Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sign #175

Closed
wants to merge 21 commits into from
Closed

Sign #175

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
e9bae24
-
andreea-popescu-reef Jul 16, 2024
34f4577
mock
andreea-popescu-reef Jul 16, 2024
3fc0380
handle docker compose dct
andreea-popescu-reef Aug 14, 2024
e957094
load delegate key
andreea-popescu-reef Aug 14, 2024
ef84805
i lost my keys
andreea-popescu-reef Aug 14, 2024
32f5fb3
replace watchtower pull with dct pull service
andreea-popescu-reef Aug 22, 2024
8ce9dd2
revert mocks
andreea-popescu-reef Aug 22, 2024
42ce20c
script to publish dct pull image
andreea-popescu-reef Aug 23, 2024
dc7c790
Update scripts/dct_pull/dct_pull.sh
andreea-popescu-reef Aug 23, 2024
d760a24
cleanup
andreea-popescu-reef Aug 23, 2024
1f69f4c
Updated cuda-keyring pkg version - previous one was missing
kkowalski-reef Sep 18, 2024
0d7361a
make mkdir idempotent with "-p"
kkowalski-reef Sep 18, 2024
97e9d76
verify signatures of runner & watchtower images
kkowalski-reef Sep 18, 2024
8683d49
Added README to dct_pull script
kkowalski-reef Sep 19, 2024
a955367
Don't sign E2E images
kkowalski-reef Sep 19, 2024
8068454
Merge branch 'master' into sign
kkowalski-reef Sep 19, 2024
a2d2ada
Enable DCT for staging images; extract DCT key install action
kkowalski-reef Sep 20, 2024
7c5ce72
Reverted miner build script
kkowalski-reef Sep 20, 2024
fe02664
Cleanup yml
kkowalski-reef Sep 20, 2024
0f9feef
move dct_pull to root
kkowalski-reef Sep 20, 2024
2416ca0
add dct_pull workflows
kkowalski-reef Sep 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .github/actions/install-dct-key/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
name: Install DCT Key
description: Installs a key file to use with DCT into the local DCT store.

inputs:
key-id:
description: 'The ID of the key'
required: true
key-content:
description: 'The content of the key'
required: true

runs:
using: "composite"
steps:
- name: Install DCT key
shell: bash
run: |
DELEGATION_KEY_FILE="$HOME/.docker/trust/private/${{ inputs.key-id }}.key"
mkdir -p $(dirname "$DELEGATION_KEY_FILE")
touch "$DELEGATION_KEY_FILE"
chmod 600 "$DELEGATION_KEY_FILE"
echo "${{ inputs.key-content }}" > "$DELEGATION_KEY_FILE"
61 changes: 61 additions & 0 deletions .github/workflows/dct_pull_cd_preprod.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
name: "CD: dct_pull (pre-prod)"

on:
push:
branches:
- 'deploy-dct-pull-preprod'

env:
TAG_VERSION: "v0-preprod"
STAGING_DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-executor-staging"
DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-executor"
DIST_VERSION_PREFIX: "executor-preprod"
DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKERHUB_DELEGATED_KEY_PASS }}

jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Install DCT key
uses: ./.github/actions/install-dct-key
with:
key-id: "${{ secrets.DOCKERHUB_DELEGATED_KEY_ID }}"
key-content: "${{ secrets.DOCKERHUB_DELEGATED_KEY }}"

- name: Promote image
run: |
IMAGE_NAME="${DOCKER_REPO_NAME}:${TAG_VERSION}"
SHA_IMAGE_NAME="${STAGING_DOCKER_REPO_NAME}:git-${GITHUB_SHA}"

docker pull "${SHA_IMAGE_NAME}"
docker image tag "${SHA_IMAGE_NAME}" "${IMAGE_NAME}"

echo "${{ secrets.DOCKERHUB_KEY }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

docker push "${IMAGE_NAME}"

- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT

- name: Set Dist Version
run: |
BUILD_NUMBER="${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"
echo "DIST_VERSION=${DIST_VERSION_PREFIX}-${{ steps.date.outputs.date }}-${BUILD_NUMBER}" >> $GITHUB_ENV

