From 5f2df05a17f88c120e34e934d997bfc7cd538131 Mon Sep 17 00:00:00 2001 From: Riley Dixon Date: Mon, 10 Nov 2025 19:15:57 -0700 Subject: [PATCH 1/7] CI: Conditionally build the CI image. If the Dockerfile's have been changed, we need to rebuild the CI image. Else, we can skip this step and just re-use the latest image in-sync with main. Currently there is a workaround regarding how we pass the new CI image name should it need to be built. This is a limitation with how GitHub handles matrix job's with outputs. Because our image tag is based on a constant, the jobs within the matrix will all provide the same value at least. Ideally we would provide the full image name and tag. We can look at refactoring the workflow to avoid this situation. If a new image needs to be built, it will also attempt to push this image to the docker registry. This means any changes to the Dockerfile will require a PR to be opened directly in hipFile instead of a fork. Given that the Dockerfile is expected to rarely change, this should be an acceptable trade-off. --- .github/workflows/ais_ci.yml | 63 ++++++++++++++++++++++ .github/workflows/build_ais.yml | 53 +++--------------- .github/workflows/build_ais_ci_image.yml | 69 ++++++++++++++++++++++++ util/files-changed.sh | 32 +++++++++++ 4 files changed, 172 insertions(+), 45 deletions(-) create mode 100644 .github/workflows/build_ais_ci_image.yml create mode 100755 util/files-changed.sh diff --git a/.github/workflows/ais_ci.yml b/.github/workflows/ais_ci.yml index 77e854d4..9536340f 100644 --- a/.github/workflows/ais_ci.yml +++ b/.github/workflows/ais_ci.yml @@ -6,11 +6,57 @@ on: paths-ignore: - '**.md' - '.github/CODEOWNERS' +permissions: + contents: read + packages: read concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: + AIS_CI_Pre-check: + outputs: + changed_dockerfile: ${{ steps.ci-flags.outputs.changed_dockerfile }} + runs-on: [ubuntu-24.04] + steps: + - name: Fetching code repository... + uses: actions/checkout@v5 + - name: Git fetch base ref + run: git fetch origin ${{ github.base_ref }} + - name: Set CI Flags + id: ci-flags + run: | + echo "changed_dockerfile=$(./util/files-changed.sh origin/${{ github.base_ref }} HEAD 'util/docker/DOCKERFILE.*')" >> ${GITHUB_OUTPUT} + build_AIS_CI_image: + if: ${{ needs.AIS_CI_Pre-check.outputs.changed_dockerfile == '1' }} + needs: AIS_CI_Pre-check + strategy: + fail-fast: false + matrix: + supported_platforms: + - rocky + - suse + - ubuntu + permissions: + contents: read + packages: write + uses: ./.github/workflows/build_ais_ci_image.yml + with: + platform: ${{ matrix.supported_platforms }} AIS_CI: + # Run after build_AIS_CI_image but only if build_AIS_CI_image passed or was skipped. + # always() check needed otherwise success() implicitly added. + if: >- + ${{ + always() && + ( + needs.build_AIS_CI_image.result == 'skipped' || + ( + needs['AIS_CI_Pre-check'].outputs.changed_dockerfile == '1' && + needs.build_AIS_CI_image.result == 'success' + ) + ) + }} + needs: [AIS_CI_Pre-check, build_AIS_CI_image] strategy: fail-fast: false matrix: @@ -20,4 +66,21 @@ jobs: - suse uses: ./.github/workflows/build_ais.yml with: + # Use the new CI image if it was built. Otherwise, use the default image. + # Note: The image tag is being used instead of the full image:tag name + # due to a limitation in GitHub for providing outputs from + # jobs run within a matrix. The image