN }}
aws-region: ${{ vars.AWS_REGION }}
role-duration-seconds: 43200 # 12h
- if: ${{ env.HAS_DEVCONTAINER == 'true' }}
name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '16'
- if: ${{ env.HAS_DEVCONTAINER == 'true' }}
name: Run build in devcontainer
uses: devcontainers/ci@v0.3
with:
push: never
configFile: .devcontainer/cuda${{ matrix.cuda }}-${{ matrix.pkgr }}/devcontainer.json
env: |
REPOSITORY=${{ env.REPOSITORY }}
SCCACHE_REGION=${{ vars.AWS_REGION }}
AWS_ACCESS_KEY_ID=${{ env.AWS_ACCESS_KEY_ID }}
AWS_SESSION_TOKEN=${{ env.AWS_SESSION_TOKEN }}
AWS_SECRET_ACCESS_KEY=${{ env.AWS_SECRET_ACCESS_KEY }}
RAPIDS_AUX_SECRET_1=${{ secrets.RAPIDS_AUX_SECRET_1 }}
runCmd: |
set -e;
mkdir -p ~/.config/pip/;
cat <<EOF >> ~/.config/pip/pip.conf
[global]
extra-index-url = https://pypi.anaconda.org/rapidsai-wheels-nightly/simple
EOF
rapids-make-${PYTHON_PACKAGE_MANAGER}-env;
if test -n '${{ inputs.extra-repo-deploy-key }}' \
|| test -n '${{ inputs.extra-repo-deploy-key-2 }}'; then
if ! pgrep ssh-agent >/dev/null 2>&1; then eval "$(ssh-agent -s)"; fi;
if test -n '${{ inputs.extra-repo-deploy-key }}'; then
ssh-add - <<< '${{ secrets[inputs.extra-repo-deploy-key] }}';
fi
if test -n '${{ inputs.extra-repo-deploy-key-2 }}'; then
ssh-add - <<< '${{ secrets[inputs.extra-repo-deploy-key-2] }}';
fi
devcontainer-utils-init-ssh-deploy-keys || true;
fi
cd ~/"${REPOSITORY}";
${{ inputs.build_command }}