- name: Create Tag
uses: actions/github-script@v6
with:
script: |
const {DIST_VERSION} = process.env
github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: `refs/tags/${DIST_VERSION}`,
sha: context.sha
})
61 changes: 61 additions & 0 deletions .github/workflows/dct_pull_cd_prod.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
name: "CD: dct_pull (prod)"

on:
push:
branches:
- 'deploy-dct-pull-prod'

env:
TAG_VERSION: "v0-latest"
STAGING_DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-dct-pull-staging"
DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-dct-pull"
DIST_VERSION_PREFIX: "dct-pull-prod"
DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKERHUB_DELEGATED_KEY_PASS }}

jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Install DCT key
uses: ./.github/actions/install-dct-key
with:
key-id: "${{ secrets.DOCKERHUB_DELEGATED_KEY_ID }}"
key-content: "${{ secrets.DOCKERHUB_DELEGATED_KEY }}"

- name: Promote image
run: |
IMAGE_NAME="${DOCKER_REPO_NAME}:${TAG_VERSION}"
SHA_IMAGE_NAME="${STAGING_DOCKER_REPO_NAME}:git-${GITHUB_SHA}"

docker pull "${SHA_IMAGE_NAME}"
docker image tag "${SHA_IMAGE_NAME}" "${IMAGE_NAME}"

echo "${{ secrets.DOCKERHUB_KEY }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

docker push "${IMAGE_NAME}"

- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT

- name: Set Dist Version
run: |
BUILD_NUMBER="${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"
echo "DIST_VERSION=${DIST_VERSION_PREFIX}-${{ steps.date.outputs.date }}-${BUILD_NUMBER}" >> $GITHUB_ENV

- name: Create Tag
uses: actions/github-script@v6
with:
script: |
const {DIST_VERSION} = process.env
github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: `refs/tags/${DIST_VERSION}`,
sha: context.sha
})
63 changes: 63 additions & 0 deletions .github/workflows/dct_pull_cd_staging.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
name: "CD: dct_pull (staging)"

on:
push:
branches:
- 'deploy-dct-pull-staging'

env:
TAG_VERSION: "v0-latest"
BUILD_DIRECTORY: "dct_pull"
DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-dct-pull-staging"
DIST_VERSION_PREFIX: "dct-pull-staging"
DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKERHUB_DELEGATED_KEY_PASS }}

jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Install DCT key
uses: ./.github/actions/install-dct-key
with:
key-id: "${{ secrets.DOCKERHUB_DELEGATED_KEY_ID }}"
key-content: "${{ secrets.DOCKERHUB_DELEGATED_KEY }}"

- name: Docker build, sign and push
run: |
IMAGE_NAME="${DOCKER_REPO_NAME}:${TAG_VERSION}"
SHA_IMAGE_NAME="${DOCKER_REPO_NAME}:git-${GITHUB_SHA}"

cd "${BUILD_DIRECTORY}" && docker build --build-context compute-horde=../compute_horde -t "${IMAGE_NAME}" -f app/envs/prod/Dockerfile .

docker image tag "${IMAGE_NAME}" "${SHA_IMAGE_NAME}"

echo "${{ secrets.DOCKERHUB_KEY }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

docker push "${IMAGE_NAME}"
docker push "${SHA_IMAGE_NAME}"

- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT

- name: Set Dist Version
run: |
BUILD_NUMBER="${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"
echo "DIST_VERSION=${DIST_VERSION_PREFIX}-${{ steps.date.outputs.date }}-${BUILD_NUMBER}" >> $GITHUB_ENV

- name: Create Tag
uses: actions/github-script@v6
with:
script: |
const {DIST_VERSION} = process.env
github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: `refs/tags/${DIST_VERSION}`,
sha: context.sha
})
14 changes: 13 additions & 1 deletion .github/workflows/executor_cd_preprod.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ env:
STAGING_DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-executor-staging"
DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-executor"
DIST_VERSION_PREFIX: "executor-preprod"
DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKERHUB_DELEGATED_KEY_PASS }}

jobs:
deploy:
Expand All @@ -18,7 +20,14 @@ jobs:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Docker build and push