tag used here is constant + # across platforms, so it at least works for this situation. + ci_image: >- + ${{ + format( + 'ghcr.io/rocm/hipfile/ais_ci_{0}:{1}', + matrix.supported_platforms, + ( + needs.AIS_CI_Pre-check.outputs.changed_dockerfile == '1' && + needs.build_AIS_CI_image.outputs.image_tag || + 'latest' + ) + ) + }} platform: ${{matrix.supported_platforms}} diff --git a/.github/workflows/build_ais.yml b/.github/workflows/build_ais.yml index 9362e579..80f2ffb2 100644 --- a/.github/workflows/build_ais.yml +++ b/.github/workflows/build_ais.yml @@ -8,53 +8,18 @@ env: on: workflow_call: inputs: + ci_image: + required: true + type: string platform: required: true type: string permissions: contents: read - packages: write + packages: read jobs: - build_AIS_image: - runs-on: [ubuntu-24.04] - container: docker:28.5 - steps: - - name: Set AIS CI image environment variables - run: | - echo "AIS_CI_DEV_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}_dev:$(echo ${{ github.ref }} \ - | sed 's|[^a-zA-Z0-9]|-|g')" >> "$GITHUB_ENV" - echo "AIS_CI_LATEST_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}:latest" >> "$GITHUB_ENV" - echo "AIS_PR_NUMBER=$(echo ${{ github.ref }} | sed 's|[^0-9]||g')" >> "$GITHUB_ENV" - - name: Fetching code repository... - uses: actions/checkout@v5 - - name: Authenticating to GitHub Container Registry. - uses: docker/login-action@v3.6.0 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Setup Docker Builder - uses: docker/setup-buildx-action@v3.11.1 - with: - name: ais-builder - driver: docker-container - cache-binary: false # True uses the GHA Cache Backend. - - name: Build base image for AIS CI - run: | - docker buildx build \ - -f ${GITHUB_WORKSPACE}/util/docker/DOCKERFILE.${{ env.AIS_CI_IMAGE_NAME }} \ - --label "org.opencontainers.image.description= \ - ${{ env.AIS_CI_IMAGE_NAME }} Development Image for AIS CI using branch \ - ${{ github.head_ref }} for PR #${AIS_PR_NUMBER}. \ - PR URL: ${{ env.AIS_PR_BASE_URL }}/${AIS_PR_NUMBER}" \ - --cache-to=type=registry,ref="${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}_dev:cache" \ - --cache-from=type=registry,ref="${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}_dev:cache" \ - --push \ - -t ${AIS_CI_DEV_IMAGE} \ - ${GITHUB_WORKSPACE} compile_on_AMD: runs-on: [ubuntu-24.04] - needs: build_AIS_image steps: - name: Get PR number and store it as a environment variable run: echo "AIS_PR_NUMBER=$(echo ${{ github.ref }} | sed 's|[^0-9]||g')" >> "$GITHUB_ENV" @@ -83,7 +48,7 @@ jobs: -v ${GITHUB_WORKSPACE}:/mnt/ais:ro \ -v ${{ env.AIS_MOUNT_PATH }}:/mnt/ais-fs \ --name ${AIS_CONTAINER_NAME} \ - ${AIS_CI_DEV_IMAGE} + ${{ inputs.ci_image }} - name: Make copy of the code repository and create build directories # Single quotes necessary to ensure string/command substitutions happen # in the container and not on the host. @@ -158,7 +123,6 @@ jobs: docker stop ${AIS_CONTAINER_NAME} compile_on_AMD_other: runs-on: [ubuntu-24.04] - needs: build_AIS_image strategy: fail-fast: false matrix: @@ -190,7 +154,7 @@ jobs: -v ${GITHUB_WORKSPACE}:/mnt/ais:ro \ -v ${{ env.AIS_MOUNT_PATH }}:/mnt/ais-fs \ --name ${AIS_CONTAINER_NAME} \ - ${AIS_CI_DEV_IMAGE} + ${{ inputs.ci_image }} - name: Make copy of the code repository and create build directories run: | docker exec \ @@ -261,7 +225,7 @@ jobs: -v ${GITHUB_WORKSPACE}:/mnt/ais:ro \ -v ${{ env.AIS_MOUNT_PATH }}:/mnt/ais-fs \ --name ${AIS_CONTAINER_NAME} \ - ${AIS_CI_DEV_IMAGE} + ${{ inputs.ci_image }} - name: Make copy of the code repository and create build directories run: | docker exec \ @@ -318,7 +282,6 @@ jobs: docker stop ${AIS_CONTAINER_NAME} compile_on_NVIDIA: runs-on: [ubuntu-24.04] - needs: build_AIS_image strategy: fail-fast: false matrix: @@ -353,7 +316,7 @@ jobs: -v ${GITHUB_WORKSPACE}:/mnt/ais:ro \ -v ${{ env.AIS_MOUNT_PATH }}:/mnt/ais-fs \ --name ${AIS_CONTAINER_NAME} \ - ${AIS_CI_DEV_IMAGE} + ${{ inputs.ci_image }} - name: Make copy of the code repository and create build directories run: | docker exec \ diff --git a/.github/workflows/build_ais_ci_image.yml b/.github/workflows/build_ais_ci_image.yml new file mode 100644 index 00000000..a58d7445 --- /dev/null +++ b/.github/workflows/build_ais_ci_image.yml @@ -0,0 +1,69 @@ +name: AIS_build_CI_image +run-name: Build the Docker image for AIS CI. +env: + AIS_DOCKER_REGISTRY: ghcr.io/rocm/hipfile + AIS_PR_BASE_URL: https://github.com/ROCm/hipFile/pull +on: + workflow_call: + inputs: + platform: + required: true + type: string + outputs: + new_ci_image: + description: The full name & tag of the newly built image. + value: ${{ jobs.build_AIS_image.outputs.new_ci_image}} + image_tag: + description: "Temporary: Just the tag of the new image." + value: ${{ jobs.build_AIS_image.outputs.image_tag }} +permissions: + contents: read + packages: write +jobs: + build_AIS_image: + env: + AIS_CI_IMAGE_NAME: ais_ci_${{ inputs.platform }} + runs-on: [ubuntu-24.04] + container: docker:28.5 + outputs: + new_ci_image: ${{ steps.ci-image.outputs.AIS_CI_IMAGE }} + image_tag: ${{ steps.ci-image.outputs.AIS_CI_IMAGE_TAG }} + # image_tag is a bit hacky. GitHub does not support separating outputs + # from a workflow run in a matrix. The last workflow to run will set the + # output value. `image_tag` is constant across matrix jobs so this is fine. + steps: + - name: Set CI environment variables + run: | + echo "AIS_CI_IMAGE_TAG=$(echo ${{ github.ref }} | sed 's|[^a-zA-Z0-9]|-|g')" >> "${GITHUB_ENV}" + echo "AIS_PR_NUMBER=$(echo ${{ github.ref }} | sed 's|[^0-9]||g')" >> "${GITHUB_ENV}" + - name: Set target AIS CI Image + id: ci-image + run: | + echo "AIS_CI_IMAGE_TAG=${AIS_CI_IMAGE_TAG}" >> ${GITHUB_OUTPUT} + echo "AIS_CI_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME}}:${AIS_CI_IMAGE_TAG}" \ + >> "${GITHUB_OUTPUT}" + - name: Fetching code repository... + uses: actions/checkout@v5 + - name: Authenticating to GitHub Container Registry. + uses: docker/login-action@v3.6.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Setup Docker Builder + uses: docker/setup-buildx-action@v3.11.1 + with: + name: ais-builder + driver: docker-container + cache-binary: false # True uses the GHA Cache Backend. + - name: Build base image for AIS CI + run: | + docker buildx build \ + -f ${GITHUB_WORKSPACE}/util/docker/DOCKERFILE.${{ env.AIS_CI_IMAGE_NAME }} \ + --label "org.opencontainers.image.description= \ + ${{ env.AIS_CI_IMAGE_NAME }} Development Image for AIS CI using branch \ + ${{ github.head_ref }} for PR #${AIS_PR_NUMBER}. \ + PR URL: ${{ env.AIS_PR_BASE_URL }}/${AIS_PR_NUMBER}" \ + --push \ + -t ${{ steps.ci-image.outputs.AIS_CI_IMAGE }} \ + ${GITHUB_WORKSPACE} diff --git a/util/files-changed.sh b/util/files-changed.sh new file mode 100755 index 00000000..5115fac1 --- /dev/null +++ b/util/files-changed.