- name: Install DCT key
uses: ./.github/actions/install-dct-key
with:
key-id: "${{ secrets.DOCKERHUB_DELEGATED_KEY_ID }}"
key-content: "${{ secrets.DOCKERHUB_DELEGATED_KEY }}"

- name: Promote image
run: |
IMAGE_NAME="${DOCKER_REPO_NAME}:${TAG_VERSION}"
SHA_IMAGE_NAME="${STAGING_DOCKER_REPO_NAME}:git-${GITHUB_SHA}"
Expand All @@ -29,13 +38,16 @@ jobs:
echo "${{ secrets.DOCKERHUB_KEY }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

docker push "${IMAGE_NAME}"

- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT

- name: Set Dist Version
run: |
BUILD_NUMBER="${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"
echo "DIST_VERSION=${DIST_VERSION_PREFIX}-${{ steps.date.outputs.date }}-${BUILD_NUMBER}" >> $GITHUB_ENV

- name: Create Tag
uses: actions/github-script@v6
with:
Expand Down
14 changes: 13 additions & 1 deletion .github/workflows/executor_cd_prod.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ env:
STAGING_DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-executor-staging"
DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-executor"
DIST_VERSION_PREFIX: "executor-prod"
DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKERHUB_DELEGATED_KEY_PASS }}

jobs:
deploy:
Expand All @@ -18,7 +20,14 @@ jobs:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Docker build and push

- name: Install DCT key
uses: ./.github/actions/install-dct-key
with:
key-id: "${{ secrets.DOCKERHUB_DELEGATED_KEY_ID }}"
key-content: "${{ secrets.DOCKERHUB_DELEGATED_KEY }}"

- name: Promote image
run: |
IMAGE_NAME="${DOCKER_REPO_NAME}:${TAG_VERSION}"
SHA_IMAGE_NAME="${STAGING_DOCKER_REPO_NAME}:git-${GITHUB_SHA}"
Expand All @@ -29,13 +38,16 @@ jobs:
echo "${{ secrets.DOCKERHUB_KEY }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

docker push "${IMAGE_NAME}"

- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT

- name: Set Dist Version
run: |
BUILD_NUMBER="${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"
echo "DIST_VERSION=${DIST_VERSION_PREFIX}-${{ steps.date.outputs.date }}-${BUILD_NUMBER}" >> $GITHUB_ENV

- name: Create Tag
uses: actions/github-script@v6
with:
Expand Down
14 changes: 13 additions & 1 deletion .github/workflows/executor_cd_staging.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ env:
TAG_VERSION: "v0-latest"
DOCKER_REPO_NAME: "backenddevelopersltd/compute-horde-executor-staging"
DIST_VERSION_PREFIX: "executor-staging"
DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKERHUB_DELEGATED_KEY_PASS }}

jobs:
deploy:
Expand All @@ -18,7 +20,14 @@ jobs:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Docker build and push

- name: Install DCT key
uses: ./.github/actions/install-dct-key
with:
key-id: "${{ secrets.DOCKERHUB_DELEGATED_KEY_ID }}"
key-content: "${{ secrets.DOCKERHUB_DELEGATED_KEY }}"

- name: Docker build, sign and push
run: |
IMAGE_NAME="${DOCKER_REPO_NAME}:${TAG_VERSION}"
SHA_IMAGE_NAME="${DOCKER_REPO_NAME}:git-${GITHUB_SHA}"
Expand All @@ -31,13 +40,16 @@ jobs:

docker push "${IMAGE_NAME}"
docker push "${SHA_IMAGE_NAME}"

- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT

- name: Set Dist Version
run: |
BUILD_NUMBER="${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"
echo "DIST_VERSION=${DIST_VERSION_PREFIX}-${{ steps.date.outputs.date }}-${BUILD_NUMBER}" >> $GITHUB_ENV

- name: Create Tag
uses: actions/github-script@v6
with:
Expand Down
Loading
Loading