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash +# Copyright (c) Advanced Micro Devices, Inc. All rights reserved. +# +# SPDX-License-Identifier: MIT + +# CI Script +# ./files-changed.sh BASE_REF HEAD_REF PATTERN +# Prints 0 if no matching files have changed +# Prints 1 if at least 1 matched file has changed. + +set -eo pipefail + +BASE_REF=$1 +HEAD_REF=$2 +CHECK_PATTERN=$3 +FILES_CHANGED=0 + +changed_files=() +if ! diff_output="$(git diff --name-only ${BASE_REF} ${HEAD_REF})"; then + echo ${diff_output} + exit 1 +fi +mapfile -t changed_files <<< "${diff_output}" + +for changed_file in "${changed_files[@]}"; do + if [[ "${changed_file}" == ${CHECK_PATTERN} ]]; then + FILES_CHANGED=1 + fi +done + +printf '%s' ${FILES_CHANGED} +exit 0 \ No newline at end of file From 30b495bac78202bf465257a2d73c90f456fd6bb0 Mon Sep 17 00:00:00 2001 From: Riley Dixon Date: Wed, 12 Nov 2025 17:12:33 -0700 Subject: [PATCH 2/7] Change matrix strategy to apply to entire workflow. --- .github/workflows/ais_ci.yml | 51 ++++++------------------ .github/workflows/build_ais_ci_image.yml | 6 +-- .github/workflows/root_ci.yml | 33 +++++++++++++++ 3 files changed, 46 insertions(+), 44 deletions(-) create mode 100644 .github/workflows/root_ci.yml diff --git a/.github/workflows/ais_ci.yml b/.github/workflows/ais_ci.yml index 9536340f..7114c36f 100644 --- a/.github/workflows/ais_ci.yml +++ b/.github/workflows/ais_ci.yml @@ -1,17 +1,14 @@ name: AIS_CI -run-name: Kicks off several AIS CI workflows for various platforms. +run-name: Main CI workflow to coordinate jobs for a single platform. on: - pull_request: - types: [opened, synchronize, reopened] # Defaults - paths-ignore: - - '**.md' - - '.github/CODEOWNERS' + workflow_call: + inputs: + platform: + required: true + type: string permissions: contents: read packages: read -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true jobs: AIS_CI_Pre-check: outputs: @@ -29,19 +26,12 @@ jobs: build_AIS_CI_image: if: ${{ needs.AIS_CI_Pre-check.outputs.changed_dockerfile == '1' }} needs: AIS_CI_Pre-check - strategy: - fail-fast: false - matrix: - supported_platforms: - - rocky - - suse - - ubuntu permissions: contents: read packages: write uses: ./.github/workflows/build_ais_ci_image.yml with: - platform: ${{ matrix.supported_platforms }} + platform: ${{ inputs.platform }} AIS_CI: # Run after build_AIS_CI_image but only if build_AIS_CI_image passed or was skipped. # always() check needed otherwise success() implicitly added. @@ -57,30 +47,13 @@ jobs: ) }} needs: [AIS_CI_Pre-check, build_AIS_CI_image] - strategy: - fail-fast: false - matrix: - supported_platforms: - - ubuntu - - rocky - - suse uses: ./.github/workflows/build_ais.yml with: - # Use the new CI image if it was built. Otherwise, use the default image. - # Note: The image tag is being used instead of the full image:tag name - # due to a limitation in GitHub for providing outputs from - # jobs run within a matrix. The image tag used here is constant - # across platforms, so it at least works for this situation. + # If Dockerfile changed, use the new CI image. Otherwise, use 'latest'. ci_image: >- ${{ - format( - 'ghcr.io/rocm/hipfile/ais_ci_{0}:{1}', - matrix.supported_platforms, - ( - needs.AIS_CI_Pre-check.outputs.changed_dockerfile == '1' && - needs.build_AIS_CI_image.outputs.image_tag || - 'latest' - ) - ) + needs.AIS_CI_Pre-check.outputs.changed_dockerfile == '1' && + needs.build_AIS_CI_image.outputs.ci_image || + format('ghcr.io/rocm/hipfile/ais_ci_{0}:latest', inputs.platform) }} - platform: ${{matrix.supported_platforms}} + platform: ${{ inputs.platform }} diff --git a/.github/workflows/build_ais_ci_image.yml b/.github/workflows/build_ais_ci_image.yml index a58d7445..340e0fc6 100644 --- a/.github/workflows/build_ais_ci_image.yml +++ b/.github/workflows/build_ais_ci_image.yml @@ -10,12 +10,9 @@ on: required: true type: string outputs: - new_ci_image: + ci_image: description: The full name & tag of the newly built image. value: ${{ jobs.build_AIS_image.outputs.new_ci_image}} - image_tag: - description: "Temporary: Just the tag of the new image." - value: ${{ jobs.build_AIS_image.outputs.image_tag }} permissions: contents: read packages: write @@ -39,7 +36,6 @@ jobs: - name: Set target AIS CI Image id: ci-image run: | - echo "AIS_CI_IMAGE_TAG=${AIS_CI_IMAGE_TAG}" >> ${GITHUB_OUTPUT} echo "AIS_CI_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME}}:${AIS_CI_IMAGE_TAG}" \ >> "${GITHUB_OUTPUT}" - name: Fetching code repository... diff --git a/.github/workflows/root_ci.yml b/.github/workflows/root_ci.yml new file mode 100644 index 00000000..76ac5754 --- /dev/null +++ b/.github/workflows/root_ci.yml @@ -0,0 +1,33 @@ +name: AIS_CI +run-name: Kicks off several AIS CI workflows for various platforms. + +# In particular, this root workflow's only purpose is to allow +# us to put our entire CI in a matrix. It has the added benefit +# of not needing to specify our supported_platforms in multiple +# locations. +# We can consider moving the Pre-Checks here and passing them into +# the CI as an input. +on: + pull_request: + types: [opened, synchronize, reopened] # Defaults + paths-ignore: + - '**.md' + - '.github/CODEOWNERS' +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true +permissions: + contents: read + packages: write +jobs: + AIS_CI: + strategy: + fail-fast: false + matrix: + supported_platforms: + - rocky + - suse + - ubuntu + uses: ./.github/workflows/ais_ci.yml + with: + platform: ${{ matrix.supported_platforms }} From c91651aedfaff964d0d31b1ee035ba23e4a279fa Mon Sep 17 00:00:00 2001 From: Riley Dixon Date: Wed, 12 Nov 2025 17:46:24 -0700 Subject: [PATCH 3/7] Drop un-used CI variables. --- .github/workflows/build_ais.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/.github/workflows/build_ais.yml b/.github/workflows/build_ais.yml index 80f2ffb2..c6d8d335 100644 --- a/.github/workflows/build_ais.yml +++ b/.github/workflows/build_ais.yml @@ -2,9 +2,6 @@ name: AIS # Mono-workflow - May be advantageous to split up run-name: Build, Test, and Analyze AIS env: AIS_MOUNT_PATH: /mnt/ais/ext4 - AIS_DOCKER_REGISTRY: ghcr.io/rocm/hipfile - AIS_CI_IMAGE_NAME: ais_ci_${{inputs.platform}} - AIS_PR_BASE_URL: https://github.com/ROCm/hipFile/pull on: workflow_call: inputs: @@ -25,8 +22,6 @@ jobs: run: echo "AIS_PR_NUMBER=$(echo ${{ github.ref }} | sed 's|[^0-9]||g')" >> "$GITHUB_ENV" - name: Set AIS CI image environment variables run: | - echo "AIS_CI_DEV_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}_dev:$(echo ${{ github.ref }} \ - | sed 's|[^a-zA-Z0-9]|-|g')" >> "$GITHUB_ENV" echo "AIS_CONTAINER_NAME=${AIS_PR_NUMBER}_${{ github.job }}_${{inputs.platform}}" >> "$GITHUB_ENV" - name: Fetching code repository... uses: actions/checkout@v5 @@ -134,8 +129,6 @@ jobs: run: echo "AIS_PR_NUMBER=$(echo ${{ github.ref }} | sed 's|[^0-9]||g')" >> "$GITHUB_ENV" - name: Set AIS CI image environment variables run: | - echo "AIS_CI_DEV_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}_dev:$(echo ${{ github.ref }} \ - | sed 's|[^a-zA-Z0-9]|-|g')" >> "$GITHUB_ENV" echo "AIS_CONTAINER_NAME=${AIS_PR_NUMBER}_${{ github.job }}_${{inputs.platform}}" >> "$GITHUB_ENV" - name: Fetching code repository... uses: actions/checkout@v5 @@ -199,8 +192,6 @@ jobs: run: echo "AIS_PR_NUMBER=$(echo ${{ github.ref }} | sed 's|[^0-9]||g')" >> "$GITHUB_ENV" - name: Set AIS CI image environment variables run: | - echo "AIS_CI_DEV_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}_dev:$(echo ${{ github.ref }} \ - | sed 's|[^a-zA-Z0-9]|-|g')" >> "$GITHUB_ENV" echo "AIS_CONTAINER_NAME=${AIS_PR_NUMBER}_${{ github.job }}_${{inputs.platform}}_nvidia" >> "$GITHUB_ENV" - name: Fetching code repository... uses: actions/checkout@v5 @@ -293,8 +284,6 @@ jobs: run: echo "AIS_PR_NUMBER=$(echo ${{ github.ref }} | sed 's|[^0-9]||g')" >> "$GITHUB_ENV" - name: Set AIS CI image environment variables run: | - echo "AIS_CI_DEV_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME }}_dev:$(echo ${{ github.ref }} \ - | sed 's|[^a-zA-Z0-9]|-|g')" >> "$GITHUB_ENV" echo "AIS_CONTAINER_NAME=${AIS_PR_NUMBER}_${{ github.job }}_${{inputs.platform}}_nvidia" >> "$GITHUB_ENV" - name: Fetching code repository... uses: actions/checkout@v5 From d40934ce0ccc42824654870e28ba3b42131da7db Mon Sep 17 00:00:00 2001 From: Riley Dixon Date: Wed, 12 Nov 2025 17:54:36 -0700 Subject: [PATCH 4/7] Add caching to PR-image only. This cache will only be used by the same PR if it gets updated for whatever reason. This way people won't be sad if a particular distro takes 20 minutes to download packages for if they need to change the PR. Intentionally not caching from 'latest' to have a relatively up-to-date image. Open to discuss about this. --- .github/workflows/build_ais_ci_image.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build_ais_ci_image.yml b/.github/workflows/build_ais_ci_image.yml index 340e0fc6..241906b7 100644 --- a/.github/workflows/build_ais_ci_image.yml +++ b/.github/workflows/build_ais_ci_image.yml @@ -60,6 +60,8 @@ jobs: ${{ env.AIS_CI_IMAGE_NAME }} Development Image for AIS CI using branch \ ${{ github.head_ref }} for PR #${AIS_PR_NUMBER}. \ PR URL: ${{ env.AIS_PR_BASE_URL }}/${AIS_PR_NUMBER}" \ + --build-arg BUILDKIT_INLINE_CACHE=1 \ + --cache-from=type=registry,ref=${{ steps.ci-image.outputs.AIS_CI_IMAGE }} \ --push \ -t ${{ steps.ci-image.outputs.AIS_CI_IMAGE }} \ ${GITHUB_WORKSPACE} From 69993d9f170688e1a13382a10325865593bf2664 Mon Sep 17 00:00:00 2001 From: Riley Dixon Date: Wed, 12 Nov 2025 19:31:41 -0700 Subject: [PATCH 5/7] CI: Add post-merge workflow to update latest CI image. This will keep our CI image up-to-date, even if we aren't making any changes to the Dockerfile. This will only run if a PR has been accepted and merged. --- .github/workflows/update_ais_ci_image.yml | 59 +++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 .github/workflows/update_ais_ci_image.yml diff --git a/.github/workflows/update_ais_ci_image.yml b/.github/workflows/update_ais_ci_image.yml new file mode 100644 index 00000000..051b4648 --- /dev/null +++ b/.github/workflows/update_ais_ci_image.yml @@ -0,0 +1,59 @@ +name: update_AIS_CI +run-name: Update latest CI image +on: + pull_request_target: # A.K.A. This is a privileged action. See `pull_request`. + types: + - closed # CAUTION: Includes un-merged PR's. + branches: + - develop + workflow_dispatch: + # Requires write access to trigger. + +permissions: + contents: read + packages: write +jobs: + update_AIS_CI_image: + env: + AIS_DOCKER_REGISTRY: ghcr.io/rocm/hipfile + AIS_CI_IMAGE_NAME: ais_ci_${{ matrix.supported_platforms }} + if: ${{ github.event.pull_request.merged == true }} + runs-on: [ubuntu-24.04] + container: docker:28.5 + strategy: + matrix: + supported_platforms: + - rocky + - suse + - ubuntu + steps: + - name: Fetching code repository... + uses: actions/checkout@v5 + - name: Authenticating to GitHub Container Registry. + uses: docker/login-action@v3.6.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set target AIS CI Image + id: ci-image + run: | + echo "AIS_CI_IMAGE=${{ env.AIS_DOCKER_REGISTRY }}/${{ env.AIS_CI_IMAGE_NAME}}:latest" \ + >> "${GITHUB_OUTPUT}" + - name: Setup Docker Builder + uses: docker/setup-buildx-action@v3.11.1 + with: + name: ais-builder + driver: docker-container + cache-binary: false # True uses the GHA Cache Backend. + # We won't use the cache from the previous image. + # This lets us semi-regularly pull in package updates automatically. + - name: Build & Push latest image for AIS CI + run: | + docker buildx build \ + -f ${GITHUB_WORKSPACE}/util/docker/DOCKERFILE.${{ env.AIS_CI_IMAGE_NAME }} \ + --label "org.opencontainers.image.description= \ + Latest AIS CI Image for ${{ matrix.supported_platforms }}." \ + --push \ + -t ${{ steps.ci-image.outputs.AIS_CI_IMAGE }} \ + ${GITHUB_WORKSPACE} \ No newline at end of file From 0a121663ba2294c1486bb2d0652792b011a90051 Mon Sep 17 00:00:00 2001 From: Riley Dixon Date: Thu, 13 Nov 2025 10:07:14 -0700 Subject: [PATCH 6/7] Rename CI filenames to use dashes. --- .github/workflows/{ais_ci.yml => ais-ci.yml} | 4 ++-- .../{build_ais_ci_image.yml => build-ais-ci-image.yml} | 0 .github/workflows/{build_ais.yml => build-ais.yml} | 0 .github/workflows/{root_ci.yml => root-ci.yml} | 2 +- .../{update_ais_ci_image.yml => update-ais-ci-image.yml} | 0 5 files changed, 3 insertions(+), 3 deletions(-) rename .github/workflows/{ais_ci.yml => ais-ci.yml} (95%) rename .github/workflows/{build_ais_ci_image.yml => build-ais-ci-image.yml} (100%) rename .github/workflows/{build_ais.yml => build-ais.yml} (100%) rename .github/workflows/{root_ci.yml => root-ci.yml} (95%) rename .github/workflows/{update_ais_ci_image.yml => update-ais-ci-image.yml} (100%) diff --git a/.github/workflows/ais_ci.yml b/.github/workflows/ais-ci.yml similarity index 95% rename from .github/workflows/ais_ci.yml rename to .github/workflows/ais-ci.yml index 7114c36f..73bce12c 100644 --- a/.github/workflows/ais_ci.yml +++ b/.github/workflows/ais-ci.yml @@ -29,7 +29,7 @@ jobs: permissions: contents: read packages: write - uses: ./.github/workflows/build_ais_ci_image.yml + uses: ./.github/workflows/build-ais-ci-image.yml with: platform: ${{ inputs.platform }} AIS_CI: @@ -47,7 +47,7 @@ jobs: ) }} needs: [AIS_CI_Pre-check, build_AIS_CI_image] - uses: ./.github/workflows/build_ais.yml + uses: ./.github/workflows/build-ais.yml with: # If Dockerfile changed, use the new CI image. Otherwise, use 'latest'. ci_image: >- diff --git a/.github/workflows/build_ais_ci_image.yml b/.github/workflows/build-ais-ci-image.yml similarity index 100% rename from .github/workflows/build_ais_ci_image.yml rename to .github/workflows/build-ais-ci-image.yml diff --git a/.github/workflows/build_ais.yml b/.github/workflows/build-ais.yml similarity index 100% rename from .github/workflows/build_ais.yml rename to .github/workflows/build-ais.yml diff --git a/.github/workflows/root_ci.yml b/.github/workflows/root-ci.yml similarity index 95% rename from .github/workflows/root_ci.yml rename to .github/workflows/root-ci.yml index 76ac5754..619485d8 100644 --- a/.github/workflows/root_ci.yml +++ b/.github/workflows/root-ci.yml @@ -28,6 +28,6 @@ jobs: - rocky - suse - ubuntu - uses: ./.github/workflows/ais_ci.yml + uses: ./.github/workflows/ais-ci.yml with: platform: ${{ matrix.supported_platforms }} diff --git a/.github/workflows/update_ais_ci_image.yml b/.github/workflows/update-ais-ci-image.yml similarity index 100% rename from .github/workflows/update_ais_ci_image.yml rename to .github/workflows/update-ais-ci-image.yml From 07099ec367ada53cdb153a1a3247e70c59d5a88d Mon Sep 17 00:00:00 2001 From: Riley Dixon Date: Thu, 13 Nov 2025 12:03:03 -0700 Subject: [PATCH 7/7] Try to make Check names more concise. --- .github/workflows/ais-ci.yml | 2 +- .github/workflows/build-ais-ci-image.yml | 2 +- .github/workflows/build-ais.yml | 2 +- .github/workflows/root-ci.yml | 2 +- .github/workflows/update-ais-ci-image.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ais-ci.yml b/.github/workflows/ais-ci.yml index 73bce12c..f58a5186 100644 --- a/.github/workflows/ais-ci.yml +++ b/.github/workflows/ais-ci.yml @@ -32,7 +32,7 @@ jobs: uses: ./.github/workflows/build-ais-ci-image.yml with: platform: ${{ inputs.platform }} - AIS_CI: + build_and_test: # Run after build_AIS_CI_image but only if build_AIS_CI_image passed or was skipped. # always() check needed otherwise success() implicitly added. if: >- diff --git a/.github/workflows/build-ais-ci-image.yml b/.github/workflows/build-ais-ci-image.yml index 241906b7..08a84203 100644 --- a/.github/workflows/build-ais-ci-image.yml +++ b/.github/workflows/build-ais-ci-image.yml @@ -1,4 +1,4 @@ -name: AIS_build_CI_image +name: new_CI_image run-name: Build the Docker image for AIS CI. env: AIS_DOCKER_REGISTRY: ghcr.io/rocm/hipfile diff --git a/.github/workflows/build-ais.yml b/.github/workflows/build-ais.yml index c6d8d335..36cb95e5 100644 --- a/.github/workflows/build-ais.yml +++ b/.github/workflows/build-ais.yml @@ -1,4 +1,4 @@ -name: AIS # Mono-workflow - May be advantageous to split up +name: build_and_test # Mono-workflow - May be advantageous to split up run-name: Build, Test, and Analyze AIS env: AIS_MOUNT_PATH: /mnt/ais/ext4 diff --git a/.github/workflows/root-ci.yml b/.github/workflows/root-ci.yml index 619485d8..202d77ce 100644 --- a/.github/workflows/root-ci.yml +++ b/.github/workflows/root-ci.yml @@ -1,4 +1,4 @@ -name: AIS_CI +name: CI run-name: Kicks off several AIS CI workflows for various platforms. # In particular, this root workflow's only purpose is to allow diff --git a/.github/workflows/update-ais-ci-image.yml b/.github/workflows/update-ais-ci-image.yml index 051b4648..c75237a8 100644 --- a/.github/workflows/update-ais-ci-image.yml +++ b/.github/workflows/update-ais-ci-image.yml @@ -1,4 +1,4 @@ -name: update_AIS_CI +name: update_CI_image run-name: Update latest CI image on: pull_request_target: # A.K.A. This is a privileged action. See `pull_request`.